The popup in figure one is from the Messenger Service which is one of the many security flaws in windows. You can get rid of them by:
start, Control panel, performance and maintenance (if you are in category view), administrative tools, services. From here you find “messenger service”, right click on it, and choose to stop the service.
There are programs that show up on the messenger service that will stop the service for you, but they cost $20. And while I support entrepreneurial spirit as much as the next man, I also support self reliance, so do it yourself.
There are a few other scam ware (or rogue programs) that try to swindle you out of money. Internet Anti virus 2009, Anti virus 360 and Internet Anti virus pro are just a few of them. Anti virus 360 in particular is bad because it tells you your computer is infected and it will gladly take care of the problem for a mere $99. It won’t take care of the problem, of course. They just run off with your money. And if you ignore it, your computer’s performance will degrade until the computer is not usable any more.
Hope this helps people. I work in tech support so I get news like this all the time.
Thx!
I just spent a weekend reinstalling a Windows installation for family member that had somehow been compromised with something like this (although their insistence on using IE might have something to do with it) The symptoms were a bit atypical. Their desktop got a notice in the tray Notification Area that said the machine was infected and that they needed Windows Antivirus 2009, after which it blue-screened and wouldn't let him back into Windows. He realized soemthing was up and yanked the network cable.
I was able to get into Windows with a System Restore point, Task Manager was inaccessible and the properties on his My Documents showed the Size on disk and number of files increasing by the second, which was enough to persuade me to immediately reboot and try it from Safe Mode. From there I discovered that whatever it was had deleted the HijackThis I had previously installed. Norton (ptoo!) was completely trashed, (which is actually redundant now that I think about it...) A fresh install of HijackThis showed at least a hundred new entries into the Run keys in the registry, all with nonsensical names.
Now I'm of the firm opinion that once a system is compromised by malware there is no "Cleaning" it as you never know that what you did find isn't secretly installing something stealthier, but this one was obviously past even that argument. So reinstallation it was. Dumped Norton (ptoo!) got him on Zone Alarm, Avira, Spybot with TeaTimer, and Firefox with periodic HijackThis checks thrown in.
Both he and the Mrs. swear they didn't download and/or install anything, and I believe them. Heck, she was on a knitting site when the notification popped up.