Bookmark

Donate

Subscribe

Subscribe to our RSS feed

Subscribe to our RSS feed
Email Subscription

Enter your Email ID:

Delivered by FeedBurner

Categories

Links

Published: Jan 05, 2004
Updated :  Oct 27, 2007
Send your feedback

How to block Pop-ups?

Introduction

This page, targeted towards home users, discusses the basic steps needed from an user to stop pop-ups. Part of the information in this page was collected from online sources, including the Microsoft Web site. Thanks and all credit due to the third-party sites referenced, and the authors for their part.

Pop-ups can be classified as follows:

  • General browser pop-ups
  • Messenger Service advertisements
  • Pop-ups generated by adware and spyware

General browser pop-ups 

These pop-ups can be prevented by installing a pop-up blocker. Often times, these new windows display advertising that can interfere with your ability to see the content on the page you're trying to read. Adding the Ad related Domains to the Restricted Zone in Internet Explorer is a good idea. Refer to the following MS-KB articles to learn how to stop pop-ups from a particular webpage.

Prevent Pop-up Ad Windows When Browsing with Internet Explorer

A New Window Appears When You Visit Some Web Sites

Windows XP Service Pack 2 now includes a built-in Pop-up blocker. You can read more about this feature, in the following pages:

Block Pop-up Windows with Internet Explorer: Windows XP SP2

Export Internet Explorer Pop-up blocker settings

Always allow Pop-ups for secure sites (HTTPS) in Windows XP SP2

Messenger Service Advertisements

If the title bar reads as "MESSENGER SERVICE" with gray Ads, then it the famous Messenger SPAM. This is applicable only for Windows 2000 and Windows XP. The "Messenger Service" [different from Windows Messenger IM] is responsible for transmitting these text-based messages. While disabling the Messenger Service can stop the pop-up ads, it's not sufficient in the security point of view. These messages arrive to your system because there is a way for someone to transmit data to your computer via TCP and UDP ports [UDP ports 135, 137, and 138; TCP ports 135, 139, and 445 137]. This means, some intruder can do nasty things on your computer with these ports open.

The HIGHLY RECOMMENDED method to prevent these type of pop-up and to harden the security of your computer is to install a firewall application (such as Zone Alarm), or use the Windows XP Firewall. Windows XP SP2 turns off the Messenger Service by default, and enables the Windows firewall. This blocks the ports required for Messenger Service data transmission.

To enable the Firewall in Windows XP

For Windows XP SP2 systems:

If you're using Windows XP, and haven't updated to SP2, please do it immediately.

  • Click Start, Run and type Firewall.cpl
  • Select On (recommended) button, and click OK.

Never connect to internet without enabling the Firewall. Otherwise, there are fairly good chances your system gets infected. Finest example is the RPC NT Authority Shutdown caused by Blaster Worm, which infects "unpatched" and "unprotected" computers.

Note: If using a third-party firewall application, you don't have to enable the built-in Windows XP firewall.

References

Messenger Service Window That Contains an Internet Advertisement Appears

Stopping Advertisements with Messenger Service Titles

Pop-ups generated by Ad-ware & Spyware

Spyware cause the same effect as general browser pop-ups but they are usually powered by Browser Helper Objects, ActiveX controls which attaches to Internet Explorer and contacts their servers without your knowledge. This not only means waste of internet bandwidth, but your private information may also be sent to someone. You need to treat any outgoing connection without your permission, as a security threat.

Along with your anti-virus software, you need to anti-spyware tools such as Ad-Aware, Spybot Search & Destroy, Spyware Blaster at a bare minimum. You must update the pattern files before scanning just like what you do for your anti-virus software.

Protection mechanisms

  • Use HOSTS file to block unwanted ad servers and sites that are known to spread malware

  • Increase your browser security settings. Visit the following link to learn how to protect the system from parasites.

Dealing with Unwanted Spyware, Parasites, Toolbars and Search Engines
(Site packed with full of security tips, advice to prevent parasites being installed)

  • Use an application-based firewall, such as Zone Alarm, Sygate etc. They alert you whenever an outgoing traffic by a new application is detected. By doing this, you are preventing dialers, Trojans accessing the internet. Give equal importance to the configuration of the firewall. Assume your firewall as the gatekeeper, and only allow programs that you want, to access the internet. You may then test the effectiveness of the Firewall (for inbound protection) using any of these websites. They scan your system for open ports and vulnerabilities and advice you what action to take.

grc.com/x/ne.dll?bh0bkyd2 | dslreports.com/scan | hackerwatch.org/probe

Still unable to control pop-up windows? It may be caused by a Malware running in the background. Experts in these forums help you eliminate the unwanted things from the PC by examining the HijackThis log file. Most forums provide this as a free service, with voluntary members spending a part of their time to help others. If they've helped you clean the system, see if you can return the favor in some way :-)

AumHa - HijackThis section | Spywareinfo forums | CastleCops | Wilders Security

Before approaching for help, follow the preliminary steps (run a system scan yourself using Ad-Aware, SpyBot S&D with fully updated definitions). Eliminate Malware as much as you can. A Virus scan will also help.

General Advisory

  • Don't connect to internet without enabling firewall and Anti-virus software

  • Increase the security settings in the browser so that Activex controls won't install automatically

  • Visit http://windowsupdate.microsoft.com frequently and download all Critical Updates

  • Subscribe to Microsoft Security Bulletin to know the vulnerabilities identified and the patches released

  • Use HOSTS file to block unwanted websites

  • Think twice before enabling an application to access the Internet if you use a third-party firewall. Gather information about a process / application name, if found suspicious.

  • Keep yourself updated on Rogue/Suspect Anti-Spyware Products & Web Sites

Essential Tools (minimum required)

Malware removal advice

One of the finest documentations (Recommended reading)

The Parasite Fight: Finding, Removing & Protecting Yourself From Scumware

Protecting Your Privacy & Security