fake error message on windows
On a Windows XP machine that has never been connected to the internet, the error dialog below was displayed. It has a modem to dial in to a centralized server to transfer data, but I don’t see how any other nefarious machines could contact it while that’s happening. In any case, the dialog appeared while the upload was taking place, so I’m inclined to believe there’s a correlation.
It’s clearly a bogus error message, (to prevent a wide system crash as opposed to a narrow one?) but to the uninitiated, it could be quite believable. I’d like to figure out how it appeared and how to stop it from appearing. As I’m writing this, I realized that I haven’t turned off the Windows Messaging Service, which may solve the problem. Next time I’m on the computer I’ll check it out, but I was curious to find out if anyone else has seen a similar error message. My guess would be that it’s somehow tied to the web site that’s mentioned (fixmyreg.com) because they could get quite a few visitors from it, but I wasn’t able to find any mention of their site on Google.
Any thoughts?
I always thought the Windows Messaging service looked more like a DOS window, black box, white writing. I could be thinking about the NetSend command though. Either way, it would seem to me that you would only get a message while connected. If you were not connected and getting pop up messages like this, it sounds nefariously like spy ware of some kind.
System errors from Microsoft shouldn’t reference a third party software manufacturer.
Yeah, that is adware. You need to disable the netsend function in windows. Search google and you should be able to find something on it.
One of the first things I’ve always done when installing a Windows system, is diable Windows Messaging. On my mom’s system, it was so bad that windows were popping up constantly whenever she was online. Friggin’ rediculous.
My advice… you shouldn’t’ve asked. Don’t use Windows. Stick with your pretty Linux or use my pretty Mac. 0=)
I would gladly not use Windows at all, but it’s not my machine so I can’t dictate that.
maybe it had something to do with the isp and an agreement with the company to send stuff adware.
i’m having the same problem.
But the message is different.
It’s telling me that my windows registry has been corrupted.
i googled for that doman (fixmyreg.com) and your site is all that returned.
Whatever it is, I believe it’s causing data cd burning problems with Nero Express. I keep getting Cyclic Redundancy Errors and my files are corrupting left and right.
I don’t want to visit that site, cos I’m afraid that it will lead to more trouble.
Anyone have a solution?
i’m running tests with ad-aware 6 and spy-bot now.
will let you know if anything comes of it.
Same deal.
No idea how to stop it.
I started getting that crap May 15th. Looks like a new nuisance on the matrix. I’m hoping Lavasoft might eventually detect it and kill it. Just keep updating all of your anti-virus. (“All” meaning ideally we should all have a chock full of anti-virus software installed.. don’t rely on just one.) I’m a big fan of Lavasoft’s Ad-Aware SE (Sweden) you can download from cnet
http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10319876.html?tag=lst-0-2
http://www.lavasoft.com/
I have the same as post #7 … and it’s definitely new.. i ran everything to get it out .. hijack this doesn’t show it but on a system scan it hesitates running the app “windows NT” services. AVG PRO finds nothing except it cant open any file related to NT services. I lost at least 1 HD ( the other side of a partition to my c: twice). Peerguardian shows me trying to connect to a few nasty sites too, including DOS attacking the US DOD, and HP. Also it tries to connect to Henan province network, Bejing network .. maybe phoning home..
If it can corrupt files on other drive letters ..is hiding in the setup files. My HD is maxtor, whose site was down last night. I going for the low level format now..
Or.. maybe its wiped out and this is just the messenger service but Josh getting corrupted files makes me wonder.
ideas?
These messages are a result of NetSend being on and no firewall in place. Just go into your Control Panel and Services – Then find Windows Messaging.
Double-click the line to open the dialog. Stop the service, then select “Disable” then click Ok to save.
This will stop these fake pop-ups from appearing.
Ad-aware works, but try a tiny little application called Hijackthis! Dan. It works like a beauty and basically it’s almost like editing the registry. All you have to do is run it, save the log, post it at forums like Wilder’s Security and let them help you out. Of course, equally you could just do it by yourself but it is suggested that you post at forums. I’ve found that it got rid of 100% of all my spyware and trojans and that sort of malware. Read the documentation carefully, taking a wrong turn with Hijackthis! is not a good thing.
I have been getting a bunch of crap trying to come in on 1026 and 1027, so i set up ethereal, and that message is what it is. Messaging was turned off, so the message never popped up, but looking through the packet showed the message you are talking about. An interesting note is that all of this traffic is coming from various machines in China!
