Is Interactive Services Detection a legitimate message from Windows?

Solution 1:

The Interactive Services Detection message is meant for errors that happen in service context of the desktop session when a service tries to interact with the legacy desktop (desktops with session 0). This is a mitigation feature of the Windows environment post-Vista. Currently Windows employs session 0 isolation (now the desktop of the first user to log in is run in session 1 instead).

Clicking on view message should bring you to session 0's desktop where you can deal with the (probably an error of some kind) message further.

For a more expansive explanation see MSDN blog posts by Pat Altimore on it:

• What is Interactive Services Detection and Why is it Blinking at Me?
• Troubleshooting Interactive Services Detection

If you are really paranoid like me ;P, disconnect the VM from the internet and then proceed. You can even go get a set of Sysinternals Suite from Microsoft here and use the modules:

• procexp - more detailed version of task manager for seeing exactly whats going on where
• tcpview - see what connections are being attempted, from where, and to whom

This should give you ample information to decide whether this is a malicious exploit gone wrong, or a harmless bug on the system. It's more than likely just a harmless error, but I'll never tell someone to be less cautious.

UPDATE:

As for the spelling error, I took your image and did a reverse google image search. This spelling error appears in a lot of screenshots of this message. It makes my stomach turn as I'm sure it does you, but just be careful and diligent in debugging it and you should be ok. But to be fair, the spelling error also appears in the screenshot on Microsoft's blog I linked earlier too.