Spyware, Viruses, & Security forum

General discussion

is this a safe site?

by bently / January 24, 2006 1:46 AM PST
Discussion is locked
You are posting a reply to: is this a safe site?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: is this a safe site?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
AFAIK this is safe...
by glenn30 / January 24, 2006 2:03 AM PST
In reply to: is this a safe site?

I have visited this site a number of time and run their complete test without any problems... this site has been around for several years.

Know of no reason to avoid them.


Collapse -
Zone Alarm
by auggief / January 24, 2006 3:25 PM PST
In reply to: AFAIK this is safe...

I just signed up and when I tried to run tests, it said I had to disable Zone Alarm. I don't like to not have the firewall working.

Collapse -
Auggie, it's been a while...
by glenn30 / January 25, 2006 12:49 AM PST
In reply to: Zone Alarm

But I do not recall seeing that request and I have used ZoneAlarm for a long time. Like you I would question such a request.

Sorry I cannot help!


Collapse -
ZA reference
by auggief / January 25, 2006 5:56 PM PST

Sorry you're having trouble with the site; let's take a look at what the problem could be. The following advice is based on an automatic analysis of your system, and the items listed below are by far the most common causes of the problems that people have when using our site.

We suggest that you try all the solutions we have identified below; one or more of them will most likely get you past the problem you're having.

In Windows NT/2000/XP, you must have Administrator privileges in order to install the ActiveX control. If you do not, the tests will initiate but immediately take you back to the starting page because the ActiveX utility is not present.

We recommend that you use Internet Explorer 6. Although our site usually works with versions as old as IE4 SP2, we are not able to test on this configuration regularly. Most of the AutoFixes we offer require IE5.5 or higher and cannot be run on IE4.

You have per-session cookies disabled in Internet Explorer. This will prevent our tests (and most of the rest of our site) from working. Most commonly this will result in "No session in progress" messages and you will not be able to compete the tests. Please enable cookies per these instructions. If your IE cookie settings are correct, make sure you are not using a utility that disables cookies.

You have permanent cookies disabled in Internet Explorer. You will not be able to automatically log into the site if you disable them. Most commonly this will cause you to return to the pitstop.asp ("Entering the pit") page instead of starting the tests. See these instructions. If your IE cookie settings are correct, make sure you are not using a utility that disables cookies.

The time on your PC's clock is significantly different than the time at our server:
Your PC: Thu Jan 26 04:55:44 EST 2006
PC Pitstop: Thu Jan 26 04:54:46 EST 2006
Misadjusted time can cause many unusual problems, particularly in relation to cookies. To adjust the time, double-click on the clock in the system tray.

You have not yet loaded the PC Pitstop utility. If you have already tried testing but received an error message about the utility not being loaded, follow the instructions here to manually remove it. You may also want to check our ActiveX test page to see if your ActiveX support is functioning properly.

Although you have loaded the PC Pitstop utility, it is not the current version. Normally the new version will be loaded when you try to test. If that is not happening, the most likely cause is a proxy server that has cached an old copy of the utility. You may also want to try the instructions here to manually remove it.

It appears you're using America Online. Be sure that you are accessing the PC Pitstop site through Internet Explorer, not the AOL builtin browser. You start IE using the icon on your system tray or desktop. Also, we suggest that you upgrade to AOL 6.0 if you are using an older version.

JavaScript is disabled. The PC Pitstop testing process requires that you have JavaScript turned on. Check your ActiveX support for more information and instructions.

Internet Explorer scripting support installed on this system is not the latest version. This may cause scripting errors on the site or AutoFixes you may run. You can update your scripting support by going to Microsoft scripting support and dowloading the latest non-beta version. (Note that the download links are at the bottom of the Microsoft pages.)

Note: If you just received an Install on Demand dialog box for scripting and clicked the Cancel button, you should close all Internet Explorer windows. Then, open a new window and return to this page. When it prompts to install scripting support, click OK.

Currently you have Internet Explorer configured to use the older HTTP 1.0 protocol for accessing the Internet. Most web sites, including ours, work better if you use the HTTP 1.1 protocol. This is easy to change. Start Internet Explorer and select Tools | Internet Options | Advanced. In the dialog of options, scroll to the section labeled HTTP 1.1 Settings and check the box labeled "Use HTTP 1.1".

Internet Explorer is configured to use a local proxy server to access the Internet. This usually indicates you are using ad-blocking or security software that filters the incoming HTML and script. These programs can corrupt our web pages and prevent them from working properly, so we recommend that you disable them while you run your tests. Some of these utilities have their own ways of being temporarily turned off or disabled, you'll need to check their documentation.

You are using a proxy server to access the Internet, but it is not needed. We have found that the proxy often causes unreliable operation and reduced performance, so we recommend that you disable it. See below.

You are using a proxy server to access the Internet, and we have found that many proxy servers cause unreliable operation of our site. We recommend that you try to disable the proxy settings and see if that helps. In some cases your ISP or network administrator may require the use of a proxy server, and you will have to enable it again.

How to turn off proxy settings: From Internet Explorer's menu, select Tools | Internet Options | Connections. If you are on a LAN click "LAN settings", if you are on a dial-up, highlight the dial-up connection you are using, then click "Settings". Clear all three check boxes in this dialog: Automatically detect settings, Use automatic configuration script, and Use a proxy server. Click OK. It is also a good idea to close any open browser windows and open a new one before testing again.

If you cannot disable your proxy server, you might try allowing the use of the newer HTTP 1.1 protocol with the proxy. Start Internet Explorer and select Tools | Internet Options | Advanced. In the dialog of options, scroll to the section labeled HTTP 1.1 Settings and check the box labeled "Use HTTP 1.1 through proxy connections".

You are running applications that are known to cause problems for our testing:


Please uninstall or temporarily disable these applications.

Collapse -
More info
by auggief / January 25, 2006 7:11 PM PST
In reply to: ZA reference

It wouldn't let me log in so I went to restricted sites and found that Pitstop was being blocked and unblocked it. I have no idea how it got there.

Collapse -
(NT) (NT) Same, so I leave ZoneAlarm on without a problem.
by John.Wilkinson / January 25, 2006 1:01 AM PST
In reply to: Zone Alarm
Collapse -
(NT) (NT) I will second that.
by roddy32 / January 24, 2006 2:13 AM PST
In reply to: is this a safe site?
Collapse -
(NT) (NT) It's safe...I've used it for years.
by John.Wilkinson / January 24, 2006 2:16 AM PST
In reply to: is this a safe site?
Collapse -
(NT) (NT) Great! Thanks to all
by bently / January 24, 2006 12:54 PM PST
Collapse -
(NT) (NT) yes
by dawillie / January 24, 2006 1:08 PM PST
In reply to: is this a safe site?
Collapse -
(NT) (NT) Rather Redundant but Yes, Have Used Many Times. :-)
by tobeach / January 24, 2006 1:38 PM PST
In reply to: is this a safe site?
Collapse -
should I have PERMITTED....
by bently / January 24, 2006 1:40 PM PST

Ran PCPITSTOP and during the test the following Kerio Personal Firewall alert popped up.

Incoming Connection Alert!
REMOTE: Port=64-1952023-da120383www002.devices.datareturn.com [],port 20 - TCP

DETAILS: Someone from Port=64-1952023-da120383www002.devices.datareturn [],port 20 wants to connect to port....

DETAILS ABOUT APPLICATION... c:\program files\interner explorer\iexplore.exe

Not knowing if above good or bad, I clicked DENY

I do not know if this is part of Pitstop checking my computer or if it is malicious.

From the above information, how is a person to know to Permit or Deny?



Collapse -
I'd say it's OK...
by John.Wilkinson / January 25, 2006 1:14 AM PST

Datareturn.com is one of the domains PCPitStop uses in the testing process, and TCP 20 is your FTP (File Transfer Protocol) port. FTP is a standard for transferring information over a network such as the internet. Since you now know it's a commonly used port, a trusted application (Internet Explorer), and a respectable website making an expected transmission of data, I'd say go ahead and allow it, then retest. (I'm assuming it failed to culminate.)

Hope this helps,

Collapse -
will permit...
by bently / January 25, 2006 2:12 PM PST
In reply to: I'd say it's OK...

Thanks John,

Appreciate the help. So much crap happening with all the malware, I just don't like permitting something I don't know.

I suspected it would be OK, but if it was not, I could have caused myself a lot of grief.

Thanks again.


Collapse -
you could also
by dawillie / January 29, 2006 12:36 AM PST
In reply to: will permit...
Collapse -
You know it is a safe site
by dawillie / January 29, 2006 12:39 AM PST
From the above information, how is a person to know to Permit or Deny

when you see the IP address and name in the Kerio Alert.

have a look also at the other message in this post.
Collapse -
If you use Firefox you can install an exstension...
by MartyLK / January 25, 2006 9:15 PM PST
In reply to: is this a safe site?

called Siteadvisor that will inform you of the safety of web sites. Set it to highlight Google searches and you will be able to tell if a site is safe just by the color of the highlight.

Collapse -
Got a Link For That, Marty? Just Go Moz Plug in Page? Does..
by tobeach / January 26, 2006 2:43 PM PST

it also work for Mozilla Suite? Thanks in Adv. Grin

Collapse -
(NT) (NT) Thanks 4 The Link!! Apparently Not for Mozilla Suite. :
by tobeach / January 28, 2006 4:27 PM PST
Collapse -
What's the difference?
by MartyLK / January 28, 2006 8:57 PM PST

Isn't Mozilla Suite just Mozilla/Firefox web browser, Thunderbird email and a newsgroup reader?

Collapse -
invaded by popup alerts...
by bently / January 29, 2006 3:51 AM PST
In reply to: What's the difference?

using win xp home, sp2, all updates. Mozilla 1.7.12, Kerio PF 2.1.5, Avast AV. NO CHANGES TO COMPUTER IN SEVERAL DAYS...

FROM dawillie... ''You know it is a safe site when you see the IP address and name in the Kerio Alert.
This appears on ALL popups. ... ''Someone from xxx.xx.xxx.xx wants to send UDP datagram to Port 1026 owned by 'Generic HostProcess for Win32 Services' on you computer. DETAILS ABOUT APPLICATION c:\windows\system32\svchost.exe''
How can I know if good or bad?

Posted by: MartyLK ... Isn't Mozilla Suite just Mozilla/Firefox web browser, Thunderbird email and a newsgroup reader?
Answer... NO ... . and it will not work in Mozilla.

Today, I had been online for maybe 45 minutes and then... In 20 minutes time, I received over 15 popups alerts from Kerio firewall that... Someone from xxx.xx.xxx.xx wants to send UDP datagram to Port 1026 owned by 'Generic HostProcess for Win32 Services' on you computer. ( I had to click... ''STOP ALL TRAFFIC'' on Kerio PF while I was typing this in WORDPAD, to stop them from popping up)

I used ARIN?s WHOIS and found the following info on one of them... DoD Network Information Center ... Defense Information Systems Agency ... WHY WOULD DOD WANT ON MY COMPUTER?

All had the same destination ... Port 1026, DETAILS ABOUT APPLICATION c:\windows\system32\svchost.exe.

I did NOT permit any of them. Is there any good reason to ever allow the random popups if they are not from a site you are using?

1. Is there anyway to completely stop this invasion?

2. svchost.exe (sounds like I don't want any stranger in this)
The Svchost.exe file is located in the %SystemRoot%\System32 folder. At startup, Svchost.exe checks the services part of the registry to construct a list of services that it must load. Multiple instances of Svchost.exe can run at the same time. Each Svchost.exe session can contain a grouping of services. Therefore, separate services can run, depending on how and where Svchost.exe is started. This grouping of services permits better control and easier debugging.

3. UDP datagram ... Do I want strangers here either?

My thanks to all, I do appreciate all the great help.


Collapse -
You Certainly Don't Want to Allow That Any Access...
by tobeach / January 30, 2006 3:45 PM PST

(or any other un-requested by you via outgoing contact).
Been years since I had Kerio 2.15. Does it have a "block silently" feature ? A Log only serious attempts option?
US Gov. certainly would like to "sink a line in your system"(Gowan) & everyone else's. They were caught planting spyware on any computers contacting various depts for mundane requests: Dept of Forestry; How many trees per acre on average in Yellowstone Park? Wouldn't Site Adviser be a perfect new front for them??
I have a sneaking suspicion that you have been compromised recently or in past? You should be stealthed while on the net and this sounds like some ports are only closed and therefore attracting attention. Possibly a 4-port router (even for 1 computer)($20-30) would block all leaving Kerio little to do.You can try having your ports & browser leakage scanned at GRC Using their Shields Up!! Scan. About 60% down this page below "Hot Spots" & Spin-Rite.
They are FULLY trustworthy so fear not!
Here's a selection of other trustworthy free apps/programs you could/should use (especially Spybot S&D 1.4 & Adaware SE1.6). Install & update defs using internal updaters and scan and let remove all they find.

Additionally: After Further Checking about Site Adviser, I would consider their product SPYWARE (tracking agent if you want to be kind). Basically you're sending them the address of every site you try to visit. Despite benefits offered, I wouldn't allow on any machine under my control or advisement. Mind you, I consider paranoia a friend when it comes to the net.
Enjoy!! Grin

Collapse -
Even though I have...
by MartyLK / January 30, 2006 8:40 PM PST

Spybot S&D, Ad Aware 1.5 SE Plus, Ewido, Spyware Blaster, Spyware Guard and Winpatrol, none of which saw SiteAdvisor as spyware, I uninstalled it.

I thought it strange that SiteAdvisor wasn't available at Mozilla/Firefox extension site.

Collapse -
I give a thumbs up to SiteAdvisor...
by John.Wilkinson / January 31, 2006 3:11 AM PST

Although it is just a recent release still in beta testing (that's why it's not on Mozilla yet...they only accept stable release versions), SiteAdvisor is a legitimate extension for the two most popular browsers, IE and Firefox, that's picking up steam. Overall it has almost a perfect user review rating and has garnered the attention of today's issue of Cnet's Download Dispatch. (I couldn't find a web link, so in case you don't receive Download Dispatch I'm enclosing the article below.)

