I need some serious help!
My manager called me in today regarding internet.
So there I am, sitting confused. He then shows me a list with 19 items. Ranging in size up to 6.7MB. Everyone of them has the web address 'don'tclickthis.whatingods.name'
I'm still sitting confused and I don't know what this is? I'm told it's bad stuff! I ask if he knows what any of it is and he tells me that one is a dead polar bear! one is a naked woman! one is a child!
I am now going to be investigated!
Now, as I explained to him, I have never heard of this site. I have never looked at anything like this and I certainly wouldn't go looking for stuff like this. I have never seen any of the images or whatever they are (the large files must be video or something?). I get home and look it up and see it looks dodgy from just the first page - I certainly didn't click on any of it!
I'm gobsmacked! I have no idea where/how/why any of this haas happened? I have never downloaded anything except uni work (concrete centre etc) so I don't even know what I should do?
My mate who sits next to me says not to worry as it'll be a virus or something but I am worried - I don't have a clue how any of this works.
I don't know how I can defend myself for something I haven't done, don't know about or anything.
What can I do? How can something like this happen?
Thanks.
Dead polar bear pron?
Did they say you had been browsing to those sites or downloading ? or been emailing them ?
zed really is dead.
sorry 🙂
they say it's downloads.
Even if it were browsing I would remember the images - 2 were from last Wednesday and Thursday - my memory isn't that bad.
And now having looked up the site on my machine at home I know I've never seen it before. Ever!
Who is investigating ?
I would be very careful but they should/will be able to prove if it was you....or not.
Someone used your 'puter when you went to bog/lunch/meeting?
Has anybody used your logon? Did you leave your PC unnatteneded without locking the screen?
Does your company have an IT policy? If so does it have internet browsing guidelines? Did you sign it?
what kind of log?
why does he think it's you? here, to get on the internet, you have to log in, and transactions are logged against my username - if someone else gets my password, it's my problem.
logs should have dates and times against them - check them, were you at the computer at the time? was it left switched on and unattended
logs should also have ip addresses against them - do you use dhco pr fixed addeesses, if fixed, does it correspond to yours?
First thing first, being an IT manager and having found pages viewed at work that shouldn't have been I know how I would deal with it.
The best thing for you to do in all cases is be honest, not saying you have done anything wrong but if you point out any sites you shouldn't have looked at i.e facebook, ebay, STW etc etc. this will show you are being honest. Most people have a browsing habit, if you have looked at uni sites etc you should tell them about them and they should have it logged. If you are using internet explorer, press CTRL and H and this will bring up your browsing history, look back and see if the sites are in the list. If they are then you will have to prove someone gained access to your login and has done this without you knowing. See if you can get a witness that you weren't on your desk at the time.
It's a hard one to prove although IT may have got it wrong. It might pay for you to have a word with IT and ask them (nicely) how they have found this out and what made them think it was you. Different logging systems use different ways. Older systems use computer names or IP addresses or others use user names - if it's the username one get your password changed and get them to monitor it for you to make sure no one is doing it whilst you aren't at your desk.
Any help just ask.
I have to log on to my pc. I have never ever told anyone my log in or password. The office is open plan so someone would see if anyone was on it. Plus it's too many times for someone elso to be doing it.
There is a log but all I saw is a basic list - every one of the 19 downloads was from the 'dontclickthis.whatingods.name' site - of which I have never heard of, never been on, didn't have any clue about it until today.
IT dept is investigating. I don't know what type of log it is? there are dates and times (hence I know last Wednesday and Thursday).
logs have IP addresses - I have no idea about this? I don't know much about this side of things?
All I do know is that I have never looked at any of this - or even this type of stuff at any time. I would remember.
I do remember in the past that a chap from head office emailed me to ask me to close a document he wanted to use. It was a file I had never heard of, never seen and I don't even have access to their server! And I didn't have it open. I emailed IT at the time to ask why this would happen? Never got a reply.
Find that email sent to IT and keep a copy, could be handy.
Little note, I once caught my boss surfing p0rn sites. Was very strange as I knew he'd get the sack if I took it further and he had a family etc. Told him I would check his surfing habits daily and if he did it again I would take it further. Needless to say he didn't and never bothered me about anything. Always kept a copy of the logs whilst I worked there though just in case - lol
Thanks Jackass123456789,
I have been very honest. I geniunly don't know what's going on and it's really worrying me. I browse the same sites regular and they're not dodgy. The thing is it's not various sites - just the one site mentioned above. It seems to be some sort of hosting site for files. Not a very nice one at that.