Still trying to figure it all out though…
I remembered this kind of ‘pop ups’ from long ago…I couldn’t remember what port I closed to stop them though, so I just turned off Messenger…stops right away otherwise you’ll continue to get a variety of messages.
I don’t have messanger on my machine. I still get the pop up. It crashed my computer last night cause I had a tonne of them on my screen when I woke up this morning. Now I can’t send e-mail. No one gets my messages. I hate computers. And to all the people involved in the creation of all these stupid viruses I want to call you so many names but I’ll restrain to the use of evil chinse butthead.
i got a box just like that what is it?
Hell!Yeah!Big time problem!
Hi there
A couple of you mention switching off Windows Messenger or Messenger.
When I go into the Control Panel / Services, I can locate Messenger but not Windows Messenger. Is it Messenger that should be switched off?
Thanks……Brent
Brent: Yup, Messenger is it.
Have been having the same problem when online in multiplayer these pop-ups keep crashing my game, have done as suggested in #11 hope it works
all back to normal now thanks for the advice
ok, probably being stupid but where exactly is messenger in control panel? i can’t find it anywhere. i’ve run ad-aware for a few years now but in the last week i’ve started getting these extremely annoying popup messages. i get loads of different varieties but all based on the same theme as above.
do you have a filter on your comments?
groovypanda: If you’re using the control panel with categories, select ‘Performance and Maintenance’ first, then select Administrative Tools, then Services. That will display list of all the services and you can find the Messenger service, stop it, then right click and select properties and set it to ‘Disabled’.
whaleman: I don’t. Why do you ask?
just the one that was here earlier was interesting
Yeah, after I replied I saw it and figured that’s what you were referring to. Those come in here and there but I can usually delete them soon after they’re posted.
HI There been having same prob. But also some right stinking messages
as well.Anyone else have these messages? Will diabling the messenger solve this problem, too?
Julian: It’s worth a try.
I have been receiving this error message for a couple of days now. I recently had Windows re-installed on my machine and as soon as I hooked it up and turned on my DSL service it started prompting me w/ this error message and several others. All of them suggesting that I go to a certain website and download something. All the websites that it requests you go to have a something for sale. I have no idea how to get rid of it and it’s very annoying.
B.
Brad: Follow the steps I described in comment 24 to get rid of the popups.
k i turned off the messenger, hope that works. Thanx for posting info bout this problem.
B.
Glad I could help.
Again, thanks. How come the combined forces of windows security center and my mcafee antivirus can not only ignore these popups with their antivirus scans but also fail to spot these things when they seem to be affecting so many computers? By the way, has anyone else had any damage done to any programs? My system restore doesn’t seem to be working and I don’t know if it’s connected to this adware.
Liz
thank god i found you, every tech i spoke to thought i was nuts. mcafee teck said my ram was corrupt(?). hope this works ,it is driving me insane
Liz: I don’t think it was able to cause any damage other than the message popping up.
Rob: I haven’t seen the popup ever since I turned off the messenging service.
just to let you know turning off the service does work. had to go to administrative tools, then services for those of you who are as illiterate as me
thanks everyone i had the same problem. every time i went to use my computer i had to close about twenty of those messages. can’t control/alt/delete them all at the same time, had to close them one by one. i have just turned off messaging; hope it works.
Thanks everyone. This one was driving me nuts. Am I correct in understanding that there was no malware on my machine: that the adware was just sending alert messages to my IP address via the messenging service?
James: Yes. You don’t need to be infected because they can just sent the message to your IP address.
Thank you all very much (especially Dan for making it plain english) what a pain in the “R’s” that was becoming
Dot: My pleasure.
Thanks to all who have made suggestions. This problem was driving me nuts almost every two minutes – none of my checkers and rectifiers could rid me of it – whoopee!
Thank you for solving this problem, those messages were driving me insane!
Though I’m still wondering about one thing.
Will turning off windows messager also stop corrupting files or will it only stop the annoying messages?
I don’t know whether these messages are corrupting my files or not.
I even don’t know wheter they are able to or not.
I ran just about every anti-virus and anti-add/spy-ware I could find.
But some files on my pc keep corrupting…
Even reinstalling windows doesn’t work.
Does anyone know if this has something to do with these messages?
