I sympathize. Those sites are dangerous. It's hard to keep kids away
from those mainstream media and liberal web sites.
Seriously, I just cleaned hundreds of spyware files and a dozen spyware
programs off the computer of someone who likes to visit "legitimate"
gambling sites. (No, it wasn't the kids, it was their mother!)
How thorough do you wish to be? You've probably done some of the
following, but it's useful to me document it. Also, if you really
want to investigate rather than just delete, read through the steps
before executing them and highlight the ones that let you see the
information before you delete it, and execute those steps first.
Needless to say, update your virus scanner frequently.
Every day is not too frequent.
Also, open IE and click on Tools, Windows Update; then follow the instructions. You may need to repeat this if any updates require restarting the computer.
I'm using IE 7, which is a little different from IE 6. Under Tools,
Internet Options, General, Browser History Delete. The Delete All button
is less work than what you listed. After that, still under the General
tab, also click Browser History Settings.
You can adjust the time that
IE will maintain the history of sites visited. Click on View Objects
and look for suspicious files. If you already cleared the history, then
View Files should give you an empty list.
Check the Favorites. When you mouse-over a favorite, a little window
should pop up briefly that shows the URL where that favorite link can
take you. If someone were sneaky, they could save a favorite and change
its name. If the URL looks suspicious, right-click on it and select
Delete.
Under Tools, Internet Options, Programs, Manage Add-ons, look through
the list for each pull-down option. Don't get carried away!
Under Tools, Internet Options, Content, click on Autocomplete Settings.
I think IE 6 had the button to clear the Autocomplete data here, but on
IE 7 it's under the General tab.
Another trick about Autocomplete: If you start to type something into
Google and a pull-down menu of previous entries appears, you can use the
Down Arrow key to scroll down to an undesirable entry and then hit the
Delete key.
Close IE to clear any cookies it had in memory.
I have several browsers on my computer: AOL, AOL Explorer, IE,
SBC-Yahoo, and MSN. (I hear good things about Firefox and plan to try
it.) You'd have to go through all the above for each browser for each
user account. The steps for other browsers might differ.
Open Explorer (the one for files and folders). Navigate to your hard
drive and click on it. Click on the Search button (or use right-click,
File Finder). Search for all files containing "temp". Make sure the
options are set to search all subfolders. When it's done, sort them by
clicking on Type at the top of the table. Scroll to "Folder" or "File
Folder" in the Type column.
You'll find a lot of folders to open and
look through, especially if you set up the
machine with a separate log-on for each user.
Now repeat the above step but use the keyword "cookies".
If the younger guy might have saved graphic files,
repeat searches for "*.jpg", "*.gif", and "*.bmp".
(If you search with Explorer, you don't have to
specify the file extension; just click on
Pictures [etc] / Pictures and Photos)
If you find suspicious files, open another instance
of Explorer and view the directories in which you
found the files.
Repeat for movies.
Empty your Recycle Bin.
All those files still exist on your hard drive -- only the pointers to
them have been erased. If you don't want them to be recoverable, you
should get a drive scrubber. I'd check CNET.com for a free program with
high ratings. Speaking of freeware, you might also find a program that
erases your browser tracks.
You need to install Spybot
Search and Destroy and Ad-Aware SE
Personal. Both have free versions for personal use.
When you run them, make sure each has the latest updates.
Run Ad-Aware first, then run Spybot.
When you update Spybot, there's a pull-down menu that
allows you to select the download server so you can select one that's
near you. Run the Search & Destroy function,
then run Immunize.
Run both programs once/week or once/month,
depending on how much browsing takes place.
Spybot will take care of this step, but I'll put it here for
completeness. Right-click the Start button, Properties, Start Menu tab,
Customize button, Advanced tab, Clear List button. This will clear your MRUD (Most Recently Used Documents) lists.
Now, that was easy, wasn't it?
One time I was searching for free internet services like Juno and NetZero.
A couple of hours per month just wasn't enough.
I found a site that claimed to be such, although
it was a gateway to porn sites.
I figured they made thier money off subscriptions to the porn sites
and I didn't mind getting web access at their expense, so I signed up.
Well, they hijacked my browser and opened pop-up windows to
a couple dozen porn sites. I nearly had a heart attack!
It took over ten minutes to close most of the porn site windows
and then I noticed that they'd installed a program that
redialed my modem to a $4/minute 900-number.
I stopped that program and then was able to close
the rest of the porn site windows.
(I should have turned off the computer -- but then
I might not have been able to reverse-engineer all they had done!)
That was when I started to panic at the thought about
how my wife would react if she knew our computer
had been connected to all those porn sites.
That wasn't the end. The cows came home when we found out the
pornies had also set up a bank account in my name and tried to
milk funds from my existing bank accounts. I was able to control
all the damage (including potential damage to my marriage),
but it wasn't easy; and they continued to harass me
about the 900-number charges for months. Plus, my credit
rating still suffers from having endured "identity theft."
It drove home the maxim about free lunches.