I'm pretty sure I did keep a copy of that email.
IP addresses are a series of numbers that get allocated to PCs when they are on a network. If things are logged to IP addresses you have to check what PC that IP address has been allocated too. Issues with this is that when an IP address is allocated it is given a lease, if not used within a certain time it goes back in the pot to be allocated to another PC. Depending how PCs are used etc. you could have an IP address that was previously allocated to another computer and have it now but was it was used incorrectly when allocated to another PC. They could have just got your PC mistaken with another. It might be IP 192.168.1.156 is allocated to PC-151 and you are actually using PC-152.
Have you googled the site name to se if there are any other people with issues from it?
From your home PC obviously 🙂
You might want to speak to HR and get confirmation of how official it is already.
I had the same once when I found one of the directors had been visiting some very strange sites(Grannies and Dwarfs, I kid you not !!)
The MD insisted I forgot what I saw !!! So I documented everything and sent it all to him special delivery and kept a copy for my records, all very dodgy.
Zesdead
See my earlier post ref your companies documentation, did you sign anything or have you been made aware of its policies?
This may have a bearing on how they proceed.
Have files been found on your hard drive? have they (IT) looked?
We use username logging here as it's a bit more unique as you haven't got to worry about different computers etc. The only issue is if someone knows your user ID and password. I used to work for a senior school and found kids with porn etc in their user areas and always found if they were honest they'd get away with it whereas the ones who denided it got the heavy treatement. Like the guy who sits next to you said, it could be a virus or that the system has just got it wrong. I wouldn't worry too much as it is hard to prove it 100% and if they can't prove it 100% you can't really do anything. You might just get monitored and told by your boss to be carefull in a non offical telling off!!
If you are really worried go and see your boss and explain that you are worried and that 100% you don't know what it is. He'll be the one deciding what to do at the end of it.
I once got in trouble for excepting a gift from a supplier and the company found out. I was told I was in serious trouble and worried like mad for over a week, when it came to the meeting to find out what was happening it was a very jokey meeting and we weren't even told off. Just told to give the gifts back and we shouldn't accept them again.
I did sign an IT policy. It states don't look at this or that - dismissal for this and that.
So I've never done it!
IT will look this week, but I know I have never downloaded anything. Please trust me on this - I'm worried because I know I've never done anything like this but I don't understand how something like this could happen.
If I had done something like this I wouldn't be asking for help - I'd just go looking for another job.
This is scaring me.
I have no problem in them designating monitoring software directly on me - I have nothing to hide, I never have.
It's all very serious though.
I'm truly gobsmacked! I geniunely don't know how any of this can be?
I'm worried, very worried but the more I rack my brains about it the angrier I get as I know 100% that I have done nothing.
Deffo have a chat with your boss and explain, cant hurt
I tried to have a chat with my boss but he says he can't really talk about it. He has to remain impartial. I'm told I'll get a letter with the time for a meeting with HR. I don't know who else?
This kind of stuff is dismissal stuff, but as I said I don't know how/why etc.
The bloke sitting next to you who said "My mate who sits next to me says not to worry as it'll be a virus or something"
Strikes me as a slightly odd thing to say. Can you trust him 100%?
The way I see it is that if they had 100% hard evidence you'd have been called into the office with your boss and been dealt with.
You have been shown a list of what you describe as a list of downloads and you are linked to it and IT are investigating it. IT should already have the evidence if they think it was you but I expect IT have to investigate as it isn't 100% clear cut and could be a virus etc.
Speak to your boss but I wouldn't worry too much (easier said than done). They would need hard evidence that you did it which would include files in your area or on the computer, times, multiple occasions and / or someone visually seeing you do it. They would have to prove 100% that it wasn't a mistake or a virus to do anything as well.
I can trust the guy next to me.
Thanks Jackass123456789, it's a little re-assuring. As I said, I worry because I don't understand any of it or how any of this works. It wise that is.
All I have in my defense is that I really don't know how it would be there? why it would be there? I've never even seen it?
Scary!
If it doesn't fit with your regular browsing habits (if you generally only go to the same sites all the time) then make sure you stress this.
There's a lot to be said for profiling, and if you can get them to check their logs and show that you generally only browse 10 - 15 sites regularly then this can help you out no end.
