Author Topic: Secure Studies  (Read 17102 times)

0 Members and 1 Guest are viewing this topic.

Offline eluv8

  • Newbie
  • *
  • Posts: 11
Secure Studies
« on: August 23, 2010, 10:27:41 AM »
Every few seconds my router is showing a connection to a site called oss-content.securestudies.com which appears to be an internet reporting and usage tracking site.

Is there a way to remove this and why does Avast not detect it?

Thanks

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5202
Re: Secure Studies
« Reply #1 on: August 23, 2010, 10:39:20 AM »
Can you block it with your FW?

First I need to know the following:

1.   What is your OS, 32 or 64-bit, RAM?
2.   What version of Avast did you install?  5.0.594? 
3.   What product of Avast did you install?  Free, Pro, AIS?
4.   What other security software do you currently have or did you have in the past on this machine including antivirus (AV), firewall (FW), and other security programs (resident and on-demand)?  If they were in the past, how did you remove them (the vendor's uninstaller's tool or another way)?
5.   Are your MS Updates (if you have Windows) current?
6.   Are your software updates current?
7.   Are the Avast definitions (updates) current?
8.   When was the last time you did any kind of scan in Avast, and if so what kind of scan was it?

I'm sorry for all the questions, but this will help identify issues that are causing problems.  Thank you.
Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3694
  • If at first you don’t succeed; call it version 1.0
Re: Secure Studies
« Reply #2 on: August 23, 2010, 12:17:05 PM »
Did you register at a site, possibly hosted by Sears or mysscommunity.com, or install any monitoring software/activex control provided by them?
That is what this appears to relate to.
Frankly, Id remove it. Check these out: http://text.broadbandreports.com/shownews/Spyware-By-Sears-90652, http://community.ca.com/blogs/securityadvisor/archive/2007/12/20/sears-com-join-the-community-get-spyware.aspx

If you were to install a Hosts file (MVPS provide and maintain this sort of thing- ask if you want more info) it will block the address.
Avast will only block web addresses known to host malware (network shield), or detected by the webshield as hosting malware.
WindowsXP Home SP3,Avast Free 5.1.889,Windows Firewall, Autorun Eater,Firefox w/Noscript+ /Adblock+/Better Privacy, IE8 all zones except MS Update set to "untrusted" settings,MVPS Host file.SecuniaPSI.

Offline eluv8

  • Newbie
  • *
  • Posts: 11
Re: Secure Studies
« Reply #3 on: August 23, 2010, 09:24:50 PM »
It looks like MBAM or Spybot S&D are able to remove it. It is no longer sending out data.

Why did Avast not detect it? Everything I read on the internet about this software does not sound good.

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Re: Secure Studies
« Reply #4 on: August 23, 2010, 09:57:32 PM »
Quote
Why did Avast not detect it? Everything I read on the internet about this software does not sound good.
A program with a base of over 100 million user will be good or no one will use it,what you read is a market war "they got paid they say bad"so please dont give your ears to every one,and there is no program on the earth could detect every thing,and mbam and s&d are special tools to treat infections like that"Anti Spyware",avast got one but dont have a lot of addition power and fixes.
Dreams don't die, they just fall asleep.

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5202
Re: Secure Studies
« Reply #5 on: August 24, 2010, 09:29:42 AM »
eluv8,

You can try to make your browser more secure.  If you use Firefox, you can use add-on's like BetterPrivacy, AddBlockPlus, and NoScript to help avoid getting into the problem you just faced. 

You should also be using a cleaner to clean your cache, temp. Internet files and do not store anything online (or preferably on your machine) for better security.  Tools that many of us use here are:

CCleaner http://www.piriform.com/ccleaner is a freeware system optimization, privacy and cleaning tool.  There is a Slim version available as well at http://www.piriform.com/ccleaner/builds.  It removes unused files (cache, temporary Internet files, etc.) from your system - allowing Windows to run faster and freeing up valuable hard disk space.  It also cleans traces of your online activities such as your Internet history.  Additionally it contains a fully featured registry cleaner.  Remember when installing to uncheck the Yahoo toolbar.

