Re: msn messenger hack

From: corant1 (corant1@hotmail.com)
Date: 10/30/02 

From: "corant1" <corant1@hotmail.com>
Date: Wed, 30 Oct 2002 09:56:27 -0800

Yes I found that Thom, I thought I might ad however that
if you do disable the messenger you also disable the
ability of some programs to warn you or inform the user
of certain events in their computer through the use of
the pop up....
in case the next person to stumble in here would like to
know ....
the pop up window itself is a normal and useful function
of Windows that has been corrupted and abused by
spammers....
while disabling it will stop the problem it also stops
the real meseenger form being able to report....
you can also close the ports that it uses, however if you
are on a network it will have the same effect and it will
lose the ability to communicate information between
computers.....
looks like a nice firewall is about the only good fix for
this now, maybe as the spam attacks increase abetter way
to deal with this will be found...
thanks

>-----Original Message-----
>Hi Corant,
>
>This pop-up window is actually from a service that runs
on your computer
>itself. It is called the Windows Messaging Service.
This service allows
>computers to be sent messages across the network from
System Administrators
>or Network Providers.
>
>This is different from the MSN messenger program that
you use to chat with
>people across the internet.
>
>To see an example of this service.. try the following
steps:
>
>Open a command prompt window (cmd.exe) and type this
command
>
>net send (computername) "message"
>
>Where (computername) would be the name you gave your
Windows computer and
>"message" would be the actual message you want to send
to that computer.
>
>net send localhost "This is a test message"
>
>would pop up the same Messenger window on your own
computer as depicted in
>your attached picture with a message body of "This is a
test message".
>
>You can disable this service so that annoying spammers
do not target your
>computer with random pop-up messages.
>
>Simply right click on the "My Computer" icon and go to
the "Manage" option
>
>Open the "Services and Application" tree option at the
bottom of your
>"Computer Management" window
>
>Under the "Services" option, there will be a service on
the right listed
>called "Messenger Service"
>
>Right click on the service icon and choose
the "Prperties" option, then
>change the startup type to "Disabled" and then click
the "Stop" button to
>stop the service.
>
>This will stop the Messenger Service keep it from
automatically starting up
>every time you reboot your computer.
>
>There is more informtaion on the "Messenger Service" in
the following
>Microsoft KB article:
>
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;Q168893
>
>Hope this helps..
>
>Thom
>"Corant1" <corant1@hotmail.com> wrote in message
>news:0c9901c27f74$8e4b5230$2ae2c90a@phx.gbl...
>> yes I did see the other section of posts concerning
this
>> subject this morning after I sat down and was greated
by
>> a pop up first thing in the morning.......
>>
>> whether or not it is a msn messenger problem or not in
>> origin the person(s) who are using the pop up are
>> claiming that it is used in conjunction with msn
messenger
>> (see pic)...
>>
>> now since there is no apparent interest from msn in
>> either helping or at least feigning interest the spam
>> attacks will increase and since they claim msn is the
>> gateway then msn can expect to be considered an
obliging
>> allie to them, in most victims perception...it is just
>> common sense to not have your product associated with a
>> hack/spam tool....
>>
>> anyway I will check the site recommended ....thanks
all...
>>
>> >-----Original Message-----
>> >this has been popping up on my desktop for around a
week
>> >and this is the first time it has identified itself as
>> >what it involves.....it seems to run in conjunction
>> >with "CSRSS.exe C:\WINDOWS\system32\CSRSS.exe"
in
>> >my computer ...after some checking I found that I am
>> >apparently helpless to this abuse of a system bug
>> >accessed through msn messenger.....
>> >
>>
>ex:.....http://homepages.tesco.net/~J.deBoynePollard/FGA/
>> c
>> >srss-backspace-bug.html
>> >
>> >the above site and several others all agree that there
>> is
>> >not much to be done and up until now no one had used
>> >it....well now someone has....
>> >
>> >any information on this would be greatly appreciated
as
>> >well as where exactly at msn I can email to report
this
>> >individual.......
>
>
>.
>