Hi.
I posted this elsewhere but no comments were made so I guess it was in the wrong section.
If PortableApps [or anything for that matter] are run from a USB flash drive plugged into a Vista machine [without saving files or anything except to the USB thumb drive], will there be any traces left on the Vista machine in the form of logs, temp files, records of any type? It would be enlightening to know.
Thanks in advance.
soggie
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
Well to put you at ease... It will not leave any traces on a vista Machine, we thoroughly tested it to make sure.
your friendly neighbourhood moderator Zach Thibeau
It depends on what's installed. Portable software does not block local programs in any way. If OS logs activity, portable software will be there. Stealthiness does not exist.
What Zach Thibeau meant is that PA.com software doesn't leave anything by itself.
"Those people who think they know everything are a great annoyance to those of us who do." Asimov
Thanks for clearing that up, I thought he meant just our Apps not anyone elses
your friendly neighbourhood moderator Zach Thibeau
Tell me, how do PortableApps.com Apps prevent locally installed keyloggers, screen capture utilities, ProcessMonitor, network sniffers and other logging software that might be installed on the host computer from working?
PA.com apps don't leave anything by themselves unless they have a missed bug (IIRC it happened before). That's probably the strongest correct statement.
ADDED:
"PA.com apps don't leave anything by themselves unless they have a missed bug as long as you know how to use them"
Example: Firefox update.
"Those people who think they know everything are a great annoyance to those of us who do." Asimov
"Tell me, how do PortableApps.com Apps prevent locally installed keyloggers, screen capture utilities, ProcessMonitor, network sniffers and other logging software that might be installed on the host computer from working?"
You already said it; "Portable software does not block local programs in any way. If OS logs activity, portable software will be there. Stealthiness does not exist."
If the Administrator is out to get you, you're toast anyway.
If you knew the answer, why ask the question? A simple 'FYI' statement would have been sufficient to help others.
Zach Thibeau seems to believe that my words are correct only for apps out of PA.com, at least that's how I took his words.
"Those people who think they know everything are a great annoyance to those of us who do." Asimov
will there be any traces left on the Vista machine in the form of logs, temp files, records of any type?
PortableApps are designed to be a convenient form of computing not to break employer/university/school/roommate's rules and policies.
Properly designed portable apps will not leave personal data on the host but if the pc crashes or looses power while the apps are being used or the USB stick is yanked out while apps are being used personal data may be left behind.
If you want to be perfectly safe and stealth boot your own OS. PVPM works.
Ed
It's not stealth as all your network traffic is still visible to the network admins. And if you encrypt it, they may not see the actual traffic but they can see that you're running encrypted traffic (and assume you're doing something you're not supposed to do).
People throw around the word "stealth" far too readily.
Sometimes, the impossible can become possible, if you're awesome!
Right. File operations are not stealth either. It only gives some obfuscation of what happens on the virtual HDD.
"Those people who think they know everything are a great annoyance to those of us who do." Asimov
I created a 4GB TrueCrypt virtual partition and I run all my PortableApps from that. And no matter if I run Thunderbird, Firefox etc, no traces whatsoever seem to be left or in fact written on my Vista Hard drive.
Not sure about Vista, but on my XP machine,the "hide inactive icons" found by right clicking the start button and selecting properties,clicking taskbar tab then customize, show the portableapps, thunderbird and thunderbird email envelope icons I use. The thunderbird envelope left over hidden icon is the one that bothers me as it shows my email address. To get rid of them you have to go into windows registry and do some house cleaning. Of course that clears all the past icons you have used,which is not all bad since most systems have a lot of old icons hanging around.
My usb drive is a total Truecrypt drive also.
Remember you must kill and restart the explorer.exe process for this cleaning to work, otherwise the data is restored from explorer memory on shutdown.
in MRU lists , entries will be found , since when you run something from windows env it will be listed there. Only sometimes when something is run directly from command line this will be not logged, but if run from the GUI it will.
Otto Sykora
Basel, Switzerland
Keeping a copy of CCleaner on your drive helps a lot with this type of stuff.
Most businesses, universities, libraries, cafes don't like users installing apps of any type on their hard drives so CClearer won't help.
Ed
Not install, run portably from your flash drive. No installation necessary.
Most businesses, universities, libraries, cafes don't like users changing their pc's Windows' Registry either so I don't think CClearer will help.
Ed
They may not like it, but under a user account you have access to the HKCU branch, and the account's temp files, cookies, etc. CCleaner has its place.
it can also overwrite.
since apps are here allowed to write, they can also overwrite or delete.
I meant just people should not think there is absolutely nothing written to the disk or registry.
Not real keys, but MRU list etc will be definitely written.
And can be in such case cleaned manually by cc or other tools if they are able to edit registry or at least the part it allowed to write at that moment.
Otto Sykora
Basel, Switzerland