AdAware, SpyBot S &D, etc. + leave PC connected to Internet

From: sponge (yosponge_at_yahoo.com)
Date: 01/30/04


Date: 29 Jan 2004 17:23:14 -0800

On 29 Jan 2004 15:37:30 -0800, heyimjustcurious@yahoo.com (curious)
wrote:

>Just after I ran AdAware and reomoved 80 files and 2 registry, I ran
>AdaWare again. It's runing now that with a statement that 4 files
>identified, i.e 4 objects found. Is that a *normal* behavior? Or am I
>not doing soemthign right? Does it have somehting to dow the Firewall
>not workign efficiently?

You didn't say *what* it found. Odds are, it probably found some
spyware, but they both also identify and remove cookies associated
with spyware services and adsites, the latter of which can be worse
than spyware itself. IJust about any non-Internet Explorer browser
will allow you to delete cookies on exit, so cookies are never saved
to the disk.
 
>How often do I run these spy ware? Of course, I will be online a lot
>as I am trying to learn many things....

If you use Internet Explorer or frequently download and software,
daily at least. If not, mayby once a week is fine.

>Since I have Sygate installed and turned on (though 4 ports are still
>open when I did scanning using Stealth scan, Trojan scan and 3 with
>TCP sca while UDP scan couldn't be performed), is it OK to leave my
PC
>connected to Internet, say 24 hours?

Really, everything should come up Stealth or at least Closed. If you
have 4 ports open, and you're not running a server, then there's a
problem. What ports are open? If it's any of the NetBIOS ports
(137-139), or RPC ports (1025, 135, for example) then create ruels
immediately to close them. I would also consider investing $60 and by
a firewall/router, but don't give up personal firewalls like sygate -
routers do absolutely zero as far as preventing outbound connection
attempts.

>Or is it better to disconnect my PC from the modem (to Internet) when
>not using it? Just that I have Windows Update scheduled everyday and
>Norton Anti-virus scheduled everyweek.

Since I assume you are not running a server, I'd disconnect it
whenever it's not in use. You generally do not ISP software (which
often contains spyware and other junk) to connect to the net; if you
have a high-speed connection, use IPCONFIG /RELEASE to disconnect and
IPCONFIG /RENEW to connect. You generally have to run this from a DOS
window, but you can create shortcuts and place them wherever you want.
Windows Update and Norton LiveUpdate are of no consequence; if they
cannot connect to the net at a certain time, they will wait until a
connection IS available. If you mean to let Norton auto-scan for
virii, you can leave the computer running as long as you like by
following the aforementioned disconnect procedure.

Sponge
Sponge's Secure Solutions
www.geocities.com/yosponge
My new email: yosponge2 att yahoo dott com