Please help! Popups not going with IE 6 SP1 plus updates

[Ed]

Since ive reinstalled W2K with all service packs and IE6
with all service packs ive had these odd pop ups. They
started when i still had IE5 but thru-out the day ive
managed to download all the updates yet they still appear.
Little windows telling me my system is not secure when
online offering to direct me to emands.com or something
bizarre which sounds like that?
any ideas? i can be downloading of MS update sites and
they just pop up.
HELP!!!!!
thanks folks.

 

[mac]

Since ive reinstalled W2K with all service packs and IE6
with all service packs ive had these odd pop ups. They
started when i still had IE5 but thru-out the day ive
managed to download all the updates yet they still appear.
Little windows telling me my system is not secure when
online offering to direct me to emands.com or something
bizarre which sounds like that?
any ideas? i can be downloading of MS update sites and
they just pop up.
HELP!!!!!
thanks folks.

Maybe?
What you're seeing is the built-in Messenger service in NT/Windows 2000 and
XP for sending
quick "pop up" messages across networks which spammers are exploiting. This
is not Microsoft
(or even their network), nor can they can control it anymore then they can
control the Spam
arriving in your e-mail. If you don't want these to come up again, you can
stop this from
happening by going to the Control Panel, choose Administrative Tools,
Double-click Services, and
Scroll down to
"Messenger", select it, right-click and then choose Properties. Under
start-up type, choose
disabled and then choose the 'Stop' button. After the service is stopped,
click OK.

 

[Jim Byrd]

Hi Ed - These are most likely due to open NetBios ports 135, 137-139 and
445. You really need to block these with a firewall as a general
protection measure. You can stop the popups by turning off Messenger
Service; however, this still leaves you vulnerable. (For some other
reasons you should probably also specifically block the following
additional ports as well: UDP 135, and TCP 593)

See: Messenger Service Window That Contains an Internet Advertisement
Appears http://support.microsoft.com/?id=330904 which identifies reasons
to keep this service and steps to take if you do.

You can test your system and follow the 'Prevention' link to get
additional information here:
http://www.mynetwatchman.com/winpopuptester.asp Unless you have very
good reasons to keep this active, it should be turned off in Win2k and
XP. Go here and do what it says:
http://www.itc.virginia.edu/desktop/docs/messagepopup/ or, even better,
get MessageSubtract, free, here, which will give you flexible control of
the service and viewing of these messages:
http://www.intermute.com/messagesubtract/help.html Recommended.

(FWIW, ZoneAlarm's default Internet Zone firewall configuration blocks
the necessary ports to prevent this use of Messenger Service. I don't
know the situation with regard to other firewalls.)

Messenger Service is not per se Spyware or something that MS did wrong -
It provides a messaging capability which is useful for local intranets
and is also sometimes (albeit nowdays infrequently) used by some
applications to provide popup messaages to users. However, it can also
be (and now frequently is) used to introduce spam via this open NetBios
channel. For a single user home computer, it normally isn't needed and
can be turned off which will eliminate the spam popups. This DOESN'T,
however, remove the vulnerability of having these ports open, when in
fact they aren't needed, since they can be perverted in other ways as
well, some of which can be much more damaging than just a spam popup.

--
Regards, Jim Byrd, MS-MVP
Please respond in original thread in Newsgroup.




In [email protected], Ed typed:

 

[ed]

-----Original Message-----
Hi Ed - These are most likely due to open NetBios ports 135, 137-139 and
445. You really need to block these with a firewall as a general
protection measure. You can stop the popups by turning off Messenger
Service; however, this still leaves you vulnerable. (For some other
reasons you should probably also specifically block the following
additional ports as well: UDP 135, and TCP 593)

See: Messenger Service Window That Contains an Internet Advertisement
Appears http://support.microsoft.com/?id=330904 which identifies reasons
to keep this service and steps to take if you do.

You can test your system and follow the 'Prevention' link to get
additional information here:
http://www.mynetwatchman.com/winpopuptester.asp Unless you have very
good reasons to keep this active, it should be turned off in Win2k and
XP. Go here and do what it says:
http://www.itc.virginia.edu/desktop/docs/messagepopup/ or, even better,
get MessageSubtract, free, here, which will give you flexible control of
the service and viewing of these messages:
http://www.intermute.com/messagesubtract/help.html Recommended.

(FWIW, ZoneAlarm's default Internet Zone firewall configuration blocks
the necessary ports to prevent this use of Messenger Service. I don't
know the situation with regard to other firewalls.)

Messenger Service is not per se Spyware or something that MS did wrong -
It provides a messaging capability which is useful for local intranets
and is also sometimes (albeit nowdays infrequently) used by some
applications to provide popup messaages to users. However, it can also
be (and now frequently is) used to introduce spam via this open NetBios
channel. For a single user home computer, it normally isn't needed and
can be turned off which will eliminate the spam popups. This DOESN'T,
however, remove the vulnerability of having these ports open, when in
fact they aren't needed, since they can be perverted in other ways as
well, some of which can be much more damaging than just a spam popup.

--
Regards, Jim Byrd, MS-MVP
Please respond in original thread in Newsgroup.




In [email protected], Ed typed:

.
THANKS FOR YOUR HELP!!!!!

 

[ed]

-----Original Message-----



Maybe?
What you're seeing is the built-in Messenger service in NT/Windows 2000 and
XP for sending
quick "pop up" messages across networks which spammers are exploiting. This
is not Microsoft
(or even their network), nor can they can control it anymore then they can
control the Spam
arriving in your e-mail. If you don't want these to come up again, you can
stop this from
happening by going to the Control Panel, choose Administrative Tools,
Double-click Services, and
Scroll down to
"Messenger", select it, right-click and then choose Properties. Under
start-up type, choose
disabled and then choose the 'Stop' button. After the service is stopped,
click OK.


.
THANKS FOR YOUR HELP!!