If not I’ll take it to another forum if I’m bothering you with my problem :P
Lotte: I’m glad it helped. The popup messages aren’t causing corrupt files, and if you’re sure you don’t have any viruses, then it’s possible that your hard drive is going bad.
Could be, the drive is quite a few years old now…
And that also would explain why only the files on this drive are corrupting.
Thanx a lot!
Ps great site!
Lotte: You’re welcome, and thanks for the compliment.
Is there a way to completely delete the Messenger program rather than just disabling it in Admin??
There may be, but I don’t know where it’s located and if there would be any side effects.
Top effort, that thing’s been driving me insane since a techy mate repaired my PC. He didn’t know what it was and I searched through all my live tasks, to no avail. But now you’ve sorted it.
Maybe now he’ll believe me when I say I didn’t get it by downloading p*rn as soon as I got my PC back!
Thanks for the info… i turned off the messenger service and stopped getting those irritating pop-up’s.
Hi there, I gotthe same problem but disabling the messenger in the control panel fix the problem, this crap don’t do damage to the system. try it, disable the messenger service and it’s gone
saludos from chile.
Night, Tech
Ummm, why hasn’t someone here mentioned SP2?
It blocks all popups.
I just installed SP2 a week ago, and never had this problem until then.
For me, it seems to have the additional effect of disabling Ctrl-Alt-Del after my machine goes to low-power mode. (The system resource meter appears in the tray, then about 30 others will pop up, but the task manager window never appears.)
I have updated versions of Norton2002, VShield, and AdAware, but none has detected anything. I’ll try disabling messenger tonight. Thanks to everyone who posted.
Very good information. Somehow, this seems to be tied with either the Windows Validation process or the Windows Update service. Microsoft really needs to look into that and see if someone is sipping IPs from their site.
Getting a good router with updated firmware, as well, should nullify the problem.
Thanks to all posters, especially dan, for helpful suggestions on this problem. It has been a pain in the a***e for several weeks until Google led me to this site. I think I have now stopped it! Brilliant!
oh thank you all for all the info… this thing has been driving me insane lately and i wasn’t sure if it was a virus or what.
though i do have a new twist on the subject… not sure if its the messages or what by my antivirus doesn’t run… i can run hijackthis!.. i can even open the darn symantec page… a friend told me she had a certain problem similar to this and it was a virus but she dosen’t remember how she cleared it up…
please help… are these messages causing this or is my computer just going wacko on me?
Thanks!! Dan It worked!
Many thanks for the advice, its nice to know there are people out there that can help!
I had this same problem on a notebook running windows 2000. After installing service pack 4 and running windows updates I used ad aware to hunt for the critter. With the latest defintions, ad aware reported only one minor spyware item, which i knew wasnt causing the pop ups. I turned to microsft’s ANTISPYWARE BETA (down load for free from microsoft.com 2k/xp only). Its search revieled a spyware called TIMESINK. Windows needed to restart to remove it propely, havent been bothered by those anoying pop ups since.
thanks for the help with the stupid windows messenger deal. What could be more annoying? Well, there’s a lot, but this one is gone now. thanks.
It is the “Messenger” service. If you turn it off and disable it via the “services” applet under “system” in the control panel, those messages will not pop up again. This utility was initially put into place by Microsoft to allow system administrators to send out a message to all users at once. (Something like “Please log off the server now because we have to do some file maintenence”) It’s a useful tool that eventually got hijacked by adware companies to increase their bottom line. If you’ve ALSO detected spyware, that’s a separate issue unrelated to the Messenger popups.
Another grateful reader here – in desperation I googled the site name it kept trying to send me to, and found your site. Many thanks – it’s been driving me nuts.
i am also getting the message like ur registery is corrupted .for repairing ur registery go to fixreg32.com . i am not understanding if really my registery is corrupted or some fake message it is .
Some fake message it is.
thank goodness i found u this was driving me insane
I’ve recently reinstalled WindowsXP and have been plagued by the fake pop-up messages saying that my registries were corrupted and suggesting that I go to various websites to fix or repair them. In my innocence, I went to one, ran their program and immediately learned that while they may scan for free, they will only repair for a FEE. Thanks to this forum — especially Dan up in comment #24 — I think I may have solved this annoying problem by disabling my MESSENGER. Thanks, Dan.
Thanks everyone for finding a solution to that problem.
