Re: Emailing: 0,aid,107754,00
- If you are using a router, you are probably on a permanent / highspeed
connection (DSL or cable modem). That means you are effectively on the
Internet whenever your computer is turned on.
I would expect the router (if it has NAT) to block the particular type of
pop-up the article talks about. That type of pop-up should only get past
the router, if the router is configured to put the computer in the DMZ,
effectively bypassing the router. If you are getting pop ups behind the
router when not using a web browser, you should check for 'spyware' programs
on your system. These are programs that sometimes get installed 'invisibly'
along with some other program. Typically free / demo / shareware programs.
Others 'attempt' to install when you visit some web sites. Once installed
and running, these programs 'phone home', and pick up advertising messages
to push at you (the pop ups). Try installing / running a spyware removal
tool. Many of the spyware programs are not seen by virus checkers, and
firewalls often ignore them as well because they are focused on protecting
you from the 'outside' (big bad internet). The spyware is installed on your
computer, and is 'inside' the firewall. That gives it access to the
internet, unless specifcally disallowed.
Here are links to a couple of free spyware removal tools that have had good
reviews (I have used both)
The first time you use these, they are likely to find a LOT of problems.
These things accumulate over time. Often if you install some free / demo
software, that has one of these attached, if you uninstall the original
software, the spyware stays behind, and remains active. It takes extra
time, but the safest way to remove these is a few at a time, with testing of
the programs you really use in between. Sometimes removal of the spyware
program will cause the program it was installed with to quit working. Both
programs have quarantine / restore capabilities, but it usually only works
to restore everything that was removed for a single run. I have had a
couple of cases where the restore did not work properly, and had to do
manual cleanup, and re-install the original program to get things setup
Removing spyware programs often gets the computer to run faster, and be more
stable. This is especially true when multiple spyware programs are on the
system, as they tend to 'fight' each other over access to the computer
The problem with the hardware / software installs, I would (without more
information) blame on the firewall software. If (just) closing ports
prevents installations from working, the installation must be going out to
the internet for additional information. That SHOULD use a very few ports
that the firewall should leave open (for outbound connections), or your web
browser would not work either.
Another possibility, is that the firewall installation broke one of the
sofware 'chains' used by a spyware program. Turning off / removing the
firwall leaves the chain broken, so other things do not work. In this case,
email and web browsing would likely be broken as well.
Cleaning up the spyware MIGHT solve some of the install problems as well.
To many unknowns to make are reasonable guess on this.
H. Phil Duby (PHrienDly Computer Consulting, Ltd.)
----- Original Message -----
From: "Xenia Stanford" <president@...>
To: <dist-gen@...>; "H. Phil Duby"
Sent: Friday, September 05, 2003 10:16 PM
Subject: RE: Emailing: 0,aid,107754,00
> I am well aware of the type of pop-ups you (the article) talk(s) about.
> Theory is fine except when it doesn't work. I have a router and yet I find
> these messages on my screen when I have not been on the Internet or had
> web-browser open. The ISP claims it has a firewall. It must be pretty weak
> because it does not block these things nor does it block viruses. Thus I
> installed a separate firewall software. I found it protects your system by
> closing the ports. Even disabling the firewall and virus checker during
> installation of software and hardware did not "open" the ports. They were
> permanently blocked and regular methods of opening the ports failed.
> It was beyond my ken to figure out a solution so I hired an expert. It
> him quite awhile and was only after he contacted the firewall provider
> he was given the three pages of instructions that worked. After he opened
> the ports using these instructions, I could re-install software except for
> one item and all hardware except for two items, which I am still working
> with the manufacturers. I had both hardware items installed before I
> installed the firewall but now even after opening the ports, I cannot
> reinstall the hardware (even the expert tried and failed until I decided
> should stop trying). Since then I obtained three pages of instructions
> the manufacturer of one of them but have not had time to deal with it yet.
> The other one I can live without if I have to but the first one is
> for part of my business.
> The one software program that will not reinstall was running fine before
> ports were blocked except on the PC running Windows 98. The other PCs have
> Windows 2000 and after the addition of the firewall software (even after
> removal and opening of the ports) it will not install properly even after
> following the lengthy instructions from the software company. Like the
> hardware it had been installed and working properly before the firewall
> software was first installed.
> So theory is great but it isn't always reality.
> -----Original Message-----
> From: owner-dist-gen@...
> [mailto:owner-dist-gen@...]On Behalf Of H. Phil Duby
> Sent: September 5, 2003 4:59 PM
> To: dist-gen@...
> Subject: Re: Emailing: 0,aid,107754,00
> There are several different types of pop-ups. The one the article is
> talking about has nothing to do with the pop-unders / pop-overs that some
> web sites use. This one can be sent directly to your computer (IP
> any time you are connected to the internet, whether a web browser is open
> not. The port it uses (messenger, not windows messenger or MSN
> should not be used for any network links or installations. This
> only exists for Windows XP, 2000, NT systems. It is intended to be used
> network administrators to send important (alerter) messages, like 'email
> going to be down at <time> for 1 hour'. For home users connected directly
> to the internet, it can be used to send text messages from anywhere on the
> internet (unless your ISP has a firewall that is blocking it). A home
> even with several computers, has no need for this 'service', and can
> disable it. A home user with serveral computer is probably connected to
> internet through a 'router', which would normally block those messages
> H. Phil Duby
> ----- Original Message -----
> From: "Xenia Stanford" <president@...>
> To: <dist-gen@...>; "Robert Boynton" <rctboynton@...>
> Sent: Friday, September 05, 2003 4:36 PM
> Subject: RE: Emailing: 0,aid,107754,00
> > The problem I found with closing the ports is my networked links no
> > worked (which may not be a problem for you if you only have one
> > and in installing software and hardware. It was a pain to open the ports
> > again (possible but three pages of instructions) to complete installs
> > time. So I left them open, have a router, use Adaware, delete cookies
> > not keep history of websites I visit. It doesn't prevent or stop all but
> > does cut down.
> > The main thing I do is notice which sites give me pop-ups or unders and
> > avoid them like the plague they are!
> > Xenia
> > -----Original Message-----
> > From: owner-dist-gen@...
> > [mailto:owner-dist-gen@...]On Behalf Of Robert Boynton
> > Sent: September 5, 2003 9:32 AM
> > To: Dist-gen
> > Subject: Emailing: 0,aid,107754,00
> > Here is an article in PC World, which explains the new sneaky form of
> > pop -ups and how to rid your self of them.
> > Their method has worked for me for 24 hours.
> > I believe it is done by closing port holes and the only concern I have
> > whether you are blocking something else of importance, although, this
> > unlikely.
> > Rob
> > http://www.pcworld.com/news/article/0,aid,107754,00.asp
> > Your files are attached and ready to send with this message.