Mr. Not So Nice Guy

 

By David Shamah, The Jerusalem Post, June 18, 2004

 

When I was a kid, my mom made me thank practically everybody for everything. If an adult gave me a treat, I made sure to say "thank you." If a relative took me to on an outing, I expressed my gratitude. I was so conditioned that I even thanked teachers when they gave me punishments! I still try to thank people who help me out, even if these people – like taxi drivers, bank clerks, etc – are being paid to help me out. It just seems like the right thing to do.

 

But I'm not as nice I used to be – in fact, in some ways, I've become something of a   nasty ingrate! There are just some people I refuse to thank – and in fact, I go out of my way to ruin them!

 

I'm referring, of course, to the Web sites that broadcast those incessant popups that all of us who use the Web are victims of. Some popups, of course, may damage your computer, but I'm not talking about those. The popups I don't like are the regular run of the mill popups, such as the one advertising that tells you how to get in touch with your high school buddies (I can't think of one person from high school I would want to associate with these days), the low low mortgage rates I can get (I'm locked in for life at a high rate), and how I can get those fabulously low airfares and hotel rates on my next vacation (like I could afford to go anywhere on what they pay me here). They say that, given the right circumstances, even usually nice people can turn into unusually mean ogres. Well, any Web site that throws a popup my way usually does it just once – they don't dare do it a second time. Grrrr.

 

The truth of the matter is that I should be grateful for these popups. The people who run the Internet sites I frequent have to eat, too – and often a Web site's only source of income is their popup ads. What's so bad about a few harmless popups? Aren’t they a small price to pay for the resulting benefits? If some company wants to pay my favorite Web sites money to display ads that will be totally ignored by most people, why should it bother me? Wouldn't it be more appropriate to use the Web and say "thank you" to the popup people for helping those sites stay in business?

 

It really is a moral dilemma, when you think about it. But there are so many people in the aggregate using the Web looking at these ads that they probably won't miss me. I want things easy – and easy means not having to close popups that are crowding my screen. I have managed to eliminate all the popup ads that used to come my way, and if you want to be popup free too, just follow the advice below.

 

In order to battle popups, we should try to understand just where they come from. Indeed, advertisers use a variety of techniques to deliver popups to your desktop, and each method has its own "cure," so to say.

 

One method Web pages use to display popups is via a technology called Active Scripting, which is an add-on that lets Web page authors run various scripts, including popups, in your browser. Active Scripting is one of those things that are good to have around when you need it - for example, it is often used to open up a registration or order window on a shopping site – and it can also be used to run popup ads you don't want. Fortunately, Active Scripting sites are easy enough to ban; in Internet Explorer 6, just Click Internet Options On the Tools menu. Click the Security tab > Restricted Sites, > Sites. In the Add this Web site to the zone box, type the Web address for the site that you want to restrict, and then click Add. Or, you can download a nifty little program called Active Scripting Fast disable from http:// www. sparkleware.com/dl.htm. You can have it in the System Tray and use it to enable/disable Active Scripting on the fly; so, when you go shopping you can enable the popups to keep an eye on the latest bargains, and turn off the feature on other sites (Shareware; the free version works indefinitely but has a slight delay before it begins to block scripts). Another effective method for stopping these types of popups is download the Google search engine Toolbar, which gives you not only a nifty toolbar you can use to search Google even when you are not at the search engine's home page, but also provides a popup blocker designed to battle popups running off scripts.

 

Although turning off Active Scripting easy enough, chances are the majority of users haven't done it because they dare not venture up to the Internet Options area of the menu. It’s likely that most users will leave it on and still receive popups, but that's not enough for the popup people; if you've found one way to nix their ads, well, they'll just have to try something else. Which they indeed have, and if you are using Windows 2000 and XP, you're a prime target.

 

Once upon a time in the computer world, before e-mail and instant messaging using remote servers, users sent each other messages directly over a network, using what is called the Messenger protocol, a holdover of which is built into Windows NT, 2000 and XP (Note that the Messenger Service discussed here has absolutely nothing whatsoever to do with Instant Messenger, ICQ, etc.). The messenger service would be used by a system administrator to broadcast a system shutdown on a LAN, for example.

 

But, as was bound to happen, spammers discovered that messenger service kept some TCP and UDP ports open on your computer in order to send and receive messages –and they tailored their popup script to make use of this vulnerability. And unlike with Active Scripting sources, which are server side scripts running on your computer and come, by definition, from the site you have loaded the Web page from, the UDP packets responsible for messenger service spam can be "spoofed" with a phony IP address – so adding their addresses to the Restricted Sites list would do you no good at all.

 

Again, turning off this service is easy enough – you just go to your Services list in the Control Panel – but for those who never venture into that folder, there's Shoot the Messenger, the useful messenger service disabler from Gibson Research (http://www.grc.com/stm/shootthemessenger.htm). Download the program and check to see if your messenger service is open – and if it is, quickly close it by clicking on the appropriate button. Gibson has another related tool that will cut off your Port 135 from the outside world to further ensure that nudniks have less opportunity to invade your system. The DCOMbulator (http:/ /www. grc.com/dcom/), which deals with Microsoft's rather messy implementation of the Component Object Model, a predecessor of the ubiquitous ActiveX. If you are running Windows XP, make sure you download Service Pack 1, which addresses a number of these issues.

 

But popup artists have other ways of hijacking your eyeballs; nowadays, one of the more preferred methods is to install a "hook" into a download and stick it into your system as a process. Sometimes these processes only come as part of a download package, and get installed secretly when you set up the program you really want. The advantage of this system is that, unless you know what to look for, the thing can sit in your system and download popups as long as someone on the other side supplies them; and even if you uninstall the original program, the popup process sticks around.

 

There are really too many of these things around today to be able to talk about each one individually, or even as a class of .But, there is a great on-line utility that will search your system for the programs and process responsible for popups, as well as other undesirable phenomena like hijacked Web pages. Pest Patrol (http://www.pestscan.com/) has a free online pest scanner, which will look through your system and list the stuff that doesn’t belong there, like rogue dll's that enable malware spammer popup stuff to run uninhibited on your PC.

 

The scanner generates a list of suspects, and when you double click on one, you enter the Pest Patrol database page that gives you more information about the program or dll in question, along with specific information to remove it manually! It’s really a great service, and getting rid of this junk is not too difficult once you know how – but if you don't want to muck around in the Registry, as you will invariably have to do if you try to do it yourself, you are invited to download the Pest Patrol application for a 30 day free trial ($39.95 afterwards). Once you've dealt with Active Scripting, closed off ports, and cleansed your system of malware, your popup problems should be a thing of the past. But let's keep this between you and me – even though we don’t want to look at popups, we want advertisers to keep paying for them, thereby ensuring that free Web sites stay free!

 

Questions/comments to ds@newzgeek.com