Hey all! The solution on No.24 actually works. Try it for good. Go to Administrative Options in Control Panel and Right click on “Messenger”. And click “Stop”. It wont actually stop the Windows Messenger. The explanation appears when u click on the “Messenger” at the above location.
Cheers!
To get rid of these fake messages disabling the Messenger Service.
To remove the ability for anyone in the world to pop up messages on your computer, you can disable the Messenger service. Its easy to reverse at a later time if you wish to do so.
Windows 2000
1. Click Start-> Settings-> Control Panel-> Administrative Tools->Services
2. Scroll down and highlight “Messenger”
3. Right-click the highlighted line and choose Properties.
4. Click the STOP button.
5. Select Disable or Manual in the Startup Type scroll bar
6. Click OK
Windows XP Home
1. Click Start->Settings ->Control Panel
2. Click Performance and Maintenance
3. Click Administrative Tools
4. Double click Services Scroll
5. down and highlight “Messenger”
6. Right-click the highlighted line and choose Properties.
7. Click the STOP button.
8. Select Disable or Manual in the Startup Type scroll bar
9. Click OK
Windows XP Professional
1. Click Start->Settings ->Control Panel
2. Click Administrative Tools
3. Click Services
4. Double click Services Scroll
5. down and highlight “Messenger”
6. Right-click the highlighted line and choose Properties.
7. Click the STOP button.
8. Select Disable or Manual in the Startup Type scroll bar
9. Click OK
Windows NT
1. Click Start ->Control Panel
2. Double Click Administrative Tools
3. Select Services-> Double-click on Messenger
4. In the Messenger Properties window, select Stop,
5. Then choose Disable as the Startup Type
6. Click OK
Windows 98 & ME
Windows Messenger Service cannot be disabled
May the force (of knowledge) be with you :-)
Same thing here. I get this on brand new computers when i set them up with windows xp oem that have never ever ever been connected to te internet or pulled into a phone line. I just go to start then run then type msconfig then look under serices and find messenger. Uncheck the box and no more annoying messages like that
yes, but whatever is in your computer was never removed correct? Do I need to get a firewall to remove it for good or is that not the problem?
confused
setter
There was never anything on your computer to begin with. The message server allows remote users to display messages on your computer, so when you turn it off they can no longer display them.
i am thanking you so much i have been putting up with these darn things for at least a year now! you are my hero!
I was thrilled to find all of the wonderful answers to my anger at these annoying popups. Message #13 above mentioned that much of the traffic is coming from China. I ran McAfee to trace where they were coming from and most of them were from China. Another hot spot was Seoul S. Korea. I also have the same problem as #33’s message where I can’t restore my system to a previous date. I’m not too worried about it since I am close to getting a new computer. Just thought I would mention having the same problem. Thanks again!
hello, I’m havong that annoying pop ups… started right after I reinstalled Xp, no way to get rid. I’d love to try your advice (disable windows messenger) but I can’t find it! My pc works in French so I couldn’t find it… Read the description but couldn’t figure which it was… Helllllpppp!
thanks so much for the info on the fake error message, hope this works. it has been bothering me for over a month.
As someone who has just started (trying) to use a computer I was really worried when I kept getting these messages every ten seconds and was just about to part with some money in the hope of repairing the ‘critical errors to my registry’… Thankfully I came across this site whilst deciding which ‘fixer’ to use! Mind you I have had 5 pop up whilst typing this and I thought I’d disabled it correctly so I will have to try again but at least I havent wasted my money on something that is not as fatal as I’d first thought! So thankyou, thankyou, thankyou, hopefully I will be able to get rid of these poxy messages for good now!!!
It’s a scam. Use Windows update to download latest security patches and it goes away.
yep 24 works a treat,thanks heaps
Thank you so very very much, I was at my wits end.
kudos to Dan for the excellent assistance!
However in he– this can be fixed and not be popping up on my computer, please tell me. HElp! HELP HELP
Hey watkins – try reading some of the previous 81 comments.
Dan, many thanks for your assistance, resulting in my getting rid of those crazy windows registry corrupted messages. Hope to never see them again!
For those having difficulty locating the messenger button in XP,simply click on Start—> then Run—–> then type services.msc….in the next screen ie Services(Local)search for Messenger and click on STOP.
