For several months now, both a laptop system and twice a desktop system,
I've been fighting with a co-worker's browsing habits. This person claims
to be visiting strictly legit websites, yet mysteriously ends up in places
they should not be and gets viruses, spyware, adware and/or trojans that do
nothing short of disabling the entire system. One laptop had to be
re-formatted from the mess created on a business trip, and twice now I've
managed to salvage the desktop system from Trojans and spyware ... but
nearly at the compromise of my own desktop system trying to visit warez
sites to grab software in an attempt to clean and lock down this system. I
don't like using warez products, but sometimes when a company only offers a
"trial" that will identify and not clean it's tough ... especially with the
demand to "get it fixed."

Anyhow, my point is this. This co-worker now has a new desktop PC, faster
and better than before. It only has MS antispyware beta and Symantec
Corporate anti-virus on it. I'm not allowed to use any other programs,
including legit versions of CounterSpy and TrojanHunter as well as free
versions of Ad-Aware and Spybot. Why? "They don't want all the pop-ups"
for protecting the system, downloading/checking for updates, etc. Now I've
tried to say that doing this leaves the system wide open for more, but that
goes in one ear and out the other anymore. The only thing important seems
to be speed and a lack of anything "popping up."

So where can I find online a very good FAQ or other such page that tells
exactly what sort of "browsing habits" contribute to getting Trojans,
Spyware, etc. I need something that's truthful and honest, yet basically
says what any IT person can tell you ... don't go to warez sites, porn
sites, gaming sites, etc. This person doesn't seem to respond to words, so
I'm hoping that the written word will get the message loud and clear ...
that (1) You don't go to these sites or else (2) You'll get infected and
that (3) You need programs such as the above listed ones to protect each and
every system, even more so when "exploring" bad sites.

I've tried the usual places such as C-Net and such, but I don't really find
any articles that say "stay away from sites that feature X, Y and Z" ... and
that's what I need more than anything ... a real bare bones, plain English
page that states the obvious that most of us regulars and any IT personnel
know for a fact.

Thanks much!

--
Kyle )

Reply address is fake. Please send all praise, abuse, insults, bequests of
$1-million US dollars to sensfan_luvslisa (at) yahoo (dot) ca. Change the
obvious to the obvious. Oh, and if you must abuse or insult, don't expect a
reply. Money gets faster attention

"Sens Fan Happy In Ohio" <GoingForTheCup@GoSensGo.com> wrote:

|>So where can I find online a very good FAQ or other such page that tells
|>exactly what sort of "browsing habits" contribute to getting Trojans,
|>Spyware, etc. I need something that's truthful and honest, yet basically
|>says what any IT person can tell you ... don't go to warez sites, porn
|>sites, gaming sites, etc. This person doesn't seem to respond to words, so
|>I'm hoping that the written word will get the message loud and clear ...
|>that (1) You don't go to these sites or else (2) You'll get infected and
|>that (3) You need programs such as the above listed ones to protect each and
|>every system, even more so when "exploring" bad sites.

I run Opera, a HOSTS file, AVG antivirus, ZoneAlarm and Have ActiveX
disabled.

There is not a web page\site I won't go to, and I don't get malware.

Now if your friend downloads stuff he's dependant upon the virus
checker installed. An example, anything download'd (link'd) from
http://www.astalavista.us/ comes with a file name'd RUN.EXE it's
malware, it used to be START.EXE so they change it as required.

Avg comes into play here claiming it's ISTBAR.CL - ZoneAlarm with
virus checking capabilities let it pass.

A decent HOSTS file http://www.everythingisnt.com/hosts.html

--
http://opera.com/free/

Sens Fan Happy In Ohio wrote:

Maybe make the employees themselves accountable for their internet use:

http://www.accountabilityint.com/

Sens Fan Happy In Ohio wrote:
Perhaps you should approach it from a different tack. Do the powers that
be in your company understand the liability that they are exposing
themselves to? If a company doesn't actively take steps to prevent
employees from surfing to porn sites, they will get hammered with
charges of creating a "hostile work environment," and all the associated
liabilities that implies. Employers have been found directly and
indirectly liable under these rules for failure to protect their employees.

The small cost of putting into place a comprehensive plan pales in
comparison with the cost of litigating just one complaint (not to
mention any judgement resulting from such litigation).

