|
PureBytes Links
Trading Reference Links
|
I tried disabling the alerter service, a service which, I believe, runs in
conjunction with the messenger service. I don't know if that would have
stopped the intrusions or not - I restored it after a few days because I
didn't like seeing the resulting repeated error entries in the event log.
Note, also, that disabling the messenger service itself can interfere with
some applications. I have software which communicates with my APC power
controller and communication is lost when I disable the messenger service.
If anyone learns of a new tool which will block this new type of intrusion,
please let list members hear of it. (I suspect that the programs which
block e-mail spam or pop-up ads in a browser are ineffective against this
new problem.)
Carroll Slemaker
> Would welcome some insight on this.
>
> Am running Win2K SP2, Zone Alarm (Not Pro, with security all set to high)
> and IE 5.5 SP1 and I am on cable mostly 24/7.
>
> 10 days ago I got a pop message/dialogue box. In the top blue bar was the
> words Messenger Service with a grey box below the first line being
"Message
> from WEBPOPUP" and the rest of the text purporting to obtain university
> diplomas with a phone number. The bottom of the box had an OK button. I
> believe this the box is a normal windows messenger service and the app
> running this is csrss.exe which has obviously been activated somehow.
>
> I did not press the OK button but instead closed down all programs and
then
> shut down the machine. On re starting I did an online virus scan at
Symantec
> and also ran the latest Adware lavasoft. Nothing was picked up (except a
> couple of cookies). I then reinstalled a Drive Image of the C drive (which
> consists basically of just the OS) that was made about 6 months ago and
did
> the same scans. To day I had a repeat message pop up but the phone number
is
> now different.
>
> Where/how can I find out what is causing this and is it potentially
> threatening and what more can I do to protect my machine?
>
> Thanks
>
> Clive
|