Hi,
I am alos getting the Messenger serivce Pop ups saying that registry is corrupted after fresh installation of the operating System
I tried to make a bakup of my windows network disk with Nero and started get these messages. Does Nero destroy your Window setup if you try to back it up. Also I have never been able to back up DVD cd’s because they always get corrupted as another mention in a post above. I ignored these message and continued with the standard installation. Could also be that all old copies of Windows is being destroyed by National Security to monitor 911 computer communication with these new operating systems.
Omg thanks so much! This have driven me insane for months >
Thanks, this forum just helped me as well.
As for curiosity: It seems everyone has had this problem just after installing windows? I too got this problem only after reinstalling windows, and before I reinstalled I do not ever remember turning this messenging feature off.
Is there anyone who got this problem, that did not just reinstall windows?
The original case I described in the post was not after a fresh install.
I’ve got the same annoying pop ups. I followed the direction in “24”, then in “69”, but I could not find “messenger”. I’m using home XP. What should I do. Please help me. Thank you
Frank: Keep looking, I guarantee you that it’s there.
If “Messenger” HAS been DISABLED and pop-ups still appear then files have been stored on the pc which will bring it up alot. This is what you can do to find the problem:
1.Click on “Start”
2.Click on “Search”
3.Select “All files and folders”
4.Click “More advanced options” and chose to search hidden files
(possibly tape backup)
5.Click “Search” and look for:
sqm.DAT
sqm.00
sqm.01
(basically something like sqm,sgm,can’t recall the exact name)
6. Delete all of the files you find that match this discription
7. If you can’t find it try steps 1-4 entering “s”, “00” or “sqm”
as part of the file name
8.Uninstalling “MSN messenger” and deleting the file may also fix the problem
Here are the paths I found these files in:
(Folder options were set to display hidden files)
1. file:///C:/
2. file:///C:/Documents and Settings/(User name e.g Phoebe)/Application Data/Microsoft/MSN MESSENGER(or)MESSENGER
I do apologize for being vague at some points, it has been awhile since I have had my encounter with this problem, I do hope this helps.
why oh why did i not find this page befour, i put up with these messages for to long!, even after reinstalling windows the second after connecting to the internet the messages started again. i turn off error reporting off though- control pannel/ system/ advanced, this did not work, today i did it the way you have said above though administrtive tools/ serveces and just in case it dident work i search google for an hour and find this page……well at least i now no it works ;) peace
just wanted to say thanks, i googled this pop-up error and found your site, just got a used computed and i thought it had some bugs left over form the priveus owner. thank again, saved me alot of stress and troulbe .
This site is the sh–!!!!I had the same problem with the ERROR MESSAGES.IT WOULD SAY-CRITICAL ERROR MESSAGE-REGISTRY IS DAMAGED AND CORRUPTED.I had it for a year and couldnt figure it out.I love all you people on here for helping me out.So if anybody is still having this same problem Ill post it on here to fix this Chinese Virus.In your Windows XP,Click start-click control panel-Click Administrative Tools-Click Services-Scroll down until you hit Messenger-Right click Messenger-Click Properties-Go to Start up type-Hit Disable and your free of all these annoying fake error pop ups.Merry Christmas.
hey Dan
just a question… if this goes after my ip address than if i change it or use a hide ip prog will that help without disabling messanger?
thanks i think i will try any way and report back…
Dan: If you mean hiding your IP address by getting behind a firewall then yes, that should solve the problem. Is there a reason you don’t want to disable the service? I don’t know of many legitimate uses for it. In case you’re confusing it with instant messaging, it’s entirely different.
Got the following on two different websites. This occurred a few days after I lost login capability on IM. I switched from wireless to my router to hard wire but that’s closing the barn door a bit late. My wife’s computer is unaffected since she was already hard wired.
Sites: bankofthewest.com and donotcall.gov. error message (which looks phony to me) is:
Secure Connection Failed
http://www.bankofthewest.com uses an invalid security certificate.
The certificate will not be valid until 7/20/2008 5:00 PM.
(Error code: sec_error_expired_certificate)
* This could be a problem with the server’s configuration, or it could be someone trying to impersonate the server.
* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.
Or you can add an exception…
If there is anything you can tell me it would be appreciated.
Patrick
@Patrick I checked both sites and got no errors. Your machine might be infected with malware. Perhaps it’s messing with your DNS so you’re going to a different server.
The certificate on bankofthewest.com was created on 7/20/2008 and expires 9/17/2009
Dan, Thanks for that info. Any solutions?
pa
@Patrick I’d suggest running a virus / malware check on your machine.