Pop-ups can be classified as follows:
General browser pop-ups
Messenger Service advertisements
Pop-ups generated by adware and spyware
General browser pop-ups?
These pop-ups can be prevented by installing a pop-up blocker. Often times, these new windows display advertising that can interfere with your ability to see the content on the
page you're trying to read. Adding the Ad related Domains to the Restricted Zone in Internet Explorer is a good idea. Refer to the following MS-KB articles to learn how to stop pop
-ups from a particular webpage.
Windows XP Service Pack 2 now includes a built-in Pop-up blocker. You can read more about this feature, in the following pages:
Messenger Service Advertisements
If the title bar reads as "MESSENGER SERVICE" with gray Ads, then it the famous Messenger SPAM. This is applicable only for Windows 2000 and Windows XP. The
"Messenger Service" [different from Windows Messenger IM] is responsible for transmitting these text-based messages. While disabling the Messenger Service can stop the pop-
up ads, it's not sufficient in the security point of view. These messages arrive to your system because there is a way for someone to transmit data to your computer via TCP and
UDP ports [UDP ports 135, 137, and 138; TCP ports 135, 139, and 445 137]. This means, some intruder can do nasty things on your computer with these ports open.
The HIGHLY RECOMMENDED method to prevent these type of pop-up and to harden the security of your computer is to install a firewall application (such as Zone Alarm), or use
the Windows XP Firewall. Windows XP SP2 turns off the Messenger Service by default, and enables the Windows firewall. This blocks the ports required for Messenger Service
data transmission.
To enable the Firewall in Windows XP
For Windows XP SP2 systems:
If you're using Windows XP, and haven't updated to SP2, please do it immediately.
Click Start, Run and type Firewall.cpl
Select On (recommended) button, and click OK.
Never connect to internet without enabling the Firewall. Otherwise, there are fairly good chances your system gets infected. Finest example is the RPC NT Authority Shutdown
caused by Blaster Worm, which infects "unpatched" and "unprotected" computers.
Note: If using a third-party firewall application, you don't have to enable the built-in Windows XP firewall.
References
Pop-ups generated by Ad-ware & Spyware
Spyware cause the same effect as general browser pop-ups but they are usually powered by Browser Helper Objects, ActiveX controls which attaches to Internet Explorer and
contacts their servers without your knowledge. This not only means waste of internet bandwidth, but your private information may also be sent to someone. You need to treat any
outgoing connection without your permission, as a security threat.
Along with your anti-virus software, you need to anti-spyware tools such as Ad-Aware, Spybot Search & Destroy, Spyware Blaster at a bare minimum. You must update the pattern
files before scanning just like what you do for your anti-virus software.
Protection mechanisms
Use HOSTS file to block unwanted ad servers and sites that are known to spread malware
Increase your browser security settings. Visit the following link to learn how to protect the system from parasites.
(Site packed with full of security tips, advice to prevent parasites being installed)
Use an application-based firewall, such as Zone Alarm, Sygate etc. They alert you whenever an outgoing traffic by a new application is detected. By doing this, you are
preventing dialers, Trojans accessing the internet. Give equal importance to the configuration of the firewall. Assume your firewall as the gatekeeper, and only allow programs that
you want, to access the internet. You may then test the effectiveness of the Firewall (for inbound protection) using any of these websites. They scan your system for open ports
and vulnerabilities and advice you what action to take.