Few weeks ago i got a meesage from WINDOWS MESSENGER that my registry need 2 b repaired.
[B]wat r the tools available?
how 2 run those?
Wat happens when ur registry is broken/corrupted?
Will formatting the drive or system help solve the problem?[/B]
hmm there are many tools like
error repair pro.
registry mechanic.
system mechanic.
tune up utilities..and all..
but most of them are paid softwares..or trial..
IMO the best thing to do is ,backup all u r data,settings and all..and do a clean install of WIN XP .by formatting the partition..
i dont think windows messenger gives out such messages. u might be mistaken.
do u still get such messages during booting xp or only when u connect to the net?
That is a virus.
Read about the messenger exploit, use google search.
If not a virus you can use registry mechanic and Tuneup Utilities 2007 for a quick scan of the registry.
+1
most of the registry repair tools do more harm than good. many app will start behaving strange after the “repair”.
thanx all!!!
do u still get such messages during booting xp or only when u connect to the net?
only when i connect to the internet.
if u get messages only when u connect to the net then its a windows messenger exploit like @sangram said. u need to put a good firewall in ur pc to stop these things. get windows defender (anti spyware) or use comodo firewall.
and no need to format ur pc. its working fine imo.
oh btw u didn’t tell us what os ur using. it would help ppl here to pinpoint the trouble.
download Hijack this from here and post the log file here.
u need to put a good firewall in ur pc
..then my p2p n torrent wouldnt work properly.
oh btw u didn’t tell us what os ur using
Windows XP-home
download Hijack this from here and post the log file here.
Please use Google!!!
i did,but this forum provides personal advise which google doesnt.
repped ya
try crap cleaner or auslogics reg defragger
download Hijack this from here and post the log file here.
He told you to download and install the software. After running it would create a log file. Then post the same.
However you can try Webroot spy sweeper pro for a thorough cleaning of your system. It works great.
the logfile -
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:58:34 PM, on 9/6/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
H:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
H:\WINDOWS\System32\igfxtray.exe
H:\WINDOWS\System32\hkcmd.exe
H:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
H:\PROGRA~1\Grisoft\AVG7\avgcc.exe
H:\PROGRA~1\Grisoft\AVG7\avgemc.exe
H:\Program Files\Winamp\Winampa.exe
H:\WINDOWS\System32\urdvxc.exe
H:\Program Files\Save\Save.exe
H:\WINDOWS\system32\NOTEPAD.EXE
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.downloadaccelerator.com/DAPFinishInstall.asp?V=5.0.0.0
O2 - BHO: DAPBHO Class - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - H:\Program Files\DAP\DAPIEBar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - H:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - H:\WINDOWS\System32\msdxm.ocx
O4 - HKLM..\Run: [IgfxTray] H:\WINDOWS\System32\igfxtray.exe
O4 - HKLM..\Run: [HotKeysCmds] H:\WINDOWS\System32\hkcmd.exe
O4 - HKLM..\Run: [!AVG Anti-Spyware] “H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized
O4 - HKLM..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM..\Run: [WinampAgent] “H:\Program Files\Winamp\Winampa.exe”
O4 - HKLM..\Run: [BearShare] “H:\Program Files\BearShare\BearShare.exe” /pause
O4 - HKLM..\Run: [googletalk] H:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU..\Run: [MSMSGS] “H:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU..\Run: [WhenUSave] “H:\Program Files\Save\Save.exe”
O4 - HKUS\S-1-5-19..\Run: [AVG7_Run] H:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ‘?’)
O4 - HKUS\S-1-5-20..\Run: [AVG7_Run] H:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ‘?’)
O4 - HKUS\S-1-5-21-1123561945-1060284298-725345543-1003..\Run: [MSMSGS] “H:\Program Files\Messenger\msmsgs.exe” /background (User ‘?’)
O4 - HKUS\S-1-5-18..\Run: [AVG7_Run] H:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ‘?’)
O4 - HKUS.DEFAULT..\Run: [AVG7_Run] H:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ‘Default user’)
O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download with &DAP - H:\PROGRA~1\DAP\dapextie.htm
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - H:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O17 - HKLM\System\CCS\Services\Tcpip..{E0BC12E4-47BC-4282-A49F-FE05FF9AF013}:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Distributed Allocated Memory Unit - Unknown owner - H:\WINDOWS\system32\dllcache\mravsc32.exe (file missing)
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - H:\WINDOWS\System32\urdvxc.exe
–
End of file - 4747 bytes
which setteing should i select here?..how 2 fix scans?
http://img189.imagevenue.com/loc167/th_00011_3_122_167lo.JPG
You could always turn off the messenger service in windows, i used to get wierd messages like that and have not seen one in years.
O23 - Service: Distributed Allocated Memory Unit - Unknown owner - H:\WINDOWS\system32\dllcache\mravsc32.exe (file missing)
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - H:\WINDOWS\System32\urdvxc.exe
these two r suspect.
search on google confirms the second one to be a trojan/malware.
link:urdvxc.exe - Program Information
i suggest u download a good av like nod32 to remove this or use adaware-se to rid ur comp of such pests and bugs!
@6pack
i scanned the pc with updated avg premium version
i got 300+ number of **worm allaple.b **viruses!!!
details - WORM_ALLAPLE.B - Description and solution
i have deleted all the viruses,but in the next scan they’ll again appear.
they r placed mainly in temp internet files.
I think i’ll have to do somethink with the registry as mentioned in the trendmicro website.
do these things @jumbo5
dowload the microsoft patch from here:
1.> Disable system restore in xp - right click on My Computer icon on desktop> Properties > System Restore tab > check the box next to “disable system restore”.
2.> restart ur pc.
3.>login to safe mode by pressing the F8 key before the xp loading screen comes up. u’ll get options to boot into safe mode.
4.>in safe mode run the avg scan - it should remove all the viruses.
5.> get a good free firewall like comodo dude! all this trouble will be stopped at the door itself.