: Greetings --
:
: If the pop-up isn't readily identifiable as an application or
: process in Task Manager, it's most likely hiding within one of the
: several instances of Svchost.exe. This will leave you no real option
: other than using the normal method to close the pop-up. Your best
: course of action would be to ensure that you do not get any pop-ups,
: to start with.
:
: There are at least three varieties of pop-ups, and the solutions
: vary accordingly. Which specific type(s) is troubling you?
Actually not many are since I usually use the Google toolbar
to block them. I'm just trying to learn more about these pesky
pesks.
:
: 1) Does the title bar of these pop-ups read "Messenger Service?"
I saw these popups while updating W2K once after a fresh install.
About three minutes after starting to download the security patches
one of these messenger windows popped up and immediately I got nailed
with Blaster. So I finally figgered out how to go to the update catalog
and download the patches on another already secure computer then
install them offline in advance.
:
: This type of spam has become quite common over the past year or
: so, and unintentionally serves as a valid security "alert." It
: demonstrates that you haven't been taking sufficient precautions while
: connected to the Internet. Your data probably hasn't been compromised
: by these specific advertisements, but if you're open to this exploit,
: you most definitely open to other threats, such as the Blaster Worm
: that still haunts the Internet.
Yup,, tell me about it
Fortunately, most of these things I have seen while using
other peoples computers, as I use popup blockers, firewalls
and recent updates on all of my computers.
: Install and use a decent, properly
: configured firewall. (Merely disabling the messenger service, as some
: people recommend, only hides the symptom, and does little or nothing
: to truly secure your machine.) And ignoring or just "putting up with"
: the security gap represented by these messages is particularly
: foolish.
:
: Messenger Service of Windows
:
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
:
: Messenger Service Window That Contains an Internet Advertisement
: Appears
:
http://support.microsoft.com/?id=330904
:
: Stopping Advertisements with Messenger Service Titles
:
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
:
: Blocking Ads, Parasites, and Hijackers with a Hosts File
:
http://www.mvps.org/winhelp2002/hosts.htm
:
: If you're using AOL, you'll either need to find a 3rd party
: firewall that is compatible with AOL, or switch to a real ISP that is
: compatible with the real Internet. This is because AOL is an on-line
: content provider that ignores international Internetworking standards
: in favor of its own proprietary products, and has deliberately made
: its connection software incompatible with both WinXP's built-in
: firewall and WinXP's Internet Connection Sharing feature. AOL's
: proprietary connection applet is deliberately designed to preclude
: your setting/adjusting any of its properties, to include
: enabling/disabling WinXP's ICF and ICS.
I wouldn't be caught dead using Eh?O'Hell !!
: Whichever firewall you decide upon, be sure to ensure UDP ports
: 135, 137, and 138 and TCP ports 135, 139, and 445 are _all_ blocked.
: You may also disable Inbound NetBIOS (NetBIOS over TCP/IP). You'll
: have to follow the instructions from firewall's manufacturer for the
: specific steps.
What do you know about CAS's firewall that comes bundled with
the MS Security Update CD?
it appears to be a repackaged version of Zone Alarm, which
I have been told has been hacked to shreds.
I hope CAS plugged the ( rumoured) holes in it as I just installed it
on one of my other computers.
:
: You can test your firewall at:
:
: Symantec Security Check
:
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT
:
: Security Scan - Sygate Online Services
:
http://www.sygatetech.com/
:
: Oh, and be especially wary of people who advise you to do nothing
: more than disable the messenger service. Disabling the messenger
: service, by itself, is a "head in the sand" approach to computer
: security. The real problem is _not_ the messenger service pop-ups;
: they're actually providing a useful, if annoying, service by acting as
: a security alert. The true problem is the unsecured computer, and
: you've been advised to merely turn off the warnings. How is this
: helpful?
:
: 2) For regular Internet pop-ups, you might try the free 12Ghosts
: Popup-killer from
http://12ghosts.com/ghosts/popup.htm, Pop-Up Stopper
: from
http://www.panicware.com/, or the free Google Toolbar from
:
http://toolbar.google.com/, which is what I use.
Me too, as I also use the hell out of all of the search features.
hard to believe I ever got by without it in the past
:
: 3) To deal with pop-ups caused by any sort of "adware" and/or
: "spyware,"such as Gator, Comet Cursors, Xupiter, Bonzai Buddy, or
: KaZaA, and their remnants, that you've deliberately (but without
: understanding the consequences) installed, two products that are
: quite effective (at finding and removing this type of scumware) are
: Ad-Aware from
www.lavasoft.de and SpyBot Search & Destroy from
:
www.safer-networking.org/. Both have free versions. It's even
: possible to use SpyBot Search & Destroy to "immunize" your system
: against most future intrusions. I use both and generally perform
: manual scans every week or so to clean out cookies, etc.
:
:
: Bruce Chambers
:
: --
: Help us help you:
:
:
:
:
: You can have peace. Or you can have freedom. Don't ever count on
: having both at once. -- RAH
Thanks for all the good info,, especially about which ports to watch
I'll soak it all up.
Sorry for the slow response,, was gone for a few days.
Thanks again
Dave Moore
:
:
: : >I read an article that said using the X in a popup window to close it
: >may actually initiate the download and install of a malicious
: >program. So, what's the best way to close these windows then ?
: >
: > ctrl-alt-delete then select appropriate app and and stop it?
: >
: > sometimes the popups aren't even listed there
: >
: > Dave Moore ( scared)
:
: