Security Question

  • Thread starter Thread starter Lisa
  • Start date Start date
L

Lisa

I use Lavasoft/Adaware daily. My PC recentley crashed and the tech who
repaired it told me this program may have caused it. He advised me to more
careful with my downloads. I got this spyware recommendation from Microsoft:
http://www.microsoft.com/windowsxp/using/security/expert/honeycutt_spyware.mspx.
Does anyone agree with his opinion? I've never had a problem using Adaware
before and I thought it was very beneficial to keeping my PC clean.Also, he
printed a dump from my PC which
showed a lot of junk sites I had never accessed (e.g., Kazaa was set to run
on Start up although I never downloaded it and it did not appear in
Add/Remove Programs ). I use Windows XP with the SP2 download. I use AVG as
well as Adaware. No one else uses my PC. I was totally at a loss as to how
any of these bad sites got on my PC. The tech told me it was probably
emails. I never open attachments from anyone unknown to me. He said it
really doesn't
matter. If their computer is infected they can pass it along without their
own knowledge. Is this true and if so, is there ANY WAY to really protect
yourself??? Dazed and confused.
 
Lisa said:
I use Lavasoft/Adaware daily. My PC recentley crashed and the tech who
repaired it told me this program may have caused it. He advised me to
more careful with my downloads. I got this spyware recommendation from
Microsoft:
http://www.microsoft.com/windowsxp/using/security/expert/honeycutt_spyware.mspx.
Does anyone agree with his opinion? I've never had a problem using
Adaware before and I thought it was very beneficial to keeping my PC
clean.Also, he printed a dump from my PC which showed a lot of junk
sites I had never accessed (e.g., Kazaa was set to run on Start up
although I never downloaded it and it did not appear in Add/Remove
Programs ). I use Windows XP with the SP2 download. I use AVG as well
as Adaware. No one else uses my PC. I was totally at a loss as to how
any of these bad sites got on my PC. The tech told me it was probably
emails. I never open attachments from anyone unknown to me. He said it
really doesn't matter. If their computer is infected they can pass it
along without their own knowledge. Is this true and if so, is there
ANY WAY to really protect yourself??? Dazed and confused.
Click to expand...

It is very, very, very unlikely that Ad-aware caused any problems. I
don't think you need to run it every day though. That's overkill. As
for how Kazaa, etc. got into your computer - someone in your household
must have done this. While I've certainly seen some spyware do a
driveby install on a pre-SP2 box, Kazaa has to be downloaded and
installed by someone. There isn't any way for me to know who did this;
you know who lives with you.

This does remind me of a recent incident with one of my clients. I had
just cleaned her machine - XP Home, SP2 - and then a few weeks later
she was calling me again. She had tons of spyware, rogue antispyware
programs, and pr0n links. "How did this happen?" she wailed. She never
went to bad sites, never opened attachments. Well, we looked at the
History for both Firefox and IE and it was just like reading a story.
We could see the exact date and time her 10-year-old son and his little
friend started searching for s@x stuff, what they looked at, what they
downloaded, and where they panicked and downloaded the rogue
antispyware program. So there you go.

Malke
 
Thanks for the response Malke. The tech's warning on Adaware made me doubt
everything I had been told so thanks for reassuring me. As for Kaaza, it
was not downloaded on PC. Only one file was on it. I live alone and NO ONE
uses my PC. The tech's take on this was it was transferred via email. It's
been my understanding that this can only happen IF you open attachments from
people whom you don't know. I never do that. But he said spyware can be
transferred without opening attachments and that's what I was curious about.
If that's true, there's really no way of really protecting against it.
People with whom I correspond could transfer it unknowingly. ????
 
Not sure on that one in particular, but understand that if someone
you have had "email relations" with gets infected, the junk on their
machine often grabs their address book first and sends itself on to
everyone in it. They don't even know anything was sent -
especially if they are on broadband or DSL and "always on".
Kazza, Gator and the others like that remind me of what I pick up
in the yard after the dogs. I don't know which email client you
use (what do you read your email with). If it is Lookout Express.... er..
I mean Outlook Express, you can sneak up on email that is not
plain text without it running. Right click the message, select
"properties" , click the "details" tab then click the "message source"
button. It will open the message in a TEXT only window so nothing
gets a chance to run. You can see what is in it and if it makes
sense. Just because it is "from someone you know" doesn't mean
it is really "from" them - it could be from their machine that is
infected or from some other source with a forged header.
It's a tough world out there ...

mikey
 
Mike, I do use Outlook Express. Thanks for tip on checking the source. I
didn't know that. So far, I have not opened anything that was not from
someone I did know but I am aware of address stealing or whatever it's
called. Can't be too careful and IMO can't really have to much protection.
 
I have problem starting a new question, hence used an old thread.

My question is: Is it possible to track the files a user has downloaded to a
"removable" drive in XP environment?

If so, to what extent? eg. could someone idenitify the file name, file size,
date or even OPEN the file that was being transfered?

Thanks,
Natalie
 
You would either have to use a software tracking program that monitors what
a user does on a computer or use a very sophisticated firewall such as
Microsoft ISA 2004 which can do advanced http application filtering and
logging. One such possible software program is shown at the link below. You
should only use a trial version first or contact the publisher to make sure
it does exactly what you want. -- Steve

http://www.spectorsoft.com/products/SpectorPro_Windows/index.html
 
Thanks Steve, I assume I can only start the tracking AFTER I've the program
installed? ie. I can't track past activities, correct?
 
That would be correct. Some activities can be tracked via the security log
that you see in Event Viewer if you have enabled specific items to audit.
But not writing to removable media. --- Steve
 
Thanks a lot Steve...since I got you, would you have any idea why m,y IE
keeps saying "pop-up window blocked" when I try to strat a new thread? I have
already unblocked the page, and I have no problem when I clicked on
"Reply"...I just find that very strange...hope you can help one more time...
 
Are you using web interface to access newsgroups or are you using some thing
like Outlook Express or Outlook? I have never seen that happen with OE. If
you are using web interface then maybe you want to add the website to your
trusted Web Content Zone. --- Steve
 
Back
Top