In news:F5GdnclHvLKIiK_eRVn-3g@comcast.com, SgtMinor
<Sarge@the.old.folks.home.invalid> first attempted to communicate with pen,
but the writing was small, so next used sidewalk chalk, but the rain washed
it away, and then switched to spray paint and stencils but the cans
exploded, so placed fingers to keyboard for this:
No good ... read previous post to FML

In news:temdnYQLGebOha_eRVn-ow@comcast.com, FML <NoSpamForMe@Invalid.xxx>
first attempted to communicate with pen, but the writing was small, so next
used sidewalk chalk, but the rain washed it away, and then switched to spray
paint and stencils but the cans exploded, so placed fingers to keyboard for
this:
See that's just the problem ... I said "co-worker" in case someone gave me
some good info that I could print and show my immediate boss. But really
.... the problem is with the owner. He's the one with the bad surfing habits
and its affecting one other employee that goes to places like
SmileyCentral.com and downloads all that cutsey shit that messes up systems.
If the top guy does bad, why can't they all seems to be the motto. Hence
the reason I was trying to get a list of sites and then print them off so to
say, "Mr. Owner you are going to get X, Y and Z because of doing A, B and
C."

In article <i4udnXL-iOBkka_eRVn-tQ@adelphia.com>, Sens Fan Happy In
Ohio <GoingForTheCup@GoSensGo.com> wrote:

You write so much about bad Web sites and have almost no recognition
for where most come from -- e-mail!
Get them to use an e-mail program behaves properly and doesn't
automatically open and share every virus it gets.
Set a good e-mail filter on their server.
And turn off any and all notification from the protection software. If
their biggest problem is the 'intrusion' of the protective tools,
that's fine. There are plenty of free tools, and I'm sure the folks
that know them in this group will know which ones are better about not
being conspicuous.

I have been a computer consulatant for many years and I will now share
something that I had a very VERY hard time learning. Take it for what
it is worth. Since it took me years to learn, you might have already
guessed that I didn't believe it at first.

MYOB...mind your own business. If the owner of the computer doesn't
care, then you should butt out. That will probably be extremely
difficult for you, I was/is almost impossible for me.

It comes down to taking responsibility for your own actions. The owner
is responsible for what happens. When he/she does this action and it
causes a negative reaction, that is their choice. If he/she goes to
Baskin Robins and gets a flavor that you would hate, do you care? Try
to treat this the same way.

It is their choice. You have tried your best to help them make the
right decision, now let them make the decision, right or wrong. A ship
can have only one captain.

I learned that this is a no win situation. The absolute best that can
happen to you, if you persist to try to save this person from
themselves, is nothing. If you suceed, your efforts will be ignored,
but if you fail, you will be held to blame.

You cannot win. By playing the game you could loose, you could break
even, but you can never win this game. The best approach is to not
play at all.

Years ago, I could not do that. When I saw something that I could
improve upon, I would get involved even if the person said no. If I
was right, they wouldn't admit it or thank me. Often, they would chew
me out for interferring. I got in trouble a lot :-)

Worse yet, if I was wrong, I took all the blame. That isn't right, but
it is reality. Too many bosses will side with the person who puts on
the best show, not the one who's intentions were right.

Today, I ask for permission before attempting to fix something. If it
is given, I do my best. If it is not, I walk away. If the shit hits
the fan, I then say "I warned them, I told them I knew how to fix the
problem, they wouldn't let me do it." I now get in trouble a lot less.

One example: years ago, I was working on a tech bench. I saw one
particlar model come on at least three times a week with the same
symptoms. I determined the design defect and added a fuse to keep the
parts from being fried when it happened.

Did I get an award for saving our customers big bucks? Nope. I got
chewed out for changing the design. If the manufacturer wanted a fuse
in there, they would have put one in, I was told. No more fuses.

Is that a crappy commentary on life? Yes, it is. Is it reality? Yes,
it is also that.

My suggestion is to tell the person one last time and then let them do
their job, i.e. making decisions. Tell them what it is that they are
doing, what the results are, how it affects you, and that you can fix
the problem. Then let them choose.

In reading between the lines, it sounds like this might be a job for a
computer professional. You might be a little over your head,
thechnically. Besides, an outsider can say things to the boss that you
could not risk saying :-)

Those companies that offer the products that identify the problem, but
don't fix it, let you download a full version upon payment don't they?
This isn't a "I need the fix RIGHT NOW so I HAVE to use warez" issue,
it is a "I don't want to pay for it so I'll use warez" issue, isn't
it?

