|The Latest Spam Technology
The Windows “Messenger Service” is being exploited to spray the Internet with unsolicited commercial eMail. The receipt of a single UDP packet can cause a “Messenger Service” dialog to pop-up on the user’s screen. It is possible for the sender to “spoof” (falsify) the packet’s “Source IP”, making these packets impossible to trace back to their origin. If our experience with eMail Spam is any model, we can expect to see a lot more of this in the future.
Wired News: Spam Masquerades as Admin Alerts
Bad Company: These sample home pages give you a good idea what’s going on, and just how bad it’s likely to become:
Windows Messenger Service
The first thing to understand is that the Windows Messenger Service is completely different from, and not in any way related to, “MSN Messenger”, “Windows Messenger”, or any other well-known instant messaging system. Therefore, disabling the Windows Messenger service will have no effect upon your use of any other instant messaging applications. They will continue to work without trouble.
If you ever see legitimate pop-up warnings or announcements with the phrase “Messenger Service” in the title bar, you might have an application running in your system that relies upon the built-in Messenger Service for the delivery of its information. But every application we know of displays its own pop-up alert dialogs, and we’re not aware of any programs that rely upon the Messenger Service. It’s just a theoretical possibility. If it turns out that you do need to have the Messenger Service running, “Shoot The Messenger” will easily re-enable and start the service.
What is the Messenger Service?
Several considerations make this something of a problem:
behind a personal firewall or NAT router, shutting
down the Messenger Service is a good idea.
NT/2000/XP user to easily stop and disable
the unnecessary Messenger Service running
in their machines.
Click this link, or the image above, to download our
22k byte “Shoot The Messenger” utility program.
|Shooting The Messenger
Download and run our small (22 kbyte) “ShootTheMessenger.exe” utility. It will display the current status of your system’s Messenger Service. The button near the bottom of its window will allow you to set the service to whichever state — running or disabled — that you desire.
If, for any reason, you should ever choose to re-enable the Windows Messenger Service, simply re-run ShootTheMessenger to do so.
ShootTheMessenger supports two command line convenience options which can be useful for operation from corporate logon scripts or batch command files:
The recent major upgrade to our ShieldsUP! services has incorporated the ability to have us send your machine a few simple and harmless “Messenger Spam” pop-up notes. You can use this facility to see these Messenger Service pop-ups for yourself if you don’t usually, because your system is behind a personal firewall or NAT router. And to verify that they are no longer received once you have successfully disabled Windows’ built-in Messenger Service. Please see the “Messenger Spam” section of our ShieldsUP! Services to perform these tests.
That’s all there is to it. It’s simple, straightforward, and highly recommended for every user of Windows 2000 and XP.
I hope you will find “ShootTheMessenger” to be a useful and reliable addition to your personal collection of software utilities. Please feel free to share this program with your family and friends. We know of no one who needs to, or should be, running the Messenger Service . . . but as you have seen, unless and until it is deliberately stopped and disabled, everyone is running it needlessly.