Re: pop ups
From: john (anonymous_at_discussions.microsoft.com)
Date: 06/17/04
- Next message: Bill Sharpe: "Repairing network connection"
- Previous message: Victor A. Diaz: "By requirement of my ISP"
- In reply to: Chuck: "Re: pop ups"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 17 Jun 2004 16:12:03 -0700
thanks chuck for your time, i will look into these.
john
>-----Original Message-----
>On Tue, 15 Jun 2004 13:10:47 -0700, "john"
<anonymous@discussions.microsoft.com>
>wrote:
>
>>im getting all kinds of popups and little so called
>>programs that are telling me i have a "parasite" or
other
>>harmful things on my system. now these programs are
even
>>loading as i write this....i need the perfect pop up
>>stopper i guess. i run adaware and it finds things all
the
>>time! i've also seen things about leaking memory and
java
>>security.....need help with this, its getting worse!
>
>John,
>
>Take the advice of the popups with a grain of salt. No
reputable popup or
>spyware control product advertises with popups.
Anything you buy would be a
>waste of time.
>
>But you need to stop the popups.
>
>There are at least three varieties of pop-ups, and the
solutions vary
>accordingly. Which specific type(s) are you seeing?
>
>I. "Messenger Service" Pop-Ups
>
>This will be a text only message, and will only hit you
when you're online. A
>Messenger Service pop-up can't contain a clickable
link. The window will be
>titled "Messenger Service".
>
>This type of spam has become quite common over the past
year or so, and
>unintentionally serves as a valid security alert. It
demonstrates that you
>haven't been taking sufficient precautions while
connected to the Internet.
>Your data probably hasn't been compromised by these
specific advertisements, but
>if you're open to this exploit, you most definitely open
to other threats, such
>as the Blaster Worm that still haunts the Internet.
Install and use a decent,
>properly configured firewall. (Merely disabling the
messenger service, as some
>people recommend, only hides the symptom, and does
little or nothing to truly
>secure your machine.) And ignoring or just "putting up
with" the security gap
>represented by these messages is particularly foolish.
>
>Messenger Service of Windows
><http://support.microsoft.com/default.aspx?scid=KB;en-
us;168893>
>
>Messenger Service Window That Contains an Internet
Advertisement
>Appears
><http://support.microsoft.com/?id=330904>
>
>Stopping Advertisements with Messenger Service Titles
><http://www.microsoft.com/windowsxp/pro/using/howto/commu
nicate/stopspam.asp>
>
>Blocking Ads, Parasites, and Hijackers with a Hosts File
><http://www.mvps.org/winhelp2002/hosts.htm>
>
>If you're using AOL, you'll either need to find a 3rd
party firewall that is
>compatible with AOL, or switch to a real ISP that is
compatible with the real
>Internet. This is because AOL is an on-line content
provider that ignores
>international networking standards in favor of its own
proprietary products, and
>has deliberately made its connection software
incompatible with both WinXP's
>built-in firewall and WinXP's Internet Connection
Sharing feature. AOL's
>proprietary connection applet is deliberately designed
to preclude your
>setting/adjusting any of its properties, to include
enabling/disabling WinXP's
>ICF and ICS.
>
>Whichever firewall you decide upon, be sure to ensure
UDP ports 135, 137, and
>138 and TCP ports 135, 139, and 445 are _all_ blocked.
You may also disable
>Inbound NetBIOS (NetBIOS over TCP/IP). You'll have to
follow the instructions
>from firewall's manufacturer for the specific steps.
>
>You can test your firewall at:
>
>Gibson Research <http://grc.com/default.htm> (ShieldsUp!)
>SecurityMetrics
<http://www.securitymetrics.com/portscan.adp>
>Sygate Security Scan <http://www.sygatetech.com/>
>Symantec Security Check
<http://security.symantec.com/ssc/vr_main.asp>
>
>Be especially wary of people who advise you to do
nothing more than disable the
>messenger service. Disabling the messenger service, by
itself, is a "head in
>the sand" approach to computer security. The real
problem is _not_ the
>messenger service pop-ups; they're actually providing a
useful, if annoying,
>service by acting as a security alert.
>
>
>II. Regular Browser Based Pop-Ups
>
>This will be an HTML message, and will only hit you when
you're online. A
>browser based popup will probably contain clickable
links. The window title
>will vary.
>
>Get the free Google Toolbar from
<http://toolbar.google.com/>. Hosts file
>blocking (above) works on this problem also.
>
>
>III. Adware / Spyware
>
>This will be an HTML message, and can hit you when
you're online, or offline.
>An adware based popup will probably contain clickable
links. The window title
>will vary.
>
>This is where you need a thorough adware / spyware scan,
including
>CoolWebSearch, Spybot S&D, and HijackThis, with expert
advice to interpret the
>HijackThis log.
>
>First, download LSP-Fix and WinsockXPFIx from
<http://www.cexx.org/lspfix.htm>,
>and CWShredder from
<http://www.majorgeeks.com/download4086.html>. All are
>free.
>
>Next, close all Internet Explorer and Outlook windows,
then run CWShredder.
>Have it fix all variants.
>
>Now check for, and remove, spyware. Get HijackThis
><http://www.majorgeeks.com/download.php?det=3155> and
Spybot S&D
><http://www.safer-networking.org/index.php?
page=download>. Both free.
>1) Install and run Spybot. First update it ("Search
for updates"), then run a
>scan ("Check for problems"). Trust Spybot, and make all
recommended deletions.
>2) Install and run HijackThis. Do NOT make any changes
immediately. Save the
>HJT Log. <http://forums.spywareinfo.com/index.php?
showtopic=227>
>3) Have your HJT log interpreted by experts at one or
more of the following
>forums (and post it, or a link to your forum post, here):
><http://forums.net-integration.net/>
><http://forums.spywareinfo.com/>
><http://spywarewarrior.com/index.php>
><http://forums.tomcoyote.org/>
><http://www.wilderssecurity.com/>
>
>If removal of any spyware affects your ability to access
the internet (some
>spyware builds itself into the network software, and its
removal may damage your
>network), run LSP-Fix and / or WinsockXPFIx.
>
>Cheers,
>Chuck
>Paranoia comes from experience - and is not necessarily
a bad thing.
>.
>
- Next message: Bill Sharpe: "Repairing network connection"
- Previous message: Victor A. Diaz: "By requirement of my ISP"
- In reply to: Chuck: "Re: pop ups"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
