Messenger service pissing me off

I keep getting these messenger service popups from “university diplomas”, And wanna know whats the eziest way to turn messenger service off as it is giving me a headache, im on XP

Same, but on windows 2000.

Are you using WinMX3.11 at all?
It’s the only thing I can think that’s causng it.

Nope, and as a matter of fact i dont even have MSN or windows or another other im client running at all.

http://www.techtv.com/screensavers/answerstips/story/0,24330,3374542,00.html

disabling the service can prevent messages from AntiVirus software and other crucial appz

Go to control panel then Administrative tools then Services then scroll down until you see Messenger. Double click on messenger and select disable and no more pop ups from messenger will be allowed.
Rob

Frig!

It’s because port 139 (NETBIOS) port is open.
Port 139 is the port which windows uses to inititate communications for Windows File sharing, and as eveyone knows, it can be inititiated remotely with a few clicks, even without passwords/verification/etc. It is the easiest way to gain entry to a system, for hackers to F@#k around with your files and stuff.:frowning:

I’m running a firewall, and it’s supposed to be blocked by default.
I guess I’ll be visiting some online port scanners tonight.
The fact that ANY firewall program leaves it open by default is killing me.:Z

Just for future reference. Don’t trust freeware programs.

Maybe I should correct that.
Don’t trust freeware software documentation.

Here is some information on your problem: also a screenshot of what exactly your getting and how to disable :slight_smile:

http://www.dvdsqueeze.com/windowsmessage.htm

Originally posted by debro
[B]Frig!

It’s because port 139 (NETBIOS) port is open.
Port 139 is the port which windows uses to inititate communications for Windows File sharing, and as eveyone knows, it can be inititiated remotely with a few clicks, even without passwords/verification/etc. It is the easiest way to gain entry to a system, for hackers to F@#k around with your files and stuff.:frowning:

I’m running a firewall, and it’s supposed to be blocked by default.
I guess I’ll be visiting some online port scanners tonight.
The fact that ANY firewall program leaves it open by default is killing me.:Z

Just for future reference. Don’t trust freeware programs.

Maybe I should correct that.
Don’t trust freeware software documentation. [/B]

Well I just checked it out and Zone Alarm Pro blocks incoming NETBIOS traffic from ports 137-139 with Internet Security set at Medium. Just thought to let you know.

Zone alarm pro does block these ports 137-139, but is so commonly used, it’s the platform which hackers will be using as a testbed for common attacks, and searching the most for vulnerabilites.

After checking my firewall, it turns out that a I changed a setting that overrid the default port 137-139 rules for internal traffic.

Somehow, the message is being sent to a networked computer through a different port, then being directed to the server via a trusted IP to port 139. A program on winxp is actually asking for the connection and then redirecting. That’s almost a trojan.:Z

Hmm, have to be careful when configuring firewalls, heh!
Bastard things.

try this link and click on “probe my ports” and it will tell you the status (open/closed/stealth) of some of the most commonly used ports
https://grc.com/x/ne.dll?bh0bkyd2

Just jump onto google.com and look for “online security scanner”

Sygate makes one which is quite good.
Symantec have one, plus many others.

Yippie I’m stealth! :slight_smile:
That adress is a keeper.

Originally posted by Airhead
Yippie I’m stealth! :slight_smile:
That adress is a keeper.

Read this site.

A better site to test your hardware firewall

http://www.insecure.org/nmap/

S

:eek:

hmm… maybe Steve Gibson is a self proclamated ‘Security Expert’ but you really have to hate him pretty bad to devot a whole site to just tell people how wron he is- and update it !

Well does anyone know of some other online port scanner so you can compare result?

That insecure site was too much text and I didn’t get what I was supposed to do there (bad design too).

Here are some other scanners:
http://scan.sygatetech.com/ (seems to be the best one)
http://www.securitymetrics.com/portscan.adp

The sygate scan reports that my IDENT port (port 113) was closed. What do I use that port for?
Will see if I can disable it with my firewall.
(Love my hardware-firewall :))
But will I disable something important if I disable IDENT? Not heard of it…

To tell you the truth I get the same result on all three scans (grc, sygate and securitymetrics), all ports are “Stealth” (or “Blocked” on Sygate) except for port 113 and port 80 (web, understandable why it is “Closed”) so I think GRC is as reliable as the other two.

Steve Gibson s just trying to dramatise a bit more, maybe this is offending to academic, dust-dry ‘sexurity-experts’…

Ah the joy :slight_smile:
Now everything is blocked. (Even port 80, though I did not alter that… :confused: )

Here are some other scanners:

thanks airhead :slight_smile:

if memory serves i think 113 (IDENT) has someting to do with IRC and that IRC may not work corectly with that port stealhted (the server will not get an answer and thinks the client killed the connection) however Im not sure of this and it shold be easy to test

I’m now getting pop-ups, not from outside but from inside. Thanks to the spyware “RealPlayer” I now get a pop-up ad every time I close RealPlayer, whether I’m online or not. :a

the new XP AntiSpy has an uninstall feature and also a feature to disable startup.

hope this helps(ed)