I believe the concern is with it reporting the list of sites back to the host, as there is no spyware bundled with the extension. However, I don't consider this a problem, for if you read FAQ #13, they note that everything is kept anonymous, as they don't even record your IP address. I know it's a case where you simply have to take their word, but I feel they're being honest. (One of those working on the project is a friend of a friend, so I'm taking their word until there's proof to the contrary.)

On a side note, Google does a lot more than this, installing tracking cookies, recording your surfing and searching habits, and logging your IP address to keep track of you as an individual, and even sells/hands that data to third-parties! (Click here for their privacy policy.) Considering that, SiteAdvisor could record your habits and still respect your privacy more than Google.

I've been using it for about a week now and have been quite satisfied with it's analysis of websites and search results. The only thing I wish is that it could also have the option of red-flagging porn, warez, and other sites...at this time it only warns about potentially dangerous downloads and links, as well as spam and popups, ignoring legal and moral concerns.

Hope this helps,

Cnet Download Dispatch: January 31, 2006
Normally, I like to vary the coverage in this newsletter by discussing different types of software and tech issues. Last Tuesday's dispatch had a definite antispyware slant (about the EULAlyzer, if you recall), but I recently came across another weapon in the war against spyware that's so useful I can't help myself from telling you about it.

In this era of drive-by installs and unannounced browser hijacks, surfing the Web can seem like tiptoeing across a minefield: one wrong step, and you've got serious problems. For the past couple of years, I have been hoping someone would develop a tool that tests Web sites for potential safety issues, so when I found a Firefox plug-in called SiteAdvisor, I was excited. Even better, once I started testing it this tiny add-on actually exceeded my expectations, which is rare.

The short story on SiteAdvisor is that it gives you the dirt on more than a million Web sites. Its test bots constantly check sites to see whether they send unsolicited e-mail, bury users under a blanket of pop-ups, and--perhaps most importantly--contain software that could compromise your privacy. Whenever you visit a URL, SiteAdvisor's browser icon flashes one of three colors: green (safe), yellow (caution), or red (extreme caution). Then, with a couple clicks, you can head to SiteAdvisor's home page for more detailed information. According to the company, about 90 percent of the sites tested so far have scored a green rating, whereas only 5 percent haved earned the red flag for bad behavior. My favorite part about the plug-in is that it rates sites directly from search engines such as Yahoo and Google, which reduces your chances of falling victim to a drive-by install.

It appears Download.com visitors are just as enthusiastic about the program as I am: SiteAdvisor netted more than 7,000 downloads in its first week on the site and has garnered consistently high user reviews. Look for the program's official launch March 1, which promises a number of enhancements over the already impressive beta version.

Brian Satterfield
Associate Editor, CNET Download.com

Collapse -
Thanks for the info...
by MartyLK / January 31, 2006 7:32 AM PST

I'll be reinstalling SiteAdvisor because I did like it alot.

Collapse -
An added thanks..
by Carol~ Moderator / January 31, 2006 8:31 AM PST

I've always respected your advice and opinions. Had I seen this first.. I would have gone to http://www.siteadvisor.com/preview/ and downloaded it as fast as my little mouse could get me there! Wink

Thanks for the additional info..

Collapse -
In addition to John's links, Ben Edelman also
by roddy32 / January 31, 2006 7:30 AM PST

likes SiteAdvisor. He is one of the most respected spyware researchers on the web. If he likes it, it's good enough for me. I have it on both IE and Firefox and I'm hoping they will make a version for it on Opera also eventually because I use all three. Here is his article.


John, I apolgize of you already had this link in your post, I didn't see it. Happy

Collapse -
Thanks Roddy... SiteAdvisor is excellent!
by Carol~ Moderator / January 31, 2006 8:08 AM PST

I hadn't seen it in another post. Shocked But I do thank you. I just downloaded it into both browser's and it certainly is informative and a great addition to what I already have!

''Prudence'' is my friend. ''Paranoia''.. well.. that would keep me up all night! (I've done some extensive reading about it and don't have a problem with it. IMHO)

Thanks.. again..

Collapse -
site advisor...
by bently / February 1, 2006 4:56 AM PST

My first post on site advisor apparently was removed.

I just now tried to download site advisor using Firefox browser. (Feb 1, 2006, 2:45 p.m.)

When I clicked on download, a message popped up at top of my screen.

If it is safe, why am I getting this message?

I made a screenshot of this and saved it to JPG file.
If someone wants I can send a copy to the JPG file so you can see it.


Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!