Also get them to see what sites were accessed around the time that the files were downloaded. If these are the same each time then you can get them to check these sites to see if they were loading something in the background which you might not have been aware of.
At the end of the day as people have said be honest and hope that your previous browsing history supports your claims.
Good luck
again - why does your boss think it's you? there are a number of ways accessing the internet can be tied to individuals or computers, some more reliable than others. there are methods where, if security is lax enough, someone can acces the internet pretending to be someone else without a password?
However, there some so-called "IT Managers" who really don't have a clue, and having found that someone is messing about on the internet, and not having the technical skills to catch them/stop them, will just resort to some kind of bullying. jackass has pretty much got things right there with regard to if they [b]knew[/b] it was you, they'd have acted.
How was that picture redirecting thing working a couple of weeks back? Remember - some folk were posting bike pics but they were showing up as porn.
My boss is just telling me what HR/IT have told him. I know as much as he does at this point in time.
Technology wise I don't have a leg to stand on as I don't know how any of it works?
Feels like I'm being set-up.
druidh - That'll be referrer related (I've done it both with and without offensive imagery in the past) and he'd have seen them come up in his browser.
If I were you I'd specifically ask to see what evidence they have that it was you and take it from there. Strenuous denial can't hurt but to be brutally honest, if I have evidence of a download that I trust, I'll take that over a someone denying they've done anything wrong. They may just have suspicion but the sooner you know why the finger was pointed in your direction the better.
There's numerous possibilities but depending on the content of the files, you need to take it seriously and once you've got it cleared, ensure ALL notice to it in HR is removed and you have a note on your file to say the same.
Get them to tell you your regular browsing sites, if they cannot how can they pin this on to you.
Ask for evidence as to the times things were down loaded, correlate what you were doing at the time. If you were with your manager or someone senior as a alibi it makes for a case that your IT nerds are talking pants.
There are a load of ways to log internet traffic to and from a machine, without knowing which one they use the advice above is useful but not conclusive. Still saying that I can break most systems (and get paid for it) and not get caught.
If you need advice you can email me or I am sure almost anyone above. Chin up most of these things go no where.
BTW is yours a private or public company?
They are a Ltd company - why do you ask?
I have no idea how they log anything. But I know they do.
I've done a little digging myself and the site in question (there is only one) is one that I have never been on, never heard of (until yesterday) and is not the type of thing I would go looking for.
I found something saying that the .name domain harbours hackers and "malware-spreading machines, zombies, and botnet control servers located under the .name space."
I'll need to look further into it myself.
What I did notice from the spreadsheet my boss showed to me was that there are 19 individual files. The total size is 40MB. There are 12 seperate dates, 3 of which were last week. The times are around about lunch time. Now, these are large files - I would notice them. But I haven't seen, been or noticed any of it. This is what worries me. Is it possible there is something going on in the background?
Or, could a site I browse be doing it?
I use the same half a dozen sites both at work and at home. I've been using them for years and never had a problem.
I am worried as I don't understand or know what is going on. Also, our IT dept have a history of being very poor. Our anti-virus software hasn't been updated for months. Last summer anyway.
>I am worried as I don't understand or know what is going on. Also, our IT dept have a history of being very poor. Our anti-virus software hasn't been updated for months. Last summer anyway
Hmmmm, it's possible that you've got a virus/trojan/whatever running on your PC which could be accessing dodgy stuff. Although a quick google didn't show up anything like that. Ask them (IT dept) to perform a full virus scan with new virus definitions on your PC. And scan for trojans/malware also.
Make sure your boss knows they are going to do the full scan... I would imagine that the IT Team would not want it being known that they let a virus cause such problem, and would not be shouting about it if they found one, they might just clean it and make like everything is OK..
Well it wouldn't be the first time. A few months ago a couple of people in the office got viruses via facebook. 'I found a video of you' or something? They took them away to fix but still didn't update the offices software.
I still think it could be something else though?
Being sacked for something I haven't even seen though - scary!
Do you keep your password secure, do you log into and out of your PC?
I'd have thought they would have had ALL the info when they pulled you in, not 50% of the facts.
If the antivirus is out of date, its a good indicator that the whole firms IT is under-protected.
Stick to your guns, either someone has been using your PC when you go to the loo, or your PC has been attacked, or your IT dept are idiots, or your firm is trying to make up lies to reduce staff.
Bear very clear, unless your IT dept can demostrate it was you they would have a hard case sacking or even disciplining you.
