Over the weekend I fixed a hideous "popup spam" problem on emily's parents' computer. Whenever they were online (dialed up to AOL) they would get "popup spam" advertising porn every 30 seconds or so. But these aren't web browser pop-ups, these were OS level pure text messages in a gray system alert-style box.
I googled for an answer and came up with this Microsoft page advising everyone to Disable Messenger Service in Windows XP. Basically, by default, any remote machine can put a system message up on your screen that completely steals keyboard focus and disrupts your workflow. And Emily's parents were getting spammed by this non-stop, like twice a minute whenever dialed up. So ridiculous.
But what's really ridiculous is that MS would ship a feature like this (intended for network administrators in corporate environments) ON by default to all users. For such an easily exploitable hole like this to be open is INSANE.
For the record her parents were running Windows XP SP1, and since they dial up over a modem and probably don't understand the concept of service packs, I'm assuming that this system came with XP+SP1 installed when they bought it from Dell 6 months ago.
Posted by Ethan at April 8, 2004 01:00 PMheh. back at school, we used to do that in intro to programming. we'd spam the professor's NT box with annonymous messages while he was giving presentations.
Posted by: john on April 9, 2004 12:59 AMthe messages could have been being generated by their own computer too... you should probably get them to download Adaware or Spybot (or bring it to them on USB/CD)
Posted by: adam on April 9, 2004 09:19 AMno - it was cool once I disabled the daemon that was always running & accepting the messages. Went from several per minute to zero. But if they have any more problems with it i'll investigate the spyware route.
Posted by: ethan on April 9, 2004 09:22 AMif it's running out in the open, they should probably also invest in a consumer router/firewall. If they ran on an open line before patching the os, chances are they have a few of the internet worms running around. i'm not exactly sure if blaster came before or after xp sp1 but that's a prime candidate.
some linkywinks for program downloads (all free):
Spybot S&D (adware scanner): http://www.safer-networking.org/
Kerio Personal Firewall: http://www.kerio.com/kpf_download.html
AVG (free av): http://www.grisoft.com/us/us_dwnl_free.php
Spyware Blaster (activex clsid disabler): http://www.javacoolsoftware.com/spywareblaster.html
SpywareGuard (resident malware protection): http://www.javacoolsoftware.com/spywareguard.html