Re: A new bug in csrss.exe ??
From: Ken Wickes [MS] (kenwic@online.microsoft.com)
Date: 11/14/02
- Next message: Guillaume: "Re: A new bug in csrss.exe ??"
- Previous message: Dmitry Streblechenko: "Re: A new bug in csrss.exe ??"
- In reply to: H. Debs: "A new bug in csrss.exe ??"
- Next in thread: Guillaume: "Re: A new bug in csrss.exe ??"
- Reply: Guillaume: "Re: A new bug in csrss.exe ??"
- Reply: H. Debs: "Re: A new bug in csrss.exe ??"
- Reply: H. Debs: "Re: A new bug in csrss.exe ??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Ken Wickes [MS]" <kenwic@online.microsoft.com> Date: Thu, 14 Nov 2002 14:37:58 -0800
This is the messenger service, not to be confused with MSN Messenger or
Windows messenger. It's been in Windows a long time, most for network admin
to notify clients of network problems. Only recently have spammers latched
onto it.
http://support.microsoft.com/default.aspx?scid=kb;en-us;330904
-- This posting is provided "AS IS" with no warranties, and confers no rights. "H. Debs" <no@spam.com> wrote in message news:ubtJjXCjCHA.1804@tkmsftngp12... > This is the 3rd or 4th time I see a dialog box pop up on my Win2000 SP3 > system, with an ADVERTISEMENT! Looking at the Task Manager, I discover that > the thread responsible for this new process is csrss.exe. The window title > and process are called "Messenger service" or something similar, and the > text in this dialog box window is a well known SPAM advertisement for > "University Diplomas" which I'm sure everyone has received by email at some > point, especially if they have a hotmail account. > > This is *not* a regular IE popup. The dialog box has the regular close [X] > button, and an "OK" button only. No icons. I think I was always connected to > the internet when I got this message (about 4 times in the past month). > > I have up to date versions of Norton Antivirus 2002 and ZoneAlarm Pro > running, configured for maximum security. I also frequently update and run > AdAware and I'm positive there's no Spyware nor virus on my system. > > I read a bit about csrss.exe and it appears to handle text displays in > consoles (dos boxes), so how can this dialog box be related to it? > > Regarding the window title "Messenger service", I never have the windows > Messenger application running (removed it from the startup programs a long > time ago), and do not have any account with Messenger, and never even set it > up or used it. > But I do have a hotmail account. However, I'm not logged into my hotmail > account when this occurs, nor is Outlook Express running at the time this > happens (I've configured it to fetch my hotmail email), so I shouldn't be > logged in. So can this be a Microsoft Messenger abuse or vulnerability? Or > just a ruse? > > Anyone seen this problem before, or knows how I can kill it? > >
- Next message: Guillaume: "Re: A new bug in csrss.exe ??"
- Previous message: Dmitry Streblechenko: "Re: A new bug in csrss.exe ??"
- In reply to: H. Debs: "A new bug in csrss.exe ??"
- Next in thread: Guillaume: "Re: A new bug in csrss.exe ??"
- Reply: Guillaume: "Re: A new bug in csrss.exe ??"
- Reply: H. Debs: "Re: A new bug in csrss.exe ??"
- Reply: H. Debs: "Re: A new bug in csrss.exe ??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