Keep us posted, I'd like to know how this progresses. If IT play "hard ball" I'm sure we can tell you what to retort with given they dont seem to have a real handle on their own infrastructure.
Good luck
Thanks, I will.
I have a meeting this Friday I'm told. Until then I'm at home on full pay!
It's worrying also because I'm 32, have a wife and 3 kids, I help run the local beavers and cubs and also help run a BMX club.
This kind of stuff could really mess up my life and I don't know how any of it is happening?
Another IT Manager here...
Well it wouldn't be the first time. A few months ago a couple of people in the office got viruses via facebook. 'I found a video of you' or something? They took them away to fix but still didn't update the offices software.
If they're this lax then you could have all sort of viruses, etc running on your system/computer/etc - They'd be on very shaky grounds if they tried to fire you for something like this when they can't prove it isn't a virus. I'd suggest collecting any evidence you can about poor IT practices just in case to back you up.
Remember, most people are scared of IT and will not want to take the risk of firing you if they feel that they could be challenged in court and this would seem to put you in good stead even if in the worst case it means that you get an official warning (though if it was me I'd even be challenging that)
IanMunro:Dead polar bear pron?
Niche-tastic.
Zedsdead - I would point out your good character in your meeting with HR, as a Scout leader I know how important CRB checks are! Also, as been said before its their responsibility to prove it was you and not a virus. I sense that they want to find a scapegoat.
Sorry to hear you're having a hard time with this, it sounds like an awful situation to be in. As an IT system admin I can let you know that if I had admin access (like most of your IT staff do) over your PC then I could connect to your PC from another PC without you knowing and deposit files in your folders and then clear the event log of most of the evidence that i had connected. Someone would have to be pretty strange to do this type of thing. Are you using a laptop? if bluetooth was turned on someone might have bluejacked your laptop and be using it illegally. Alternatively is you use wireless or have a wireless network in your office then someone could have connected to that and hacked your PC. Most of the time companies will no change the wireless network key when an employee leaves the company, they should. He could sit outside the office with a laptop and connect to the work network and do some damage.
I suppose they'd need to provide evidence of times and dates of when these sites were visted, it strikes me as strange that your work actually allow these types of sites to be viewed at all!! Most places have the internet locked down so you can't even get onto facebook!.
I hope this clears up for you.
Zedsdead,
Basically your PC is infected / hijacked / hacked by malwares as simple as that.
What it does is to high behind your system to download or to use your company site as "storage", bandwidth etc ...
I suggest not to use your PC for sensitive work as it could even be stealing information.
Your company's IT security must be asleep to let the system get infected and to turn into Zombies ...
You are [b]NOT[/b] to be blamed as anyone can get infected by "drive-by-infection" simply by searching / googling for information. Most company still use stupid IE brower ...
If your company is using IE browser then that is lame .... tell them to start using Firefox with NoScript extension as bare minimum.
The people to be blamed are the IT people for poorly maintaining the IT security.
If they are trying to blame it on you then get some IT security experts to act as independent investigators to find out where the system breach started in the first place.
FFS! Your IT people should have a list of updated sites IP addresses that are permanently blocked.
Thanks everyone, this is helping me a lot. I've never been in such a stressful situation!
There is some form of filtering software as nobody can access the likes of facebook etc. I'm using a desktop machine, our network is a Novell server and that's about as far as my knowledge of it all goes. And yes, they use Internet Explorer.
This morning I was wondering (I have a lot of time to think just now) if someone could be putting something on my machine? But then I find that pretty weird behaviour for someone?
I also find it weird that a site like that could be accessed at all at any work place. Having never seen it until I got home, it's not something I have any interest in.
It's most weird that your firm is in one respect taking this seriously (they've sent you home) and in another respect don't seem to know their asses from their elbows (havent provided any "real" evidence that you did this). Sounds like a dodgy company, with an even dodgier IT infrastructure and a really crap HR dept. Good luck, dont let it get you down. Truth will prevail, if it doesnt then a tribunal will see sense. Just make sure you keep posting updates, there are loads of IT folk on here who have vastly more knowledge than the cowboys at your work.
I will indeed keep you posted.
The knowledge on here is a great help as my knowledge on this is pretty much nil.
I'm about to get in touch with a colleague who a good while ago was having various problems with his PC. Programms would crash all the time etc. I'm seem to recall that IT tried running spybot - nothing found and problems persisted. They tried something else and it got worse. In the end I think they just took it away and formatted the machine and then returned it?