I don't want to start a big argument, but... If you can't afford the
cost of programs to protect yourself, you shouldn't be in business.
This opinon does NOT apply to home usage, just business and it is JUST
my opinion.






On Wed, 21 Sep 2005 21:46:32 -0400, "Sens Fan Happy In Ohio"
<GoingForTheCup@GoSensGo.com> wrote:

Sens Fan Happy In Ohio wrote:

Policies and procedures are worthless if 1.) they are not understood
and followed and/or 2.) they cannot be enforced. If the CEO/owner is
not willing to believe that malware can cost the company thousands or
more, then you might want to consider polishing up your resume and
talking to some prospective employers.

Other than that, MS Antispyware pops up every time something "new"
tries to alter the reg, link a dll, access the Internet, and pretty
much everything else - so it's hard to understand why these people are
not annoyed as Hell.

Also, on a more minor point, you can download a very effective tool for
removing trojans and spyware without going the Warez route (you should
know better than to go to Warez for anything.) Go to
http://www.ewido.net and download their 14 day trial of Ewido Security
Suite. Yes, it's a trial, but it does CLEAN the system and is perhaps
the best tool for the job I've ever seen.

Also, go to http://www.ccleaner.com and use their free tool. It does a
great job of cleaning up the mess left behind by your "unfriendly
visitors." It is not a trial, but it is upgragable (aren't they all?)

with a content filtering system (such as Squid using Dan's Guardian or
Squidguard) and force them to go through it. No questions, no
bargaining, no bullshit. Tell them it will speed up their connectivity
because it caches pages and cuts down on bandwidth usage - which is
true. You can build such a proxy for free - just find an old PC with
two NICs, install a Linux distro (Debian, FreeBSD, whatever) and
install the proxy server. If you have problems, there are mountains of
"How To" documents on the Web.

I've done this for two companies this month and the users have no idea
(I changed the browser settings to use the proxy by using a reg file -
see:
http://lists.webjunction.org/wjlists...il/009347.html)

Of course, the users ask "How come I can't open
www.hereisafreakinvirus.com?"
The company's IT guy says "it's our firewall - it won't allow you go
open viruses on websites."

Seems to work for them.

Indeed, tech person
- I just posted my response and then read yours. I'd have to go with
your response over mine... but, if the notion should strike him to try
and address the situation - perhaps I've offered something useful.
Then again...
:-)

"tech person" <none@none.com> wrote in message
news:6g53j1t3eh5b14c0hhahhni644huaj9amd@4ax.com...

Kyle

Take heed of "tech person's advice, just let it go or else you personally
are likely to suffer.
If you like the "co workers" attitude is " it's my sand pit and I'll play
with it how I like" and 'nothing' you say or do will change that.
The only way it will change is when the truth dawns on the "co worker" just
how much of a 'dick head' they have been (are!)
Just keep your PC clean and don't volunteer to do anything on your co
workers PC.

About your "compromise of my own desktop system trying to visit warez "
comment you made.
What you are in fact doing is just what your co worker is doing. i.e. going
to whichever sites 'you' feel necessary to get what 'you' want.
So now I'm going to put your hat on and tell you don't go to warez sites.
You won't get any decent tools there and you expose yourself to various
virus's and spy/malware.

So the boot's on the other foot now and perhaps you may start to see the
relevance of both 'tech person's and my advice.
Do your homework, sus out a local 'tech', and leave it to them.

By the way, Trial, pay us to fix it programs are as much scams as spyware
itself.
The only tools you need are all free and readily available off the web.
vis
Ad-Aware
Spybot Search & Destroy
Spyware Blaster
MS Anti Spyware (for the moment)
And any of the online Anti Virus scanners from Trend, Panda, Symantec......

Cheers
Paul.

Sens Fan Happy In Ohio wrote:
Why didn't you say the problem was with the boss? Was co-worker easier
to spell?

And, by the way, your attribution: "first attempted to communicate with
pen, but the writing was small, so next used sidewalk chalk, but the
rain washed it away, and then switched to spray paint and stencils but
the cans exploded, so placed fingers to keyboard for this:" is pathetic.

