Spysweeper recently found Atomiclog on my system. It monitors and logs
internet and other activity. Spysweeper's info says it's usually put in
by someone with administrative rights to a system. Noone but me has
administrative rights. How would a program like that get put on my
system?

From: "leenman" <(E-Mail Removed)>

| Spysweeper recently found Atomiclog on my system. It monitors and logs
| internet and other activity. Spysweeper's info says it's usually put in
| by someone with administrative rights to a system. Noone but me has
| administrative rights. How would a program like that get put on my
| system?

Two examples...

Vulnerabilities that are unpatched.

Social Engineering.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Hi,

Probably as part of something else you installed. Most common are shareware,
freeware, and P2P applications.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP
http://mvp.support.microsoft.com/
Windows help - www.rickrogers.org

"leenman" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Spysweeper recently found Atomiclog on my system. It monitors and logs
> internet and other activity. Spysweeper's info says it's usually put in
> by someone with administrative rights to a system. Noone but me has
> administrative rights. How would a program like that get put on my
> system?
>

leenman wrote:
> Spysweeper recently found Atomiclog on my system. It monitors and logs
> internet and other activity. Spysweeper's info says it's usually put in
> by someone with administrative rights to a system. Noone but me has
> administrative rights. How would a program like that get put on my
> system?

It couldn't be done without your help.

You installed something that included it, you clicked on a popup window
that downloaded it, etc., etc.,

YOU did it.

Uncle Grumpy wrote:
> leenman wrote:
>> Spysweeper recently found Atomiclog on my system. It monitors and
>> logs internet and other activity. Spysweeper's info says it's
>> usually put in by someone with administrative rights to a system.
>> Noone but me has administrative rights. How would a program like
>> that get put on my system?
>
> It couldn't be done without your help.
>
> You installed something that included it, you clicked on a popup
> window that downloaded it, etc., etc.,
>
> YOU did it.

It can be done without any user interaction on an unpatched computer. I
suppose indirectly this would be the end users fault but I have seen
computers infected just by going to a web site in a search result. Click on
the site an yuu're infected if you are not up to date with patches.

--
Kerry
MS-MVP Windows - Shell/User
http://www.vistahelp.ca

"leenman" wrote

> Spysweeper recently found Atomiclog on my system. It monitors and logs
> internet and other activity. Spysweeper's info says it's usually put in
> by someone with administrative rights to a system. Noone but me has
> administrative rights. How would a program like that get put on my
> system?


That's one of the associated dangers with browsing the internet from an
account that has administrative privileges. It's best to do so from a
limited user account.

--

Rock [ MVP User/Shell]

Kerry Brown wrote:
> Uncle Grumpy wrote:
>> leenman wrote:
>>> Spysweeper recently found Atomiclog on my system. It monitors and
>>> logs internet and other activity. Spysweeper's info says it's
>>> usually put in by someone with administrative rights to a system.
>>> Noone but me has administrative rights. How would a program like
>>> that get put on my system?
>> It couldn't be done without your help.
>>
>> You installed something that included it, you clicked on a popup
>> window that downloaded it, etc., etc.,
>>
>> YOU did it.
>
> It can be done without any user interaction on an unpatched computer. I
> suppose indirectly this would be the end users fault but I have seen
> computers infected just by going to a web site in a search result. Click on
> the site an yuu're infected if you are not up to date with patches.
>
In other words, drive-by downloading; another good reason not to browse
with Internet Explorer.

"leenman" <(E-Mail Removed)> wrote:

> Spysweeper recently found Atomiclog on my system. It monitors and logs
> internet and other activity. Spysweeper's info says it's usually put in
> by someone with administrative rights to a system. Noone but me has
> administrative rights. How would a program like that get put on my
> system?

Note that any malware has the same privileges as you have. When surfing
the internet with administrative privileges and clicking all and every-
thing, malware has administrative rights as well. The same applies to
malware taking advantage of an unpatched system or coming along with
"free" software. Note that there is no free meal.

--
d-d

From: "Nevermind" <(E-Mail Removed)>


| In other words, drive-by downloading; another good reason not to browse
| with Internet Explorer.

It could just as easily been FireFox by an older version or by an older version of Sun Java.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Nevermind wrote:
> Kerry Brown wrote:
>> Uncle Grumpy wrote:
>>> leenman wrote:
>>>> Spysweeper recently found Atomiclog on my system. It monitors and
>>>> logs internet and other activity. Spysweeper's info says it's
>>>> usually put in by someone with administrative rights to a system.
>>>> Noone but me has administrative rights. How would a program like
>>>> that get put on my system?
>>> It couldn't be done without your help.
>>>
>>> You installed something that included it, you clicked on a popup
>>> window that downloaded it, etc., etc.,
>>>
>>> YOU did it.
>>
>> It can be done without any user interaction on an unpatched
>> computer. I suppose indirectly this would be the end users fault but
>> I have seen computers infected just by going to a web site in a
>> search result. Click on the site an yuu're infected if you are not
>> up to date with patches.
> In other words, drive-by downloading; another good reason not to
> browse with Internet Explorer.

At various times drive by downloading has been possible through exploits in
Firefox, Norton, and other software if they or java are not up to date. It
has also been possible through several email clients if reading html has
been turned on. I agree IE has been exploited a lot but I think it is more a
function of the large installed base rather than it being more exploitable
than other software.

--
Kerry
MS-MVP Windows - Shell/User
http://www.vistahelp.ca