O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  

Buy the book!
Windows XP Hacks
By Preston Gralla
February 2005
More Info

Stop Pop Ups, Spyware, and Web Bugs
You don't have to be victimized by obnoxious applications and behavior on the Internet. Fight back with these tips and tools

Contributed by:

[09/03/03 | Discuss (14) | Link to this hack]

Surfing the Web used to be such as simple, enjoyable experience. Go to the web site of your choice, enjoy the page, and head somewhere else.

No longer. At times, it now seems like a sleazy carnival midway, complete with flashing lights and loud music, barkers pleading at you to venture into the sideshows, scamsters promising you big payoffs if you try three-card monte, and no-goodniks lurking in the shadows.

For that, we have pop ups, spyware, and web bugs to thank. Pop ups are ads that, as the name implies, pop up over your browser, usually in a smaller window, and frequently contain flashing messages and other kinds of obnoxious come-ons. The infamous X.10 surveillance camera pioneered this insufferable form of advertising, and now it's everywhere.

Web bugs are invisible bits of data, frequently a single pixel in size (sometimes called "clear GIFs"), that can track all your activities on a web site and report them back to a server. Spyware is software that piggybacks onto your hard disk on the backs of other pieces of software, reports on your activities to ad servers, and then delivers ads to you based on what sites you visit. There's typically no way to know offhand that spyware has been installed on your system, because it lurks invisibly—hence the name. Even after you uninstall the program upon which it piggybacked, it could remain on your PC, reporting on your activities.

You don't have to be victimized, though. As you'll see in the rest of this hack, there are things you can do to keep your PC from resembling a virtual midway.

Ditch IE: Use Opera or Mozilla to Stop Pop Ups

Here's one way to get rid of pop-up annoyances: skip Internet Explorer altogether! IE can't kill pop ups, but other browsers can. Both Opera and Mozilla include a built-in pop-up killer as a menu option.

Download Opera from http://www.opera.com. To enable its pop-up killer, choose File → Preferences → "Refuse pop-up windows". You can also have the program open pop-up windows in the background instead of on top of your browser.

Download Mozilla from http://www.mozilla.org. To enable its pop-up killer, choose Edit → Preferences → Privacy & Security → Pop-ups → and check "Reject pop-up windows."

Stop Messenger Service Popups

In recent months, the most obnoxious pop ups of all have started to appear on computer users' screens—popups that aren't connected to a browser, appear even when you're not surfing the Web, and show up in a text-message window for no apparent reason. You've taken no conceivable action that could have caused them to appear, such as visiting a web site. And yet there they are.

These text pop ups use XP's Messenger service, which was designed for sending notifications over internal local area networks—for example, when a network administrator wants to notify network users that a server is about to go down, or when you're notified that a printer has completed a job of yours.


The Messenger service is not related to Windows Messenger, Microsoft's instant-messaging program.

But spammers took hold of the technology, and now blast out text pop ups to IP addresses across the Internet. How ubiquitous are these pop ups becoming? I recently bought a new laptop, and within 10 minutes of turning it on for the first time I had received my first Messenger service pop up.

To kill these pop ups, disable the Messenger service. Run the Services Microsoft Management Console by typing services.msc at a command prompt or the Run box and pressing Enter. Double-click on the entry for Messenger, choose Disabled as the Startup type from the screen that appears, and click OK. Pop ups will no longer get through. Unfortunately, neither will any network messages from administrators if you're on a LAN.

If you're running a router at home that allows you to block ports, you can kill these messages by disabling port 135. How you do this varies according to your router. To do it on a Linksys router, go to the router administrator screen and choose Advanced → Filters. In Filtered Private Port Range, choose Both, and for the range, type 135 twice. Click Apply. The pop ups should now be disabled.

Watch Out for Web Bugs

Web bugs are one of the more pernicious ways your online activities can be tracked, no matter which browser you're using. Sometimes, the web site the bugs send information to isn't the one that contains the web bug; for example, they may send information back to an online advertising network.

Web bugs are surprisingly common. The Cyveillance technology and analysis company found that their use grew nearly 500% between 1998 and 2001. Web bugs can send the following information back to a server:

  • The IP address of your computer

  • The URL of the page on which the web bug is located, so they know that you visited the page

  • The time the web bug was viewed, so they know exactly when you visited the page

  • The URL of the web bug image

  • The type of browser that you have

  • Your cookie values

A free piece of software called Bugnosis (http://www.bugnosis.org) will alert you whenever it comes across web bugs on pages you visit. It reports on the URL that the bug reports to, and, for some bugs, it will let you click on a link it creates so that you can send an email of complaint to the web site that runs the bug. It runs inside Internet Explorer.


The last time I visited the site, it no longer had Bugnosis available, but promised it would be back soon. Be prepared that it might not be there when you visit.

The software can't actually protect you against web bugs, but it can alert you when you visit pages that use them. If you want your privacy protected when you surf the Web, your best bet is to surf anonymously .

Protect Yourself Against Spyware

Spyware has become increasingly controversial and increasingly popular, as developers of free software struggle to find a way to support themselves. Of late, spyware has been getting increasingly intrusive; some people call these more aggressive programs scumware. Scumware may change your default home page without telling you, or may even intervene when you're making a purchase online and redirect you to a different site.

There are several ways to protect yourself against spyware:

Figure 2. Finding and deleting spyware on your system with Ad-Aware


Keep in mind that when you delete spyware, you may disable software as well, so it's a good idea to always create a Restore point before deleting spyware. Choose Control Panel → Performance and Maintenance → System Restore and follow the instructions. For example, if you remove the Cydoor spyware program, the Kazaa file-sharing program will no longer work. Alternatives to Kazaa include Shareaza (http://www.shareaza.com), a front-end to the popular Gnutella file-sharing network that also can hook into other file-sharing networks, such as the one that Kazaa uses.

See also:

  • [Hack #85]

  • [Hack #89]

O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.