|
-
May 7th, 2006, 03:55 AM
#51
Member
-
May 7th, 2006, 09:05 AM
#52
Jennifer,
I think that what you need first is an up to date antivirus and a firewall.
AVG and AVAST! are free as is ZoneAlarm.
Get EWIDO and A-Squared, update them, boot into safe mode and run them. Let them clean what they find. EWIDO has a trial period of 14 days, then you can continue to use it as an on demand scanner for free (it will allow you to update it manually). Please do them both, as they find different things.
If you have been connecting to the internet without an AV and a firewall you will certainly pick up all sorts of rubbish without any action on the part of yourself or a family member
Also make sure that your e-mail client has the preview messages turned off and its spam filter if it has one, turned on. Your e-mail provider may have this facility like Gmail does for example.
I have just had a look at my firewall log, it has blocked 1076 intrusions and 501,437 access attempts.
I would also recommend internet script blocking and popup blocking.
I once cleaned up a laptop that had "stalled" it was used by a young mother for a couple of hours a week to deal with internet reservations at her father's small hotel. There were hundreds of these pornographic and gambling site pop-ups, diallers, trojans, and other malware on it.
I do not believe that the young lady in question had any need for it, but from the number of "viagra" spam e-mails you would think that she was running a wholesale pharmacy.
Also remember that what you are looking at is what has been BLOCKED it is NOT the content of sites, nor is it a record of activity It is history; just forget it and move on with a SECURE SYSTEM.
As for diallers the most obvious thing is to look at your phone bill. They are premium rate calls and should be itemised. I suspect that they don't work because you are using ADSL...............at least my one doesn't . This is actually a common fraud............the thing waits for inactivity then quietly dials these numbers and you get hit with a $1,000 phone bill.
As you are a concerned parent, I would suggest that you look at "parental control" software as well. This is not a "prevention" (if they are any good that is  ) it is a protection
As for "gambling" I can assure you from personal experience that you will KNOW ............. there will be an unaccountable shortage of finances in your household.
Just my £0.02
-
May 7th, 2006, 03:18 PM
#53
Member
Hello all,
Just wanted to contribute a bit. I agree with Nihil the whole way through. I think for your marriage and kids parental control is the way to go.
Here are a few.
Cyberpatrol
netnanny
Safe Eyes
Hope these help.
-
May 8th, 2006, 06:16 AM
#54
Member
Thanks so much to all of you--
nihil, your feedback is very different from Tiger Shark's, I'm a little confused...
-
May 8th, 2006, 09:38 AM
#55
Hi Jennifer ,
nihil, your feedback is very different from Tiger Shark's, I'm a little confused...
Tiger~ was looking at the contents of these history (quarantine/log) files generated by Spysubtract.
I am looking at the overall situation and "the way forwards" , or what you should do next.
I can assure you that these files contain absolutely no illegal material , nor do they provide evidence of any illegal activity, other than that of those external forces who attempted to invade/infect your machine. It will not, however, be traceable to them 
In fact it is very much your fault insofar as you deliberately turned off your Norton Security Suite to make your DSL connection work. This removed a layer of your protection, and, because of the new, high speed connection, allows the rubbish to arrive much more quickly and reliably.
You might like to look at Trend Micro's security suite or the one from Kaspersky Labs? They will probably be adequate for a home user environment such as yours. You will have to check with your DSL provider to see if there is a compatibility issue though.
Hope that helps
-
May 8th, 2006, 12:52 PM
#56
Member
nihil, I only uninstalled Norton a few days ago, around 4/28 I think. And only because we were completely unable to connect and according to Bellsouth DSL, Norton was the problem. These files existed in their current volume long before this action, but I see your point.
-
May 8th, 2006, 12:54 PM
#57
Member
My point is: you say that the files contained material blocked and Tiger Shark says accessed, who's right?
-
May 8th, 2006, 01:04 PM
#58
Jennifer:
We are both right. I have been saying that the references in the logs are references to things that were intercepted on the way to your computer or cleaned after they got on during a scheduled scan.
It is my experience that content that web sites attempt to place on your computer _usually_ matches the content of the web site visited. For the most part this content is placed on your computer with no warning and behind the users back. What this means is that while going to a "free games" site you will see the content of the pages you request. However, in the background, this "free games" site will attempt to introduce some kind of malware on your computer the content of which would be equally benign as games would be. But, were you to be surfing pornographic sites the malware introduced to your computer would be equally as offensive as the content of the sites visited.
With that in mind you can be fairly certain that if you were to visit www.hotyoungbabesinteddies.com you would see the content of that site. If it tries to introduce malware onto your computer it will be pornographic in nature and when spysubtract intercepts or cleans it the log entries will indicate said content. So, yes, the content of the sites have been seen, it's the malware that the sites tried to introduce to your computer that is being blocked or removed later.
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
May 8th, 2006, 01:23 PM
#59
Member
Gotcha.
I guess we're just waiting to hear from Trend now. I contacted a Trend Micro rep before I started this post. It's been tricky getting back in touch with him because of the "getting caught" factor. I'm not very good at subterfuge. His name is Jeff Graffagnino in Houston TX. He said that he personally knew someone at Intermute who remained with the company after it was bought by Trend and that he would get in touch with him if I couldn't get help from the customer service center. Well, obviously I didn't get help from them and now I can't seem to get HIM either... Seems like one dead end after another.
Tiger Shark, nihil: at the top of these files there is a header of sorts that says "create table in DesignWare" . Does that mean anything to either of you? There are so many references to DesignWare on Google that I couldn't pinpoint anything.
-
May 8th, 2006, 08:44 PM
#60
Junior Member
Originally posted here by c0br4
I have had a look through your hijackthis log file and everything looks ok, the only thing i am suspicious about is the contentpurity.net i have not heard of it before... is this something you have put on intentionally, because it doesn't look very genuine? Other than that your PC looks clean.
Contentpurity.net -- http://contentpurity.net/cleanintro.htm
Apparently is a software pkg that scans/deletes stuff from your HDD. I didn't really read the page to see exactly what it does.
Anyone else wanting to know what something is, try searching in google, using the following example :
?what is contentpurity.net?
Putting question marks before/after is read as asking a question.
Searching in google without the question marks (just contentpurity.net) doesn't return any hits.
Just an FYI. Thought I'd share that interesting tidbit.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
