Messenger pop-up...???

[gotcrx]

I had a terrible malware infection so I erased my harddrive and just installed Windows xp again. (I used system suite 7 to erase the hard drive) Anyhow I keep getting this popup....

Messenger Service

Message from local system to user on 1/2/2009...
Critical Error message! - Registry Damaged and Corrupted
To fix this problem:
Open internet explorer and type: www.registrycleanerxp.com
Once you load the web page, close this message window

After you install the cleaner program you will not receive any more reminders or pup ups like this.

Visit registycleanerxp.com IMMEDIATELY!

.......................................................

I have a feeling that this is not an actual windows popup...anyone have any suggestions for me? I erased MSN messenger thinking that would fix this...but it hasnt....

Any input would greatly be appreciated.

 

[LookinAround]

I'm not familiar with system suite or how u did your reinstall/where the install source was from and what you've been doing on your computer since .. but, yes, your infected. There's a number of people on this board who will review a Hijack This log after you've run it. Help you get rid of the infections.

 

[Mekaonija]

Hello,

I'm sure posting a highjackthis log could help us find a solution to your problem, please go here. This Is for Viruses/Spyware/Malware, preliminary removal instructions and if you scroll down to step #4 you can download HighJackThis, follow the steps #4 and #5 then run highjackthis and save a log, let it finish then do not do anything else, just close it afterward and post your log. Its usualy saved in the C:\Program Files\TrendMicro\HijackThis folder.

You could also go and do all the steps in that topic if you want to see if it helps while you wait ;d

 

[gotcrx]

Heres my hijck this log. Thanks a ton for the advise... I just dont understand how it can already be infected... i completely erased and have not added any of my old files back....

 

[Mekaonija]

Ehe, well I'm not really a pro at this stuff yet but the only thing I see that would cause pop ups is wpabaln.exe but thats from microsoft about registering windows XP buahaha.

By any chance did you not rename highjackthis correctly?
your log is showing that this is the name C:\Program Files\HijackThis\HijackThis.exe

HijackThis.exe should be renamed to "Crusty.exe" because some malware can hide from HijackThis.exe.

So make sure its installed like this ;D

C:\Program Files\Trend Micro\HijackThis\Crusty.exe

Not like this

C:\Program Files\HijackThis\HijackThis.exe

 

[gotcrx]

I did change the name...but after I ran a scan. So I ran another one...heres another log.

Thanks!!!!

 

[LookinAround]

i'm not a hijack this expert.. but just looking at the startup i'm leery of HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background.

I'd install Mike Lin's Startup Control Panel (just google it), install then open in your control panel, then disable the run entry. though a hijack person may have a different answer...

 

[gotcrx]

alright..ill do that.. any other suggestions out there?

 

[LookinAround]

Also, see this notice about spam via Messenger. I recall the issue was a few years back

 

[LookinAround]

And, in fact, just do the disable using the method in the MS link i gave you.

Mike Lins Startup Control Panel is still worth installing/being familiar with as can be helpful.

 

[gotcrx]

ok I disabled messenger service... anymore suggestions?

 

[LookinAround]

Actually, i went and took a second look at the message you posted... it;s a pretty much 100% match to the spam problem in the bulletin.

Almost certain that was your problem. Do you run a firewall? If not, you should start doing that as well.

 

[gotcrx]

Well i restarted and the popup seems to be gone! I cant thank you enough. I really appreciate that people are willing to help on this web site!

 

[LookinAround]

well, stay an active member.. and sometime in the future when you see a post where you think you can help.. jump right in!

 

[gotcrx]

Ill do that...any suggestions on a good firewall to use and where to get it? I have Norton that I can install...but Ive been told its worthless....

 

[Mekaonija]

Antivirus

AVG Antivirus First Choice

Or

Avast Antivirus

FireWall


Comodo Firewall First Choice

Or

Zonealarm Firewall

And CCleaner is also nice to have around.