Re: Should I do a system recover given the following vulnerabilities

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Carey Frisch [MVP]" <cnfrisch@xxxxxxxxxxxxxxx>

| A virus attack mandates a complete "clean install".
| Why? Read the following:
|
| Viruses - I feel your pain
| http://blogs.msdn.com/larryosterman/archive/2004/06/18/159482.aspx
|
| Read the following article thoroughly, then follow
| the steps outlined to perform a "recovery from the hard drive"
| which will reformat the drive prior to reinstalling Windows XP:
|
http://h10025.www1.hp.com/ewfrf/wc/document?lc=en&cc=us&docname=bph07145&product=71013&dlc=en&lang=en#bph07145_cp
|

You are assuming there is indeed a virus and it is so virulent that draconian action is
required.

"1. The Norton Anti Virus is disabled for 5 to 6 minutes on start up."
- If it was a virus, it would have been totally disabled or even corrupted (some viruses
target the Registry entries of major V packages)

"2. When you click on the HP (Hewlett Packard) bar at the top, it starts
off OK, and then says "malicious script executing""
- What's reporting this ? HP software ? Norton.
If it is Norton then Norton isn't completely disabled and is overly cautious on HP software
scripts. Nothing uncommon with Norton.

"3. When I do Symantec's online scan (from their web page), I'm told
that a port is open."
- What port ? This could be a simply Proxy Trojan or it could be flagging NetBIOS over IP.
Basically insufficient information to make a confirmed conclusion.

"4. I use Eudora email on my parents computer. Eudora is not as safe as
Outlook Express. Recently I opened an email that just locked the
computer for two minutes. I tried clicking on it a half hour later,
and it did the same thing. I wonder if it might have executed some
malicious code."
- Eudora not as safe as OE ? That's an uninformed opinion. Maybe I should go to Secunia
and lookup both software and compare vulnerabilities patched and unpatched { Another time }
Nothing in that or the rest of the above is indicative of a totally infected platform
requiring a draconian solution of a wipe and re-install. The post says nothing about the
email message. For example its size, content, if there are attachments, etc. Nothing.
Therefore there are so many variables that a conclusion can not be made.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


.

Relevant Pages

  • Re: Norton 2005
    ... Norton's bad press is by people who machines were screwed by norton's products, not it's virus catching behaviour. ... I only look up viruses at Norton's site as they seem to know the most about viruses. ... A Install a Norton product. ... > AVG is free for home use, ...
    (microsoft.public.windowsxp.general)
  • Re: help again !!!
    ... Were the virus definitions up-to-date? ... If Windows XP, was internal firewall enabled? ... Third party firewall (like Zone Alarm or Norton Personal Firewall) present? ...
    (microsoft.public.security.virus)
  • Re: hacktool.rootkit HELP
    ... | Thanks for the advice. ... Norton Antivirus reported the following: ... |>> online virus scanners and Norton antivirus numerous times and all ... |>> The virus definitions date that found this problem was 10/19/05. ...
    (microsoft.public.security.virus)
  • Re: Anti-spy ware
    ... Norton Alert that comes up says it's from windows/addins/tuilabs.dll and the ... had a Norton Antivirus alert that tells me it has detected a virus and is ... Any threats around and we can take care of it. ...
    (microsoft.public.security)
  • Re: Trojans Help
    ... Running two anti virus programs at the same time nay cause conflicts and that is why you are getting so many viruses. ... Disable/uninstall one of them - leave AVG installed!! ... | Only AVG finds the trojans not norton and I cant tell what internet sites ...
    (microsoft.public.windowsxp.help_and_support)