Legitimate System Message or SPAM?

[Guest]

A couple times a day for the last month or so, the following message pops up
on my screen. Is it a legitimate system message which I should heed or is it
spam? Thank you for your help; I am just clueless about this stuff.

Microsoft Internet Explorer
NOTICE: If your computer has errors in the registry database or file
system, it could cause unpredictable or erratic behavior, freezes ad
crashes. Fixing these errors can increase your computer's performance and
prevent data loss.

Would you like to install WinFixer 2005 to check your computer for free?
(Recommended)

OK Cancel

 

[Richard Urban [MVP]]

It is a spam scam. Do not, under any circumstances, install Winfixer. You
may want to, at this point, do the following:

Install a good firewall - one that blocks unwanted outbound traffic as well
as unwanted inbound traffic. Then when something tries to connect, out of
the ordinary, you will be flagged. At that point you can disallow that
particular instance either once or permanently. A good FREE firewall is
available here:
http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?lid=dbtopnav_za

Then check you system for infestations of viruses, spyware, dialers, key
loggers etc.

Download, install, update and run (in that order) the following:

If you don't have any antivirus installed, AVG Antivirus (free) from
http://free.grisoft.com/doc/2/lng/us/tpl/v5

Ad-Aware (free) from http://www.lavasoftusa.com/software/adaware/

SpyBot Search and Destroy (free) from
http://www.safer-networking.org/en/download/index.html

Microsoft Anti Spyware (free) from
http://www.microsoft.com/athome/security/spyware/software/default.mspx

Don't ever go clicking things just because a web site, e-mail, popup or
rogue desktop tells you to! If you are not 101% certain what an action will
do - don't perform that action. Control your clicking finger!


--
Regards,

Richard Urban
Microsoft MVP Windows Shell/User

Quote from: George Ankner
"If you knew as much as you thought you know,
You would realize that you don't know what you thought you knew!"

 

[Dr Teeth]

It's spam, using the messenger service, not to be confused with
windows messenger (the chat program). It is unnecessary for home
machines and can be safely disabled.

--
Cheers,

Guy

** Stress - the condition brought about by having to
** resist the temptation to beat the living daylights
** out of someone who richly deserves it.

 

[Bruce Chambers]

A couple times a day for the last month or so, the following message pops up
on my screen. Is it a legitimate system message which I should heed or is it
spam? Thank you for your help; I am just clueless about this stuff.

Microsoft Internet Explorer
NOTICE: If your computer has errors in the registry database or file
system, it could cause unpredictable or erratic behavior, freezes ad
crashes. Fixing these errors can increase your computer's performance and
prevent data loss.

Would you like to install WinFixer 2005 to check your computer for free?
(Recommended)

OK Cancel

It's a scam, plain and simple. It's from a very unscrupulous
"business." They're trying to sell you patches that Microsoft provides
free-of-charge, and using a very intrusive means of advertising. It's
also demonstrating that your PC is very unsecure.

This type of spam has become quite common over the past couple of
years, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you most definitely open to other threats, such as the Blaster,
Welchia, and Sasser Worms that still haunt the Internet. Install and
use a decent, properly configured firewall. (Merely disabling the
messenger service, as some people recommend, only hides the symptom,
and does little or nothing to truly secure your machine.) And
ignoring or just "putting up with" the security gap represented by
these messages is particularly foolish.

Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893

Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904

Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp

Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

Whichever firewall you decide upon, be sure to ensure UDP ports 135,
137, and 138 and TCP ports 135, 139, and 445 are all blocked. You
may also disable Inbound NetBIOS over TCP/IP). You'll have
to follow the instructions from firewall's manufacturer for the
specific steps.

You can test your firewall at:

Symantec Security Check
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT

Security Scan - Sygate Online Services
http://www.sygatetech.com/

Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is not the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Bruce Chambers]

It's spam, using the messenger service, not to be confused with
windows messenger (the chat program). It is unnecessary for home
machines and can be safely disabled.

I realize that you're trying to help, and that such an intent is
commendable, but please don't post potentially harmful advice.

Merely disabling the messenger service, as you suggest, and as
Gibson's utility does, is a dangerous "head in the sand" approach to
computer security that leaves the PC vulnerable to threats such as the
W32.Blaster, W32.Welchia, and W32,Sasser worms.

The real problem is _not_ the messenger service pop-ups; they're
actually providing a useful, if unintentional, service by acting as a
security alert. The true problem is the unsecured computer, and your
only advice, however well-intended, was to turn off the warnings. Was
this truly helpful?

Equivalent Scenario: You over-exert your shoulder at work or play,
causing bursitis. After weeks of annoying and sometimes excruciating
pain whenever you try to reach over your head, you go to a doctor and
say, while demonstrating the motion, "Doc, it hurts when I do this." The
doctor, being as helpful as you've been, replies, "Well, don't do that."

The only true way to secure the PC, short of disconnecting it from
the Internet, is to install and *properly* configure a firewall; just
installing one and letting it's default settings handle things is no
good. Unfortunately, this does require one to learn a little bit more
about using a computer than used to be necessary.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Dr Teeth]

I realize that you're trying to help, and that such an intent is
commendable, but please don't post potentially harmful advice.

Merely disabling the messenger service, as you suggest, and as
Gibson's utility does, is a dangerous "head in the sand" approach to
computer security that leaves the PC vulnerable to threats such as the
W32.Blaster, W32.Welchia, and W32,Sasser worms.

The real problem is _not_ the messenger service pop-ups; they're
actually providing a useful, if unintentional, service by acting as a
security alert. The true problem is the unsecured computer, and your
only advice, however well-intended, was to turn off the warnings. Was
this truly helpful?

Now you are being very silly indeed.

The OP asked a simple question to which I gave the simple answer.
NOWHERE did I suggest that turning off the service would provide any
form of protection whatsoever, just that it would turn off the
annoying popups.

Anybody who goes on the 'net without a firewall and AV is taking
risks. Even with all that, the popups will STILL occur and it was with
that that I was helping the OP.

Stop being silly and reading what isn't there.

--
Cheers,

Guy

** Stress - the condition brought about by having to
** resist the temptation to beat the living daylights
** out of someone who richly deserves it.

 

[Yves Leclerc]

If the Messager service is important, then why:

1) Microsoft had recommended to "disaable" it, before the Service Pack 2

2) does Service Pack 2 turn it off.

 

[Bruce Chambers]

If the Messager service is important, then why:

1) Microsoft had recommended to "disaable" it, before the Service Pack 2

2) does Service Pack 2 turn it off.

The point is that turning off the Messenger Service, while generally
harmless for the home consumer, won't do a bloody thing to protect the
PC from intrusion; it only turns off the warning signs.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Dr Teeth]

won't do a bloody thing to protect the
PC from intrusion

Who here said that it would?

--
Cheers,

Guy

** Stress - the condition brought about by having to
** resist the temptation to beat the living daylights
** out of someone who richly deserves it.

 

[Guest]

Thank you very much for your helpful responses. I will heed your advise and
look into beefing up my firewall protection. Currently I have firewall
software on my router and I run a current version of Norton on my pc. You are
right - apparently this isn't good enough.

Not sure I understood all of the directions that were generously offered;
but, I printed it off and will slowly step through them. Bruce and Richard
- you are especially generous to have responded with such detailed help.
Thank you.

 

[Richard Urban [MVP]]

You're welcome!

--
Regards,

Richard Urban
Microsoft MVP Windows Shell/User

Quote from: George Ankner
"If you knew as much as you thought you know,
You would realize that you don't know what you thought you knew!"