Archived from groups: microsoft.public.windowsxp.perform_maintain (
More info?)
On Wed, 10 Nov 2004 10:14:02 -0800, "Dave" <Dave@discussions.microsoft.com>
wrote:
>I just installed windows xp home edition. After installing the internet i
>started to get messages through from Messeage Service tellin me my computer
>is infected with spyware the messages contained links to sights on how to fix
>this.
>I went to download .com and got the new adaware but it found nithing i also
>got spyware docter which also found nuthing.
>I also got a anti virus (AVG) as soon as this was installed it told me i had
>a virus and i should scan my system so i did and it found nuthing.
>My internet is also extramly slow i am currently downloading an update for
>my antivirus its been downloading for over an hour and its only 7% complete
>with 11 hours left :/ its only downloading at 73 BYTES not KB per second.
>I dint know what is up with this mabey the products i have selected are not
>good i dont know, one thing i do know is the computer is real close to going
>out the window. Can any one help? thanks in advance dave
Dave,
Was that first item a window labeled "Messenger Service"?
This type of spam has become quite common over the past year or so, and
unintentionally serves as a valid security alert. It demonstrates that you
haven't been taking sufficient precautions while connected to the Internet.
Your data probably hasn't been compromised by these specific advertisements, but
if you're open to this exploit, you most definitely open to other threats, such
as the Blaster Worm that still haunts the Internet. Install and use a decent,
properly configured firewall.
Messenger Service of Windows
<http://support.microsoft.com/default.aspx?scid=KB;en-us;168893>
Messenger Service Window That Contains an Internet Advertisement
Appears
<http://support.microsoft.com/?id=330904>
Stopping Advertisements with Messenger Service Titles
<http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp>
If you're using AOL, you'll either need to find a 3rd party firewall that is
compatible with AOL, or switch to a real ISP that is compatible with the real
Internet. This is because AOL is an on-line content provider that ignores
international networking standards in favor of its own proprietary products, and
has deliberately made its connection software incompatible with both WinXP's
built-in firewall and WinXP's Internet Connection Sharing feature. AOL's
proprietary connection applet is deliberately designed to preclude your
setting/adjusting any of its properties, to include enabling/disabling WinXP's
ICF and ICS.
Whichever firewall you decide upon, be sure to ensure UDP ports 135, 137, and
138 and TCP ports 135, 139, and 445 are all blocked. You may also disable
Inbound NetBIOS (NetBIOS over TCP/IP). You'll have to follow the instructions
from firewall's manufacturer for the specific steps.
You can test your firewall at:
Gibson Research <http://grc.com/default.htm> (ShieldsUp!)
SecurityMetrics <http://www.securitymetrics.com/portscan.adp>
Sygate Security Scan <http://www.sygatetech.com/>
Symantec Security Check <http://security.symantec.com/ssc/vr_main.asp>
Be especially wary of people who advise you to do nothing more than disable the
messenger service. Disabling the messenger service, by itself, is a "head in
the sand" approach to computer security. The real problem is not the messenger
service pop-ups; they're actually providing a useful, if annoying, service by
acting as a security alert.
Dave, if you're downloading at 73 BYTES / second, I'd wonder where the rest of
your bandwidth is going. You may well have contracted a worm from connecting to
the internet without a firewall.
Don't throw the computer out the window. But, at this point, you'd probably be
well off using your restore CD (hopefully the computer came with one) to restore
the system from scratch. Then install or activate a firewall before connecting
to the internet again.
If you want to investigate your bandwidth issue further, get TCPView (free) a
small (100K) utility from
<http://www.sysinternals.com/ntw2k/source/tcpview.shtml>.
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.