Ask Leo! #358 – The workings of ‘Keep me signed in’, stale OpenCandy, pipes, the deep web and more…

*** New Articles

Why did this Win32/OpenCandy malware come back, and how do I really get rid of it?

I have Microsoft Security Essentials (MSE) installed on my PC. And I also have Automatic Update for this and run a weekly scan.

I keep getting a message from MSE informing that "Security Essentials detected a potential threat on your PC." This particular threat is "Adware: Win32/Open Candy." Alert level is given as "low." I have done everything they have suggested: I have "removed" this unwanted intruder, I have quarantined it. But no longer than two minutes after I restart the computer, the MSE icon yet again turns from initially green (computer protected) to orange (potentially unprotected).

Leo, could you please (if it is at all possible to do so remotely) tell me WHY this is and please help? Even though, according to MSE, it's threat is low, to me a threat is a threat, and I do not like being threatened. I want it out of my computer. Period.

Surely, if MSE is functioning optimally (as it SHOULD be), this adware would not find an entry into the machine in the first place. According to MSE, the security's real-time protection is ON, and virus and spyware definitions are up-to-date. So, I cannot see where the problem is.

Or am I being too simplistic about this?


I wouldn't say that you're being too simplistic, because many of your assumptions are reasonable - even if slightly inaccurate.

But I will say that malware, malware prevention, and malware detection are significantly more complex than most people realize.

Continue reading: Why did this Win32/OpenCandy malware come back, and how do I really get rid of it?

* * *

Is the 'Keep Me Signed In' option immune to password changes?

I recently saw that if I checked the Keep Me Signed In box in Hotmail, then did not sign out, I would stay signed in indefinitely, even if I changed my password using another computer. Every time I would sign in using the previous computer it still signed in, as if Hotmail had updated my password automatically on that machine. My question is, did this happen even when Hotmail had two separate options for Remember Me and Remember My Password? Because I checked Remember My Password on a cousin's computer and then changed my password later, because I moved to a different country. Does that mean my cousin and anybody who used his computer had access to my emails?


What you're seeing is not what I expect.

Regardless of whether you're using Hotmail or some other service, I'll describe what I believe should happen that keeps you secure, as well as the difference between those two Remember options on many sign-in screens.

And of course, I wouldn't be doing my job if I also didn't suggest what you should do differently in the future to remain secure.

Continue reading: Is the 'Keep Me Signed In' option immune to password changes?

* * *

Answercast #21 - Caught in the deep web, FIOS protection, SSD longevity, random pipes, and old emails.

Listen to the answercast

Continue reading: Answercast #21 - Caught in the deep web, FIOS protection, SSD longevity, random pipes, and old emails.

*** Our Sponsor

Keeping Your PC Fast & Secure

PC Matic is safe and simple to use software that automates the
regular maintenance necessary to keep your PC running like new.

Developed by PC Pitstop - relied on by millions of
computer users for award winning troubleshooting tools.

Start with a Free Diagnostic Scan Today!

Advertisement. Ask Leo about advertising here.

*** Last Issue's Articles

*** Word o' the Week


A cookie is a collection of data - typically small - that is provided by a web page and downloaded by your browser and stored on your machine. The next time your browser requests a page from that same domain all cookies that were last provided by that domain are included with the page request.

For example: you visit for the first time. When the initial page is downloaded included with that page might be some data in a cookie that says "SeenFirstPage=1". That data - the domain and its cookie "SeenFirstPage=1" - is stored by your browser somewhere on your machine. The next time you visit any page on your browser includes the "SeenFirstPage=1" cookie with the request. In this example the site may then elect to perhaps present a different page knowing that you've seen the first page.

The actual contents and usage of cookies is not defined, and may be anything as defined by the website that uses them.

In practice cookies are most frequently used to store information to prevent needing to login over and over for every single page on a site that requires login (such as an email service), to maintain the state of a shopping cart when shopping in an online store and just generally to provide a more seamless experiences on feature-rich web sites.

Word o' the Week features a computer term or acronym taken from the Ask Leo! Glossary. If there's a word you're not sure of and would like to see defined, click here to let me know.

*** Leo Recommends

WebDrive - Make FTP connections appear as virtual drives.

If you do anything on the web, particularly things like web development or other types of website maintenance, you're probably aware of "FTP" or File Transfer Protocol. The FTP protocol, and its sibling SFTP (Secure FTP), are two of the quiet workhorses of pushing bits around the internet.

The current traditional approach to dealing with file transfers via FTP is to use a graphical utility such as FileZilla, CuteFTP, WinSCP or others, and then drag-and-drop files to and from the remote site. The previous approach was to use the "ftp" program to perform the same operations at the command line.

I've become addicted to WebDrive which allows you to do both and much, much more, by simply making a FTP connection appear as a virtual disk drive on your machine.

That's an incredibly simple approach that enables a world of flexibility.

Continue reading: WebDrive - Make FTP connections appear as virtual drives.

Each week I recommend a specific product or resource that I've found valuable and that I think you may as well. What does my recommendation mean?

Share!: image image

*** Administration

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at for their own FREE subscription!

Need more help with or have questions about the newsletter? Check out the newsletter administration page.

Newsletter contents Copyright © 2012,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC