Mr. Not So Nice Guy
By David Shamah, The
When I was a kid, my mom made me thank practically
everybody for everything. If an adult gave me a treat, I made sure to say
"thank you." If a relative took me to on an outing, I expressed my
gratitude. I was so conditioned that I even thanked teachers when they gave me
punishments! I still try to thank people who help me out, even if these people
– like taxi drivers, bank clerks, etc – are being paid to help me out. It just
seems like the right thing to do.
But I'm not as nice I used to be – in fact, in some
ways, I've become something of a nasty
ingrate! There are just some people I refuse to thank – and in fact, I go out
of my way to ruin them!
I'm referring, of course, to the Web sites that
broadcast those incessant popups that all of us who
use the Web are victims of. Some popups, of course,
may damage your computer, but I'm not talking about those. The popups I don't like are the regular run of the mill popups, such as the one advertising that tells you how to
get in touch with your high school buddies (I can't think of one person from
high school I would want to associate with these days), the low low mortgage rates I can get (I'm locked in for life at a
high rate), and how I can get those fabulously low airfares and hotel rates on
my next vacation (like I could afford to go anywhere on what they pay me here).
They say that, given the right circumstances, even usually nice people can turn
into unusually mean ogres. Well, any Web site that throws a popup my way
usually does it just once – they don't dare do it a second time. Grrrr.
The truth of the matter is that I should be grateful
for these popups. The people who run the Internet
sites I frequent have to eat, too – and often a Web site's only source of
income is their popup ads. What's so bad about a few harmless popups? Aren’t they a small price to pay for the resulting
benefits? If some company wants to pay my favorite Web sites money to display
ads that will be totally ignored by most people, why should it bother me?
Wouldn't it be more appropriate to use the Web and say "thank you" to
the popup people for helping those sites stay in business?
It really is a moral dilemma, when you think about
it. But there are so many people in the aggregate using the Web looking at
these ads that they probably won't miss me. I want things easy – and easy means
not having to close popups that are crowding my
screen. I have managed to eliminate all the popup ads that used to come my way,
and if you want to be popup free too, just follow the advice below.
In order to battle popups,
we should try to understand just where they come from. Indeed, advertisers use
a variety of techniques to deliver popups to your
desktop, and each method has its own "cure," so to say.
One method Web pages use to display popups is via a technology called Active Scripting, which
is an add-on that lets Web page authors run various scripts, including popups, in your browser. Active Scripting is one of those
things that are good to have around when you need it - for example, it is often
used to open up a registration or order window on a shopping site – and it can
also be used to run popup ads you don't want. Fortunately, Active Scripting
sites are easy enough to ban; in Internet Explorer 6, just Click Internet
Options On the Tools menu. Click the Security tab >
Restricted Sites, > Sites. In the Add this Web site to the zone box, type
the Web address for the site that you want to restrict, and then click Add. Or,
you can download a nifty little program called Active Scripting Fast disable
from http:// www. sparkleware.com/dl.htm. You can have it in the System Tray
and use it to enable/disable Active Scripting on the fly; so, when you go
shopping you can enable the popups to keep an eye on
the latest bargains, and turn off the feature on other sites (Shareware; the
free version works indefinitely but has a slight delay before it begins to
block scripts). Another effective method for stopping these types of popups is download the Google
search engine Toolbar, which gives you not only a nifty toolbar you can use to
search Google even when you are not at the search
engine's home page, but also provides a popup blocker designed to battle popups running off scripts.
Although turning off Active Scripting easy enough,
chances are the majority of users haven't done it because they dare not venture
up to the Internet Options area of the menu. It’s likely that most users will
leave it on and still receive popups, but that's not
enough for the popup people; if you've found one way to nix their ads, well,
they'll just have to try something else. Which they indeed have, and if you are
using Windows 2000 and XP, you're a prime target.
Once upon a time in the computer world, before e-mail
and instant messaging using remote servers, users sent each other messages
directly over a network, using what is called the Messenger protocol, a
holdover of which is built into Windows NT, 2000 and XP (Note that the
Messenger Service discussed here has absolutely nothing whatsoever to do with
Instant Messenger, ICQ, etc.). The messenger service would be used by a system
administrator to broadcast a system shutdown on a LAN, for example.
But, as was bound to happen, spammers discovered that
messenger service kept some TCP and UDP ports open on your computer in order to
send and receive messages –and they tailored their popup script to make use of
this vulnerability. And unlike with Active Scripting sources, which are server
side scripts running on your computer and come, by definition, from the site
you have loaded the Web page from, the UDP packets responsible for messenger
service spam can be "spoofed" with a phony IP address – so adding
their addresses to the Restricted Sites list would do you no good at all.
Again, turning off this service is easy enough – you
just go to your Services list in the Control Panel – but for those who never
venture into that folder, there's Shoot the Messenger, the useful messenger
service disabler from Gibson Research (http://www.grc.com/stm/shootthemessenger.htm).
Download the program and check to see if your messenger service is open – and
if it is, quickly close it by clicking on the appropriate button. Gibson has
another related tool that will cut off your Port 135 from the outside world to
further ensure that nudniks have less opportunity to invade your system. The DCOMbulator (http:/ /www. grc.com/dcom/), which deals with Microsoft's rather messy
implementation of the Component Object Model, a predecessor of the ubiquitous
ActiveX. If you are running Windows XP, make sure you download Service
Pack 1, which addresses a number of these issues.
But popup artists have other ways of hijacking your
eyeballs; nowadays, one of the more preferred methods is to install a
"hook" into a download and stick it into your system as a process.
Sometimes these processes only come as part of a download package, and get
installed secretly when you set up the program you really want. The advantage
of this system is that, unless you know what to look for, the thing can sit in
your system and download popups as long as someone on
the other side supplies them; and even if you uninstall the original program,
the popup process sticks around.
There are really too many of these things around
today to be able to talk about each one individually, or even as a class of
.But, there is a great on-line utility that will search your system for the
programs and process responsible for popups, as well
as other undesirable phenomena like hijacked Web pages. Pest Patrol
(http://www.pestscan.com/) has a free online pest scanner, which will look
through your system and list the stuff that doesn’t belong there, like rogue dll's that enable malware spammer
popup stuff to run uninhibited on your PC.
The scanner generates a list of suspects, and when
you double click on one, you enter the Pest Patrol database page that gives you
more information about the program or dll in
question, along with specific information to remove it manually! It’s really a
great service, and getting rid of this junk is not too difficult once you know
how – but if you don't want to muck around in the Registry, as you will
invariably have to do if you try to do it yourself, you are invited to download
the Pest Patrol application for a 30 day free trial ($39.95 afterwards). Once
you've dealt with Active Scripting, closed off ports, and cleansed your system
of malware, your popup problems should be a thing of
the past. But let's keep this between you and me – even though we don’t want to
look at popups, we want advertisers to keep paying
for them, thereby ensuring that free Web sites stay free!
Questions/comments to ds@newzgeek.com