cgott42
asked on
Workplace Porn Monitoring Software Info
Please be gentle here, this is a serious question.
I work for a large financial company, and have a company laptop.
Recently - AT HOME I used my computer for personal web browsing - and out of pure stupidity- I clicked on a link on you tube that looked "interesting". anyway, after one click to the next to the next I ended up seeing you tube edited to avoid showing nudity video clips of titles containing "xxx", "boobs", you get the idea.
Since they don't show nudity I stupidly figured it's ok, then found out that some links - open up new websites which show full nudity and some xxx.
It was a stupid moment of indiscretion that turned into 2 hours of "curiousity".
Now am I fried?
I haven't yet docked my computer at work, I've decided to take personal vacation days until I can figure out what to do.
I can wipe my hard drive clean and reimage the computer, but is it already too late? Does the monitoring software identify bad words, images and on the spot remotely sent flags to a central server - or does it only scan when I'm attached to the work network?
How can I tell?
Any idea?
How can I even tell what they are using and what they could/have already flagged?
I work for a large financial company, and have a company laptop.
Recently - AT HOME I used my computer for personal web browsing - and out of pure stupidity- I clicked on a link on you tube that looked "interesting". anyway, after one click to the next to the next I ended up seeing you tube edited to avoid showing nudity video clips of titles containing "xxx", "boobs", you get the idea.
Since they don't show nudity I stupidly figured it's ok, then found out that some links - open up new websites which show full nudity and some xxx.
It was a stupid moment of indiscretion that turned into 2 hours of "curiousity".
Now am I fried?
I haven't yet docked my computer at work, I've decided to take personal vacation days until I can figure out what to do.
I can wipe my hard drive clean and reimage the computer, but is it already too late? Does the monitoring software identify bad words, images and on the spot remotely sent flags to a central server - or does it only scan when I'm attached to the work network?
How can I tell?
Any idea?
How can I even tell what they are using and what they could/have already flagged?
Sounds to me like a job for:
http://www.ccleaner.com/
CCleaner is a freeware system optimization, privacy and cleaning tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. Additionally it contains a fully featured registry cleaner. But the best part is that it's fast (normally taking less than a second to run) and contains NO Spyware or Adware! :)
---
As long as they didn't install some monitoring software on your laptop that keeps it's own database this should do it.
---
Tolomir
http://www.ccleaner.com/
CCleaner is a freeware system optimization, privacy and cleaning tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. Additionally it contains a fully featured registry cleaner. But the best part is that it's fast (normally taking less than a second to run) and contains NO Spyware or Adware! :)
---
As long as they didn't install some monitoring software on your laptop that keeps it's own database this should do it.
---
Tolomir
If you can see that "intresting" content at home you aren't behind the corporate proxy! If its correct the IT guys can't see what you do at home over the Internet. But, if the IT guys installed a 'reporting' program on your laptop you has been caught. But anyway if I'm at you situation I clean the browser history and cache and cookies as well and think about a story by hoax mail what I got or whatever! :)
Good luck man!
Good luck man!
ASKER
Brum07: I'm not clear on what you're asking. re: my own internet link. I just typed in www.youtube.com then a few clicks, and few search words, and clicks and boom.
Tolomir- thanks I will try that.
Cook77- I think you've hit it on the head. This has me worried. Is there a way to tell if they have installed "reporting" software that would have flagged my activity and sent a report that night from my pc to their server?
I don't think I have a story to make up - as I did type in search words to find more info on the models that I saw on the youtube page. i.e. It'd be worst if I was caught and then tried to lie - only to be caught in the lie.
Is there a way to detect if they have reporting software?
Now I'm even more worried.
Tolomir- thanks I will try that.
Cook77- I think you've hit it on the head. This has me worried. Is there a way to tell if they have installed "reporting" software that would have flagged my activity and sent a report that night from my pc to their server?
I don't think I have a story to make up - as I did type in search words to find more info on the models that I saw on the youtube page. i.e. It'd be worst if I was caught and then tried to lie - only to be caught in the lie.
Is there a way to detect if they have reporting software?
Now I'm even more worried.
ASKER
Tolomir- I just ran ccleaner.
now the question is how to find out if they have reporting software on my laptop.
now the question is how to find out if they have reporting software on my laptop.