Cheers
[i]If your company is using IE browser then that is lame .... tell them to start using Firefox with NoScript extension as bare minimum.[/i]
That would go down like a lead-balloon at my place. I doubt IT would appreciate the 'advice' from somebody who has admitted that they don't understand this stuff. Strangely my employer runs IE just fine (although I choose not to at home)
I get this alot, "IE is crap" "dont use it" etc
IE is the only browser that can be centrally managed and updated in corporate environments. The hundreds of config and security settings can be controlled by group policies very quickly and easily. And how would a corporate cope with patch management if they used Firefox?
Bottom line, IE is the only candidtate for big firms who take control and security seriously.
Do I use ie at home, no, would I consider using non-ie browsers at my firm, no
Get your collegue to check Help and About in IE, get the [u]whole[/u] version number. This should be something line 7.0.5730.11 and will tell you how up to date the security updates in IE are. Also, what brand Anti Virus are you running, and when was it last updated? If you can get your collegue to check Windows Update on ANY PC in the office this would be a good gauge to see how patched the PC's are too. I suspect everything is out of date and vulnerable to attack.
I get this alot, "IE is crap" "dont use it" etcIE is the only browser that can be centrally managed and updated in corporate environments. The hundreds of config and security settings can be controlled by group policies very quickly and easily. And how would a corporate cope with patch management if they used Firefox?
That's all very true, and here (5000+ users) we use IE. BUT, in this case, the IT dept seem not to have much of a clue and any form of centralised management is beyond them. Centralised management is the only reason to use IE, otherwise it's slow, unreliable, insecure bloatware that I wouldn't dream of using on my home machine (which is Linux, so it's a moot point anyway).
Totally agree, they seem too lax in their approach to IT to then be bothered enough to send the guy home. Very strange
as TandemJeremy hasn't popped 'in' I'll say it....'can you join a union' / get some professional advice (not us lot!)- especially if your employer might use this to reduce their head-count.
May I suggest another post e.g. 'Employment Law Help Required' as you might attract a different crowd to your post.
I have an update - I shall post it later when I get the chance.
Right, I have some form of report through the post now. The letter states 'you viewed sites showing pornographic and grotesque images such as; dontclickthis.whatingods.name & meatrolled'
Now, I know this is not the case. The meatrolled is a new one to me too.
They have given me a list which is some sort of log and goes like this:
04/03/2009 12:21 dontclickthis.whatingods.name (then IP address) my name, my office, file size
The list continues, in the space of one minute there is:
mlehworld.com (yes, I use this)
ww.scotroutes.com (never heard of)
images.fotopic.net (I know what this site is)
ww.comedy-zone.net (never heard of)
i41.tinypic.com (never heard of)
ww.meatrolled.com (never heard of)
ww.infoslash.net (never heard of)
ww.infoslash.net (it's on twice)
files.adbrite.com (never heard of)
ads.grx.adbrite.com (never heard of)
ads.adbrite.com (never heard of)
graphics.pop6.com (never heard of)
banners.adultfriendfinder.com (never heard of)
ww.meatrolled.com (never heard of)
graphics.adultfriendfinder.com (never heard of)
ww.meatrolled.com (again)
ww.meatrolled.com (again)
Then 2 minutes later it's hotmail, which I have an account with.
I've looked at 17 sites in one minute! What on earth is going on here? I use Mlehworld both at work and at home, never had a problem. What I don't understand is that everyone of the other sites I have no idea of? This is all I have from them.
I'm now finding it all very bizzarre, I still don't have a clue what's going on and from looking through the list they have given me I know for sure that I have not seen, been or done any of this!
Can anyone shed some light on this for me please?
Many thanks
Please note - I have edited the www so that they don't link. I haven't looked at any of them and don't intend to. I don't want anyone here clicking them.
I am not too up on the technicalities but I think certain files and links are opened when you visit certain sites (it could be from Mlehworld but not sure). I am pretty sure that the 'ads.adbrite.com' is an advert on a page like the ones at the top of this page.
Someone will no doubt be along shortly to confirm/ridicule me!
That is a list of requests made from your browser - doesn't mean that you made them.
When you load up a page, if there are links to other sites for in-line images, ads etc. the browser makes them without your intervention. That is what that list looks like. If they are allowing scripts through the firewall, then it's even worse.
I would second the suggestion of getting a union rep involved if you can. That evidence needs to be reviewed carefully.
