Is "Messenger" a virus?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I am running Win2k, sp4.  Lately, i've been getting messages saying
that i have 55 registry errors, and to go download software that will
get rid of the errors.  I have another registry checking tool and it
identified only 2 errors, and zapped both of those, yet i still get the
55 error msg.  I used Kaspersky online virus scanning, and identified 2
files which are in the system32 folder.  I tried to delete them, but
was given the old, "access denied" msg.  How do i delete those files?
One is called "Performance32.exe", the other is called "Stmb32.exe".

thanx for any help, in advance!


Re: Is "Messenger" a virus?

Try Geeks to go at www.geekstogo.com. The are a community of computer
experts that can help you through a variety of computer problems & it's a
free service. You will need to start an account, which is free also. If you
suspect you have a problem, you may have some joy with Geeks to go. I had a
nasty virus which I acquired last week, I posted a request for help on their
website & within a few hours I was getting email correspondence with some
excellent suggestions & schedule for the removal of the offending files &
retrieval of a perfectly working PC. There are many discussion forums on
their website, one of which may cover your problem, where a person may have
experience a similar computer problem to yours. You may get some info to fix
the problem yourself.

My 2 cents worth.


Angelo Sartore

Melbourne
AUSTRALIA

ADOPT, ADAPT, INVENT, DESTROY !


Quoted text here. Click to load it


Re: Is "Messenger" a virus?


| I am running Win2k, sp4.  Lately, i've been getting messages saying
| that i have 55 registry errors, and to go download software that will
| get rid of the errors.  I have another registry checking tool and it
| identified only 2 errors, and zapped both of those, yet i still get the
| 55 error msg.  I used Kaspersky online virus scanning, and identified 2
| files which are in the system32 folder.  I tried to delete them, but
| was given the old, "access denied" msg.  How do i delete those files?
| One is called "Performance32.exe", the other is called "Stmb32.exe".
|
| thanx for any help, in advance!

The question is is the Mesenger Service oer the Messenger program !

If the Pop-Up border has "Messenger Service" in it it is a Con Job sent via a
NetBIOS
Pop-Up.

This means you are not using a FireWall.  A simple NAT Router such as the
Linksys BEFSR41
will block this kind con/spam.  As always I suggest specifically blocking both
TCP and UDP
ports 135 ~ 139 and 445 on any SOHO router.  If you don't have a FireWall
application and/or
use a NAT Router than other protocols can be exploited.

You should also disable the "Messenger Service"
Go to;  Start -- Run
Enter;  services.msc
Hit the enter key.


Go through the list and find "Messenger".  Double-Click on;  Messenger
Stop the Service.
Then set the "Startup Type" to "Disabled".

You should have asked yourself "How did they know I have these problems ?"  and
should have
been wary.  However, it seems like you fell for the con and you downloaded a
file and
subsequentlu infected your computer.

What is the URL you were sent to and the file you were asked to download ?

In the mean time, you can use the following to help clean your Win2K PC...


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go
through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal
Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the
PC.

You can choose to go to each menu item and just download the needed files or you
can
download the files and perform a scan in Normal Mode. Once you have downloaded
the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode
[F8 key
during boot] and re-run the menu again and choose which scanner you want to run
in Safe
Mode.  It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive
PDF help
file.  http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * *   Please report back your results  * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline