Steve, it was never intended to be scare mongering, but a fact from the
security logs of my firewall.
note I told Douglas that after I removed and reinstalled spy sweeper, the
problem went away.
I took my system way back before I had installed spy sweeper and the honey
pot message was still occurring.
hth
----- Original Message -----
From: "Steve Nutt" <steve@xxxxxxxxxxxxxx>
To: <access-uk@xxxxxxxxxxxxx>
Sent: Wednesday, October 11, 2006 6:54 AM
Subject: [access-uk] Re: "Honey Pot"
Hi Simon,
Scare mongering again? <Smile>. It is nothing short of Spy Sweeper doing its job very probably. Notice that Douglas says he has Spysweeper. My money's on that.
All the best -- Computer Room Services: the long cane for blind computer users. Telephone Low-call: 08452 606 277 International: +44(0)1438 742286, Fax: +44(0)1438 759589 mobile: +44(0)7956 334938, Email: mailto:Steve@xxxxxxxxxxxxxx Web site: http://www.comproom.co.uk
-----Original Message-----
From: access-uk@xxxxxxxxxxxxx [mailto:access-uk@xxxxxxxxxxxxx] On Behalf Of
simon.dowling
Sent: 10 October 2006 14:03
To: access-uk@xxxxxxxxxxxxx
Subject: [access-uk] Re: "Honey Pot"
hi Douglas, don't want to alarm you, but this has nothing to do with screen
readers, it is something you have downloaded recently.
I had exactly the same, a while ago, and eventually I tracked it down from
sygates security log.
its a trojan, and what it does every time the honey pot message flashes up,
it is taking a screen shot of your screen, so it records key strokes, and
other sensitive information such as passwords, account details etc.
then from time to time it will send the info back to someone usually through
a encrypted mailer service to the persons who may use it for there own
means.
I had to remove web route spy sweeper, then reinstall it before it would
pick it up.
a system restore doesn't fix the problem, you think its gone and it still
popped up from time to time.
so remove spy sweeper, reinstall it, and you should be ok.
I also recommend trojan guard as well.
hth
----- Original Message -----
From: "Douglas Harrison" <harrison1d@xxxxxxxxxxxxxx>
To: <access-uk@xxxxxxxxxxxxx>
Sent: Tuesday, October 10, 2006 1:33 PM
Subject: [access-uk] Re: "Honey Pot"
Thanks Christopher. At least I now know that it is unlikely to be due to something undesirable being picked up by my machine. I installed Free Download Manager yesterday and was beginning to suspect that to be the culprit.
incidentally I use Hal, so that whatever the cause it is apparently not peculiar to a particular screen reader.
Douglas
On 10 Oct 2006 at 9:14, Christopher Hallsworth wrote:
THis has been menitoned a lot on another mailing I've subscribed to, and
it turns out that there is a known issue with your screen reader and
spysweeper. I'm not sure what causes it, but I know it's a known issue.
The developers are aware of it as well. On Tue, 10 Oct 2006 08:27:25
+0100, "Douglas Harrison" <harrison1d@xxxxxxxxxxxxxx> said: > I booted
up
my lap top (not part of any network etc.) this morning and > was > in
another part of the room when it reached the desktop. I heard the >
usual > screen reader announcemen that it was on the desktop, and then
shortly > afterwards the words "Honey Pot", but when I got to the machine
and > investigated, whatever had caused the Honey Pot announcement had >
vanished. A software firewall is running as are Spysweeper and NOD32 >
and regular sweeps/scans by the latter two programs give a clean bill of
>
health. > > There is plenty of info on "Honey Pots" on Google, but much
of
it seems > irrelevant to this particular situation. > > Perhaps it is
nothing to worry about, but if anyone could suggest what > might > be
happening I would be most grateful. > > Many thanks, > > > > Douglas > >
--
Douglas Harrison
** To leave the list, click on the immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** access-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
** To leave the list, click on the immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** access-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
** To leave the list, click on the immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** access-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
__________ NOD32 1.1797 (20061010) Information __________
This message was checked by NOD32 antivirus system. http://www.eset.com
** To leave the list, click on the immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** access-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