In news:l42dndaPk_tmeK_eRVn-vA@comcast.com, SgtMinor
<Sarge@the.old.folks.home.invalid> first attempted to communicate with pen,
but the writing was small, so next used sidewalk chalk, but the rain washed
it away, and then switched to spray paint and stencils but the cans
exploded, so placed fingers to keyboard for this:
As if it really matters, the reason was because I was going to SHOW the
owner the answers that anyone posted, as long as they were on topic and
intelligent and didn't go off on tangents about dribble. This may be Usenet
and some people may think that being the class clown is fine in life, but I
happen to think that using this as a resource for honest problems and
solutions is rather a keen idea than treating everything like a joke.

In news:210920051713151892%mitch@hawaii.rr, Mitch <mitch@hawaii.rr> first
attempted to communicate with pen, but the writing was small, so next used
sidewalk chalk, but the rain washed it away, and then switched to spray
paint and stencils but the cans exploded, so placed fingers to keyboard for
this:
And what are you talking about? I've never heard of Spyware or Adware
coming from e-mail, unless it's a phishing e-mail that you click on! And
besides that ... I happen to KNOW exactly where he's getting the spyware,
adware and Trojans from ... but I wanted a website that "explained" it since
he was not listening to me. ~shakes head in frustration~

Sens Fan Happy In Ohio wrote:
http://www.lavasoftusa.com/software/adaware/

look in the left hand column,next problem,getting them to read it.

In news:6g53j1t3eh5b14c0hhahhni644huaj9amd@4ax.com, tech person
<none@none.com> first attempted to communicate with pen, but the writing was
small, so next used sidewalk chalk, but the rain washed it away, and then
switched to spray paint and stencils but the cans exploded, so placed
fingers to keyboard for this:
I've read and re-read your response, even showed it to my immediate boss,
and to be honest ... we both think you're right on the money. For years
before I got there, my boss tried to solve all his issues and frustrations
.... usually having to call in the PC specialist that builds all the systems
(not very good IMHO, but that's another topic for another day). Hence the
reason when they had a position open for a graphic designer she looked for
someone with more PC knowledge than they had there ... someone for
day-to-day things and for emergencies that, hopefully, they'd not have to
pay an arm and a leg for. My boss agrees and we're basically going to do
whatever we can with the limited tools we have ... no more warez or other
things to "be sure" of solving the issue. If the owner messes it up ...
he'll have to pay for it.

As for my use of warez, I'm sure you're aware that when an owner screams
"it's broken, fix it" ... you do just about anything you can to do so.
AdAware, Spybot, and the residual program TeaTimer, weren't enough to stop
the most recent infection from happening. So I went to download trial
versions of CounterSpy after reading an article on its performance. And
since he was on ME at the time, MS' antispyware beta was out of the
question. After running all these programs I felt safe that the
Spyware/Adware was gone. Then I ran Symantec and it located several
Trojans. It could not remove most of them. Knowing that Symantec is pretty
much crap ... and seeing as how his IE6 was all but crippled, I had no
choice but to try other trojan removal programs. The best I could find was
TrojanHunter, at least from what I could read in 15 minutes ... so I got it
as a trial version. I used it and, other than a piece still left in the MS
restore area, the system was clean.

That's when my boss said, "What can we do to protect his system?" I
suggested CounterSpy in a 5-pack for his computer and 4 others all running
Windows ME or 98SE. The $100 was nearly choked on, but they did it. When I
suggested TrojanHunter I was shot down immediately. So my boss, who knows
about Warez, asked if I could crack it ... I said probably ... and did three
days later with a working crack. Why? Because my boss didn't want to have
the owner, a real hot-head, trample all over her as per usual and treat her
like shit. Being the kind hearted person I am ... I did whatever it took.
That's the reason I used Warez products ... plain and simple.

Sometimes the business world is not a nice place and owners of small
companies refuse to understand anything ... as per your post. But they also
refuse to see how important protection is no matter how many times you
preach about it. He has an addiction, plain and simple ... and tried to ram
it past us that he was only looking at a trade show website that took him to
a church site that then took him into porn. Now ... how many of you reading
this could ever look at the owner of your company and say, "Oh that's bull!"
See my pickle? I knew the truth ... it's happened three times since I
started there and always the Spyware pointed directly to one "type" of
website ... pornography. Do I enjoy sitting down there fixing his computer
and having him pace because he can't get into Ameritrade to do his stocks?
Hell no! But I also could not, in good conscience, say ... "Nothing I can
do ... call a professional" when I knew I could, with a little "help."