ASKER
Ok this is the sort list.
There are enough tracking tools, but it seems to be performance related or windows log file collecting.
Nothing pr0n scanning though
There are enough tracking tools, but it seems to be performance related or windows log file collecting.
Nothing pr0n scanning though
[?] - C:\Program Files\Objective Software\EventMaster\EventMaster.exe
[?] - C:\Program Files\Objective Software\MessageMaster\MessageMasterRelay3.exe
[?] - C:\WINDOWS\TEMP\JGE888.EXE
[?] - C:\Program Files\ESI\WIPushUser.exe
[?] - C:\Program Files\ESI\ShutMon.exe
[?] - O4 - HKLM\..\Run: [PushUser] C:\Program Files\ESI\WIPushUser.exe 10 PushUser.lst
[?] - O4 - HKLM\..\Run: [ShutMon] C:\Program Files\ESI\ShutMon.exe
[?] - O4 - HKLM\..\Run: [QveCtl2Tray] C:\Program Files\Philips\Aurilium Sound Agent 2\805cpl.exe
[?] - O4 - HKCU..PoliciesExplorerRun: [1] \endberm.netSysVolendberm.netscriptsLogonScr.exe /mode:AfterDesktop
[?] - O4 - HKCU\..\Policies\Explorer\Run: [2] C:\Program Files\ESI\LogonScrLocal.exe
[?] - O4 - S-1-5-18 Startup: Advanced Print Screen.lnk = ? (User 'SYSTEM')
[?] - O4 - .DEFAULT Startup: Advanced Print Screen.lnk = ? (User 'Default user')
[?] - O4 - Startup: WindowsEnabler400.LNK = C:\Program Files\WindowsEnabler400\WindowsEnabler400.exe
[?] - O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab
[?] - O16 - DPF: {3D3BF1F8-9696-4A5E-B4F1-49101C997B70} (VaxSIPUserAgentCAB Control) - http://labs.jaduka.com/VaxSIPUserAgentCAB.cab
[?] - O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocx
[?] - O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = endberm.net
[?] - O17 - HKLM\Software\..\Telephony: DomainName = endberm.net
[?] - O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = endberm.net
[?] - O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
[?] - O23 - Service: Energy Star(TM) EZ GPO Power Management Configuration Tool (EPA_GPO_PMService) - TerraNovum - C:\WINDOWS\system32\PMService.exe
[?] - O23 - Service: ObjSoft EventMaster (EventMaster) - Objective Software, Inc. - C:\Program Files\Objective Software\EventMaster\EventMaster.exe
[?] - O23 - Service: ObjSoft MessageMaster Relay 3 (MessageMasterRelay3) - Objective Software, Inc. - C:\Program Files\Objective Software\MessageMaster\MessageMasterRelay3.exe
[?] - O23 - Service: OPNET Application Capture Agent - Unknown owner - C:\Program Files\OPNET\AppCapture3.1\op_capture_server.exe
[?] - O23 - Service: WinINSTALL Scheduler (WinINSTALLScheduler) - VERITAS Software Corporation - C:\WINDOWS\system32\sswschnt.exe
ASKER
thanks, here's the prevx scan log
PrevxCSIScan.log
PrevxCSIScan.log
ok so prevx says everything is fine?
ASKER
Was that a typo (the question mark) or are you asking me (cuz I dunno).
i.e. Does it show that there aren't any reporting services running.
i.e. Does it show that there aren't any reporting services running.
Nope, I wanted to be sure that you got no malware on the computer. there is this C:\WINDOWS\TEMP\JGE888.EXE
---
I cannot (using the hijackthis log) identify any reporting software.
As said, there is a lot or reporting software installed but that seems to be only for performance monitoring not for content scanning.
---
I cannot (using the hijackthis log) identify any reporting software.
As said, there is a lot or reporting software installed but that seems to be only for performance monitoring not for content scanning.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
yes, says, status - clean.
ASKER
Thank you for your help and time checking the logs.
If so then there should not be an issue as long as you clear the browser cache as most monitoring programs record the address when you actually request it not after but it does depend on the software used.
I would be very surprised if anything has been logged.
Hope this puts your mind at ease slightly.