Welcome to Rich Wheeler's

Computer Lessons Learned

A lesson here and a lesson there....

  • Sanitizing Your Computer After Exposure to the Wrong Web Sites. 23 January 2006

  • "Rich,

    This kind of involves a bit of dirty laundry.......but anyway, I have a young son who, when using my computer at home, may not exactly be visiting web sites that are good. I know when you're in Explorer you can go to tools, internet options, and delete cookies, delete all offline files, and then clear history. But, is there any other place I can go to see what sites have been visited? Is there a record of them any place else on the computer?

    "Also, I have a Google question. It seems that when you go to Google and type in a letter in the search box, it instantly remembers and displays all the previously typed search criteria in a drop-down box or window. Must be taking up memory to remember and display all these old search items. How to I get rid of them. I've looked in Google preferences and can't seem to find a way. It must be a selectable thing because my computer at work in Google doesn't do this.

    "Thanks!!!"

  • I sympathize. Those sites are dangerous. It's hard to keep kids away from those mainstream media and liberal web sites.

    Seriously, I just cleaned hundreds of spyware files and a dozen spyware programs off the computer of someone who likes to visit "legitimate" gambling sites. (No, it wasn't the kids, it was their mother!)

    How thorough do you wish to be? You've probably done some of the following, but it's useful to me document it. Also, if you really want to investigate rather than just delete, read through the steps before executing them and highlight the ones that let you see the information before you delete it, and execute those steps first.

    Needless to say, update your virus scanner frequently. Every day is not too frequent.

    Also, open IE and click on Tools, Windows Update; then follow the instructions. You may need to repeat this if any updates require restarting the computer.

    I'm using IE 7, which is a little different from IE 6. Under Tools, Internet Options, General, Browser History Delete. The Delete All button is less work than what you listed. After that, still under the General tab, also click Browser History Settings. You can adjust the time that IE will maintain the history of sites visited. Click on View Objects and look for suspicious files. If you already cleared the history, then View Files should give you an empty list.

    Check the Favorites. When you mouse-over a favorite, a little window should pop up briefly that shows the URL where that favorite link can take you. If someone were sneaky, they could save a favorite and change its name. If the URL looks suspicious, right-click on it and select Delete.

    Under Tools, Internet Options, Programs, Manage Add-ons, look through the list for each pull-down option. Don't get carried away!

    Under Tools, Internet Options, Content, click on Autocomplete Settings. I think IE 6 had the button to clear the Autocomplete data here, but on IE 7 it's under the General tab.

    Another trick about Autocomplete: If you start to type something into Google and a pull-down menu of previous entries appears, you can use the Down Arrow key to scroll down to an undesirable entry and then hit the Delete key.

    Close IE to clear any cookies it had in memory.

    I have several browsers on my computer: AOL, AOL Explorer, IE, SBC-Yahoo, and MSN. (I hear good things about Firefox and plan to try it.) You'd have to go through all the above for each browser for each user account. The steps for other browsers might differ.

    Open Explorer (the one for files and folders). Navigate to your hard drive and click on it. Click on the Search button (or use right-click, File Finder). Search for all files containing "temp". Make sure the options are set to search all subfolders. When it's done, sort them by clicking on Type at the top of the table. Scroll to "Folder" or "File Folder" in the Type column. You'll find a lot of folders to open and look through, especially if you set up the machine with a separate log-on for each user.

    Now repeat the above step but use the keyword "cookies".

    If the younger guy might have saved graphic files, repeat searches for "*.jpg", "*.gif", and "*.bmp". (If you search with Explorer, you don't have to specify the file extension; just click on Pictures [etc] / Pictures and Photos) If you find suspicious files, open another instance of Explorer and view the directories in which you found the files.

    Repeat for movies.

    Empty your Recycle Bin.

    All those files still exist on your hard drive -- only the pointers to them have been erased. If you don't want them to be recoverable, you should get a drive scrubber. I'd check CNET.com for a free program with high ratings. Speaking of freeware, you might also find a program that erases your browser tracks.

    You need to install Spybot Search and Destroy and Ad-Aware SE Personal. Both have free versions for personal use. When you run them, make sure each has the latest updates. Run Ad-Aware first, then run Spybot. When you update Spybot, there's a pull-down menu that allows you to select the download server so you can select one that's near you. Run the Search & Destroy function, then run Immunize. Run both programs once/week or once/month, depending on how much browsing takes place.

    Spybot will take care of this step, but I'll put it here for completeness. Right-click the Start button, Properties, Start Menu tab, Customize button, Advanced tab, Clear List button. This will clear your MRUD (Most Recently Used Documents) lists.

    Now, that was easy, wasn't it?

    One time I was searching for free internet services like Juno and NetZero. A couple of hours per month just wasn't enough. I found a site that claimed to be such, although it was a gateway to porn sites. I figured they made thier money off subscriptions to the porn sites and I didn't mind getting web access at their expense, so I signed up. Well, they hijacked my browser and opened pop-up windows to a couple dozen porn sites. I nearly had a heart attack! It took over ten minutes to close most of the porn site windows and then I noticed that they'd installed a program that redialed my modem to a $4/minute 900-number. I stopped that program and then was able to close the rest of the porn site windows. (I should have turned off the computer -- but then I might not have been able to reverse-engineer all they had done!) That was when I started to panic at the thought about how my wife would react if she knew our computer had been connected to all those porn sites.

    That wasn't the end. The cows came home when we found out the pornies had also set up a bank account in my name and tried to milk funds from my existing bank accounts. I was able to control all the damage (including potential damage to my marriage), but it wasn't easy; and they continued to harass me about the 900-number charges for months. Plus, my credit rating still suffers from having endured "identity theft."

    It drove home the maxim about free lunches.

Page created: 23 January 2006 -- Last modified: 23 January 2006

The Exit Sign
to Rich Wheeler's
Kids, Don't Try This at Homepage!


Copyright, 1997 - Richard Wheeler.

Mail comments to: richwheelerDELETE_THIS@juno.com.

This page hosted by
GEOCITIES
Get your own Free Home Page!

1