Ok - I've just had a look.
Those dontclickthis domains are where some users on mlehworld forums are hosting their avatars.
So basically, when you go into a forum topic, your browser requests all the users avatars and the inline pics - hence all the weird and wonderful domains.
*Edited to remove the scotsroute bit*
Someone's hopped onto your PC whilst you turned your back
or
You machine has unknown malicious software installed
or
You did this yourself
or
They've falsified the logs
You never clarified the points regarding your firm's patch management, or the anti virus, or the how strict your password policy is?? This would be useful if you want anymore advice mate 😕
Agree with the last poster, no harm in doing another post headed Empolyment Law Advice etc
what shakey said. It sounds like a load of hooey to me - I'm not sure your IT department know what they're doing.
It looks there's been a host of pop-up windows opened linking through a lot of the above sites. Does their url list show clicks through a particular site?
There's nothing you can do if an 'innocent' (ie. mlehworld) webpage opens a popup (via an advert or scripting) to abadpornsite.comy - you're going to get stuck with that url on your log. This could be done via malware or viruses. HOWEVER - if you clicked through some of the content this would be obvious - ie. you're on badpornsite.com/index.html and click a link to > badpornsite.com/grannysubsection.html then they'd have a case to argue.
Just my 2p's worth. I can't believe that they're continuing with this on this basis. ..
If it's going to that many sites that quickly, I'd suspect some sort of Adware or malware.
I'd be asking how your name is linked to those sites and get them to prove it
Also you must take someone else in with you to the 'interview'. Record the interview as well
I don't think it's from Mlehworld as I use it at home too and have never seen any of these sites listed.
I just checked by going to it there, Mleh has no adverts at all on their site.
I'm even more confused?...
doesn't have to be from mlehworld - could be from a dodgy spam email via hotmail.
have people been hosting dodgy images on mlehworld? When you have opened a forum thread, the images may have been embedded by a forum poster and your browser will have nipped off to the dodgy site toi collect them.
I think that will be a big part of your problem, you're visiting a largely unpoliced forum using your work computer.
"Ok - I've just had a look.
Those dontclickthis domains are where some users on mlehworld forums are hosting their avatars.
So basically, when you go into a forum topic, your browser requests all the users avatars and the inline pics - hence all the weird and wonderful domains. "
Okay, this makes some sense to me now.
I'll find out about their antivirus software and repost...
So in the interests of investigation i logged into them all, well all that aren't pop-up and adware managers.
The only one of any significance is meatrolled.com, which is an interesting one. It locks you out, sings round and around at the top of its voice and shows a nice picture of some bird getting it. Ie advertises to all an sundry in your office that you are watching porn. It won't let you close the window with the normal tabs, and the only option is to give it the 3 finger salute or turn off.
The site solely exists to send your mates to to get them into trouble at work. very funny, but not somewhere you would go unless sent. Unless someone was trying to screw you over.
At a guess I would say, you do indeed have a virus, trojan etc, or have been hijacked.
Best thing to do would be to ask for another computer and to have work 'test' yours by going to the sites that you normally visit and see what 'appears' as this takes place.
Or they could just be trying to **** you...
Either way you need union/legal advice from outside the company.
Zedsdead - When using Mlehworld you won't see/know whats happening, the links are just open in the background.
When you are interviewed by HR the honesty is your best approach but as been mentioned take a witness and get it recorded.
Seems like your IT dept are good at recording this kind of activity but not at preventing it!
udging by the number of ads.xxx and imnages.xxx I'd hazard a guess that mlehworld.com is hosting adverts that are links to the advertised site.
Specifically, i'd look at adultfrienfinder as your problem. I've seen it before and it's a sex-related site advertised using pictures of naked or near-naked women, no more offensive than say, page 3 of The Sun, but what with breasts and nipples being on display that may be enough to trigger an "obscenity" alert for someone. And, as it's a site that let's you sign up to meet "singles for sex in your area", the context may be your problem.
At home, I would check mlehworld, look at the adverts, are there any iffy ones, if so follow the links to be aware of the context of the adverts so you can at least know what their problem is. Also, if the site id advertising dodgy adult material, then it probably is a dodby site and those files you downloaded were done by the site, not you. your IT people should be aware of this, and you should point this out to you manager/HR people.
Standard practice (for me anyway)was always to havea look at anything suspect and try to place it in a context, but I've also assumed that most people are not so think they would download porn at work so there's a reason why this is happeneing - check it out before assumming the worst.