An additional tool to remove temp. Internet cache, esp. in IE, is TFC by OldTimer to your desktop.
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
·   Please double-click TFC.exe to run it.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
·   It will close all programs when running, so make sure you have saved all your work before you begin.
·   Click the Start button to begin the process.  Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.  Let it run uninterrupted to completion.
·   Once it's finished it should reboot your machine.  If it does not, please manually reboot the machine yourself to ensure a complete clean.

In addition, surf carefully and use common sense.  What Tarq57 mentioned in the post is relevent.

Using Avast as your AV, having a good FW, and having on-demand scanners like MBAM are also good lines of defense to improve your security.

Additionally, keep your MS Updates current as well as your software, which you can check for free at Secunia Security Inspector http://secunia.com/vulnerability_scanning/personal/.
Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3694
  • If at first you don’t succeed; call it version 1.0
Re: Secure Studies
« Reply #6 on: August 24, 2010, 10:24:08 AM »
So had you installed it your self, or subscribe, or what?
WindowsXP Home SP3,Avast Free 5.1.889,Windows Firewall, Autorun Eater,Firefox w/Noscript+ /Adblock+/Better Privacy, IE8 all zones except MS Update set to "untrusted" settings,MVPS Host file.SecuniaPSI.

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5202
Re: Secure Studies
« Reply #7 on: August 24, 2010, 10:26:15 AM »
I don't think the OP has been back on the forum since their last post.
Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.

Offline eluv8

  • Newbie
  • *
  • Posts: 11
Re: Secure Studies
« Reply #8 on: September 01, 2010, 09:33:37 AM »
Sorry I was in the middle of a move.

My primary concerns are that my wife was able to download the what seems to be very common malware onto her computer and recently my yahoo account was attacked and it spammed out to my contact list an advertisement. I am not sure which computer actually sent the yahoo mail or if it has been corrected. Scans come up clean with MBAM, Avast, Spybot S&D, CCleaner, and online virus scan tools.

Safesurf; I believe my wife downloaded the file through a work from home website. I don't know if it was loaded with their program or if it was somehow downloaded from the website separately. Regardless, I uninstalled everything they had her do. Talk about a joke, taking online surveys they claim you can make 4,000 a month. She is still trying to get her $20.00 no questions asked money back. I will be surprised if she ever does, but she will sure raise some heck for them if they don't.

Secunia is a pretty nice service thank you for suggesting it. My first scan scored a 90%, all updates.

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5202
Re: Secure Studies
« Reply #9 on: September 01, 2010, 10:10:37 AM »
<snip> taking online surveys they claim you can make 4,000 a month.
My guess is that this is where the malware came from.  The survey sites that take your money are well-known in the industry for being scams, and she most likely will not be getting her money back.   If your wife wishes to do surveys, there are a few legit sites, like PineCone (referral needed) and MySurvey, but be careful with others.  I would suggest you put a fraud-alert on your accounts if she gave any financial information to them.  Try to get a strong firewall (FW) and use a browser that will block scripting (like NoScript) and LSO's (like BetterPrivacy).  Use CCleaner after you sign offline every time, esp. for any surveys as they often track things.
Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.

Offline eluv8

  • Newbie
  • *
  • Posts: 11
Re: Secure Studies
« Reply #10 on: September 01, 2010, 06:17:25 PM »
Thanks for the info, I run no script on my computer but my wife hates it and will not use it.

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3694
  • If at first you don’t succeed; call it version 1.0
Re: Secure Studies
« Reply #11 on: September 01, 2010, 10:17:25 PM »
I'd suggest you put one of these (a hosts file) on your wifes machine. It might help protect her from herself. On the linked page are a few suggestions for easy management of same, I have found Hostsman to be a very straightforward updating application for it. You should check for updates every week or two, or you can even subscribe for updates.

It's free.
Unlike a lot of things on the net.

I would think that what you had would fall under the mantle of "potentially unwanted program" rather than true malware. Shady, yes. Dodge, definitely. But it didn't install by itself.
WindowsXP Home SP3,Avast Free 5.1.889,Windows Firewall, Autorun Eater,Firefox w/Noscript+ /Adblock+/Better Privacy, IE8 all zones except MS Update set to "untrusted" settings,MVPS Host file.SecuniaPSI.