un-deletable file
scott
file is an executable file for a popup messenger service.
The file is CSRSS.EXE. Does anyone else have the same
problem?! Can anyone help me get it off of my computer,
please?
Thank you!
Ken Wickes [MS]
the XP firewall or disable the Messenger service.
--
This posting is provided "AS IS" with no warranties, and confers no rights.
"scott" <sdbu...@excite.com> wrote in message
news:042c01c2a24f$91223750$d4f82ecf@TK2MSFTNGXA11...
Michel Gallant (MVP)
services panel:
http://pages.istar.ca/~neutron/servicespanel
- Michel Gallant
MVP Security
Stefan Kanthak
> here is a handy utility for NT4, 2000, XP which takes you quickly to the
> services panel:
> http://pages.istar.ca/~neutron/servicespanel
And this is exactly good for what?
Do you UNDERSTOOD what the OP wrote?
> "Ken Wickes [MS]" wrote:
>
> > CSRSS is a critical windows file. If you need to stop messenger popups, run
> > the XP firewall or disable the Messenger service.
The second alternative is VERY BAD advice.
Cure the problem (the system is WIDE OPEN on it's external interface), not
just the symptoms!
not amused
Stefan
Ken Wickes [MS]
not a problem in and of itself. The problem in this case is that spammers
are abusing the Messenger service, much like they do email, and a solution
to that problem is to turn it off.
--
This posting is provided "AS IS" with no warranties, and confers no rights.
"Stefan Kanthak" <postmaster@[127.0.0.1]> wrote in message
news:e7j#89zoCHA.2084@TK2MSFTNGP12...
Michel Gallant (MVP)
Messenger service properties area, so yes I did
understand at least part of what the OP said.
- Mitch
Stefan Kanthak
Please read RFC 1855 and write your answer BELOW the cited text!
> A system being "WIDE OPEN", and I can only guess what you mean by that, is
> not a problem in and of itself. The problem in this case is that spammers
> are abusing the Messenger service, much like they do email, and a solution
> to that problem is to turn it off.
A WIDE OPEN system connected to the internet is the cause which let NIMDA and
its successors spread around the world, thanks to M$ and their "Internet
Intrusion Server"!
Turning off the messenger service is NO SOLUTION AT ALL!
The problem is Windows and the RPC and NetBIOS over TCP bound to ALL interfaces,
even dialup! The messenger is just used as backend to DISPLAY a message, but the
RPC can do MUCH more harm! Be thankfull that no exploit has been written except
the one spammers use for now! Go ask you managers about "trustworthy computing".
not amused
Stefan
>
> --
You're using crappy software which produces non RFC-compliant postings (see
RFC 1036): go and get this repaired!
Alun Jones
>"Ken Wickes [MS]" <ken...@online.microsoft.com> wrote:
>> A system being "WIDE OPEN", and I can only guess what you mean by that, is
>> not a problem in and of itself. The problem in this case is that spammers
>> are abusing the Messenger service, much like they do email, and a solution
>> to that problem is to turn it off.
>
>A WIDE OPEN system connected to the internet is the cause which let NIMDA and
>its successors spread around the world, thanks to M$ and their "Internet
>Intrusion Server"!
Nope. All that Nimda required was a port or two open. It didn't require
"wide open". And what it required open was the port that many people were
likely to have open - 80. So, even if you have a firewall, it's important to
keep updated with security patches.
>Turning off the messenger service is NO SOLUTION AT ALL!
Sure it is - it's a partial solution. It prevents anyone from sending you
spam through the messenger service, and as such, it solves the initial
problem; but, as you've noted, it doesn't solve the problem that there may be
other ports, other attack routes, open.
Alun.
~~~~
[Please don't email posters, if a Usenet response is appropriate.]
--
Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place | http://www.wftpd.com or email al...@texis.com
Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to
Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for XP/2000/NT.