All the best with it.
Seems like your IT dept are good at recording this kind of activity but not at preventing it!
That's for sure.
That list is also only for top level domains - if they have the complete url that was used at that time e.g. http://mlehworld.com/forum/viewtopic.php?t=xxxxx just entering that into a browser will show them how the images were loaded.
..and another thing WTF are they doing letting you use Hotmail at work? Mail should come through the business mail server and be scanned for viruses on arrival. Opening your systems up to Hotmail (or any external webmail) is competely amateur. Do they not know ho viruses spread?
Well you'd be hard pushed to spread a virus from hotmail unless your internal IT team doesn't keep the AV software up to date or you were allowed to download the email to your PC but again, AV usually sorts that out.
MSN Messenger is far more invasive.
..if someone sends you a file and you open said file, where do any macros or programs execute? AV will sort that out as long as a -it's up to date, which given by what I've read so far, I'd doubt, and b - the AV software recognises the virus, which isn't always the case, and as IT in this case seems to be of the cheapo variety, the AV software may not be the best.
If I wanted to spread a virus, hotmail is one place I'd start.
Zedsdead - could be mleh avatars though. While mleh has no adverts or popups or any of that kind of trash, ppl like forky have all kinds of stuff as avatars from all kinds of places ...
Do you use worksafe at work? If not you should. I do. Under 'profile'. Only the full hilarity can be unfolded at home.
oh and never never click the pictures of cute fluffy bunnies i post.
tard.
Zedsdead - MemberThe list continues, in the space of one minute there is:
mlehworld.com (yes, I use this)
www.scotroutes.com (never heard of)
Scotroutes.com is [i]my[/i] domain. If you've been browsing mlehworld and are using a profile which shows avatars, it's likely you've been linked to one of mine.
torsoinalake - Member*Edited to remove the scotsroute bit*
Give me a clue?
I should also re-iterate - there are no ads on mlehworld, so none of those urls are linked to it - neither is adultfriendfinder. As for the other "dodgy" images you've talked about, it sould like someone has seen the site list and then randomly browsed the dontclickthis domain. That doesn't mean you saw any of the dodgy images. Ask for the full URL, and get them to check the cache on your machine - any browsed images will likely still be in there too.
Thanks, on my work PC some avatars are little red X's. I know wwe can't get Flickr etc so I figure this is why?
re: the dodgy images, funnily enough a mate said the same thing, he reckons they've just clicked on a few. They're pretty random things!
I don't know the full url - they didn't give me it. I don't think they have it either. However I know I haven't looked at or seen anything like that so I know I can back that up if I get on my pc and look at the history. I also sit right next to a couple of people so they would also have seen it.
Here's another thing,
I start around 7am everyday. I know we aren't to abuse the use of internet (ie; use it too much) so I don't. I only use it at lunch time. So if I really wanted to abuse my pc at work why would I wait until lunchtime in an open plan office? It would be better for me to do it in the morning surely as no one else starts until 9.
This is driving me mad. It's making me pretty angry too....
Oh yeah, our software is 'virus scan enterprise' It hasn't updated since some time last year.
Everyone always gets the message on their PC that it's out of date. But it doesn't connect to update etc. Hasn't for months...
Zedsdead - MemberThanks, on my work PC some avatars are little red X's. I know wwe can't get Flickr etc so I figure this is why?
re: the dodgy images, funnily enough a mate said the same thing, he reckons they've just clicked on a few. They're pretty random things!
I don't know the full url - they didn't give me it. I don't think they have it either.
Perfect. Tell them to go take a hike. Just because there's some dodgy images on a site, that doesn't mean you've actually looked at them FFS.
PS - do you have a mleh login? If so, you should set your profile to "worksafe"
Your firm should be focusing on their shitty IT not the end-users. Do you mean your AV software is McAfee VirusScan Enterprise? I think you're being used a a scapegoat mate, better get some employment-law advice. If you can get the full internet explorer browser version like I said yesterday, I'll be able to confirm that the browser is unpatched, which if your AV is out of date means there will be any number of malware/viruses etc on your PC. Get a collegue to check Windows Update on another PC to see what High Priority Update/Critical Updates are outastanding. I think that ultimately in this situation the best form of defence is attack, get all the facts outlining their lax security and be very clear that this wasnt your doing and you will take this as far as you need to legally.