But after talking it over with my boss and discussing our mutual hatred for
fixing the messes of a 60-something horny old man ... we're done. We'll
bring in the PC guy from across town at $75 an hour and let him suck on the
bill and keep ourselves out and clean. My other reason, as if it isn't
obvious, was that I was the new person on the block and trying to impress
with what I could do despite the fact that it really wasn't part of my job
description. In the environment of today's economy (especially Ohio) you do
whatever or else they'll find some 20-something to do it at lesser pay
who'll leave in 2 years and be rotten the whole time there. I'm old school
.... a job is a job that you go to each day and do your best at no matter
what. Well because I know about Warez and how to get what I need for my own
PC (let's face it ... my graphic programs are NOT mine and you can't tell me
many that work at home who do pay $600 each year) ... so I thought it'd be
worth it to do for this company and to make me look just a wee bit more
important.

Call it stupid ... call it blind ... call it desperate. Whatever. But I
don't like the idea of having to call in some 20-something that is just
there to make his company more money when I could do it, save the owner
money, and maybe one day see it as part fo a raise. But now I am done with
it and my boss knows my feelings. In fact we both stripped off all the
Warez items I'd gotten for trojan prevention and such. Now if I could ONLY
convince them that Symantec is shit and that we really need something like
Trend Micro or PC-Cillin as our anti-virus. But no ... the PC specialists
that built these computers say Symantec is the best. Now ... maybe hearing
this ... some will understand WHY I don't like calling in "professionals."

Thanks Tech Person ... your words and time meant a lot, as did the advice.
It'd be nice if more people could be like you ... honest, professional and
to the point. But I guess that's not to be on Usenet ... place where class
clowns can still feel like big men on campus.

I am a network engineer at a Medical School and have had the same
problems with some of our users. Here are a couple of links hope they
help.

http://www.consumerwebwatch.org/dyna...everywhere.cfm
http://lister.evms.edu/virus/ie-secure.html


Sens Fan Happy In Ohio wrote:

Sens Fan Happy In Ohio wrote:

Brilliant. You were going to SHOW someone answers given by strangers to
a question that was poorly and improperly phrased. As long as they were
on topic, that is. Something *you* couldn't be bothered to do, now and
previously.

And after that warez reference you were lucky anyone gave you a response
at all.

Given that there was not a single smart-assed reply to your pathetic
post, it's not clear what you meant with the reference to class clown.
It appears to me, though, that anyone who posts with the attribution
line you use and this sig from your original post: "Reply address is
fake. Please send all praise, abuse, insults, bequests of $1-million US
dollars to sensfan_luvslisa (at) yahoo (dot) ca. Change the obvious to
the obvious. Oh, and if you must abuse or insult, don't expect a reply.
Money gets faster attention " would seem to be applying for the
position.

In news:4333376b$0$84815$892e7fe2@authen.white.readfr eenews.net, TNKEV
<servadvisor@ajeepdealer.com> first attempted to communicate with pen, but
the writing was small, so next used sidewalk chalk, but the rain washed it
away, and then switched to spray paint and stencils but the cans exploded,
so placed fingers to keyboard for this:
Well funny you mention this because I did print off quite a bit from here
.... but I don't know if it went over their heads or just was too "brainiac"
for them. But thank you for trying to help with info. It's much
appreciated.

In news:1127432451.866965.302360@g14g2000cwa.googlegr oups.com,
lamerson@hotmail.com <lamerson@hotmail.com> first attempted to communicate
with pen, but the writing was small, so next used sidewalk chalk, but the
rain washed it away, and then switched to spray paint and stencils but the
cans exploded, so placed fingers to keyboard for this:
Now THIS is very helpful! I'm going to browse through all of the first URL
and really print a lot of this. And I've already flagged the 2nd URL for
printing even as I type this so I'll have plenty of info. Despite my
earlier posting to "letting someone else handle it" this is going to be my
official notice that "here's the information ... read it or not ... but I am
done trying to babysit a system when I'm not even allowed to use the proper
tools to safeguard things."

Thank you SO much! This is absolutely perfect!