I am suggesting to my parents that they do a system recover on their
computer to get it to the stage it was when it was delivered from the
factory. This would be a lot of work, but I think its necessary.
These are my reasons:
1. The Norton Anti Virus is disabled for 5 to 6 minutes on start up.
2. When you click on the HP (Hewlett Packard) bar at the top, it starts
off OK, and then says "malicious script executing"
3. When I do Symantec's online scan (from their web page), I'm told
that a port is open.
4. I use Eudora email on my parents computer. Eudora is not as safe as
Outlook Express. Recently I opened an email that just locked the
computer for two minutes. I tried clicking on it a half hour later,
and it did the same thing. I wonder if it might have executed some
malicious code.

So, I need an expert opinion - Should I tell my parents to stop doing
financial transactions on their computer and should I rebuild all the
software for them?
Thanks,
Marvin

MARVINJCOHEN@LYCOS.COM wrote:

The answer really depends on 1) your skill level; 2) with what viruses
and malware your parents' computer is infected. Because your parents'
computer is definitely infected.

Here are general virus/malware removal steps:
http://www.elephantboycomputers.com/...moving_Malware

If they look like more work than you want to do, either take the machine
to a professional computer repair shop or restore the computer to
factory condition. Do not connect to the Internet unless Service Pack 2
and an antivirus is installed.

I don't agree with you about the relative safety of Eudora and OE. The
reason you are having difficulties with your email is that the computer
is infected.

Malke
--
MS-MVP Windows User/Shell
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic"

Try getting rid of the virus you have first. Are you able to boot in
Safe mood? try that and do a full system scan and make sure your
anti-virus software is up to date. Also, run an adware or spybot
program. If that were my computer and a port was open with scripts
controlling your computer...I can assure you I would find another
computer to do financial transactions.

From: <MARVINJCOHEN@LYCOS.COM>

| I am suggesting to my parents that they do a system recover on their
| computer to get it to the stage it was when it was delivered from the
| factory. This would be a lot of work, but I think its necessary.
| These are my reasons:
| 1. The Norton Anti Virus is disabled for 5 to 6 minutes on start up.
| 2. When you click on the HP (Hewlett Packard) bar at the top, it starts
| off OK, and then says "malicious script executing"
| 3. When I do Symantec's online scan (from their web page), I'm told
| that a port is open.
| 4. I use Eudora email on my parents computer. Eudora is not as safe as
| Outlook Express. Recently I opened an email that just locked the
| computer for two minutes. I tried clicking on it a half hour later,
| and it did the same thing. I wonder if it might have executed some
| malicious code.
|
| So, I need an expert opinion - Should I tell my parents to stop doing
| financial transactions on their computer and should I rebuild all the
| software for them?
| Thanks,
| Marvin

Oy ! Another post !

Please don't Multi-Post.
Please learn to Cross-Post to pertinent, On Topic, News Groups instead.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

A virus attack mandates a complete "clean install".
Why? Read the following:

Viruses - I feel your pain
http://blogs.msdn.com/larryosterman/...18/159482.aspx

Read the following article thoroughly, then follow
the steps outlined to perform a "recovery from the hard drive"
which will reformat the drive prior to reinstalling Windows XP:
http://h10025.www1.hp.com/ewfrf/wc/d...en#bph07145_cp

--
Carey Frisch
Microsoft MVP
Windows - Shell/User
Microsoft Community Newsgroups
news://msnews.microsoft.com/

---------------------------------------------------------------------------*----------------

|| So, I need an expert opinion - Should I tell my parents to stop doing
|| financial transactions on their computer and should I rebuild all the
|| software for them?
|| Thanks,
|| Marvin

From: "Carey Frisch [MVP]" <cnfrisch@nospamgmail.com>

| A virus attack mandates a complete "clean install".
| Why? Read the following:
|
| Viruses - I feel your pain
| http://blogs.msdn.com/larryosterman/...18/159482.aspx
|
| Read the following article thoroughly, then follow
| the steps outlined to perform a "recovery from the hard drive"
| which will reformat the drive prior to reinstalling Windows XP:
|
http://h10025.www1.hp.com/ewfrf/wc/d...en#bph07145_cp
|

You are assuming there is indeed a virus and it is so virulent that draconian action is
required.

"1. The Norton Anti Virus is disabled for 5 to 6 minutes on start up."
- If it was a virus, it would have been totally disabled or even corrupted (some viruses
target the Registry entries of major V packages)

"2. When you click on the HP (Hewlett Packard) bar at the top, it starts
off OK, and then says "malicious script executing""
- What's reporting this ? HP software ? Norton.
If it is Norton then Norton isn't completely disabled and is overly cautious on HP software
scripts. Nothing uncommon with Norton.

"3. When I do Symantec's online scan (from their web page), I'm told
that a port is open."
- What port ? This could be a simply Proxy Trojan or it could be flagging NetBIOS over IP.
Basically insufficient information to make a confirmed conclusion.

"4. I use Eudora email on my parents computer. Eudora is not as safe as
Outlook Express. Recently I opened an email that just locked the
computer for two minutes. I tried clicking on it a half hour later,
and it did the same thing. I wonder if it might have executed some
malicious code."
- Eudora not as safe as OE ? That's an uninformed opinion. Maybe I should go to Secunia
and lookup both software and compare vulnerabilities patched and unpatched { Another time }
Nothing in that or the rest of the above is indicative of a totally infected platform
requiring a draconian solution of a wipe and re-install. The post says nothing about the
email message. For example its size, content, if there are attachments, etc. Nothing.
Therefore there are so many variables that a conclusion can not be made.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

David H. Lipman wrote:
duct=71013&dlc=en&lang=en#bph07145_cp
David, are you trying to use "logic" with Carey?

--
Mike Pawlak

From: "MAP" <mikepawlak2REM@OVEhotmail.com>


|
| David, are you trying to use "logic" with Carey?
|

Mike:

Logic is a pretty flower that smells bad :-)

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

When in doubt, assume the worst case scenario and take
prudent precautionary measures...

--
Carey Frisch
Microsoft MVP
Windows - Shell/User
Microsoft Community Newsgroups
news://msnews.microsoft.com/

---------------------------------------------------------------------------*----------------

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:%23OdAYIudGHA.1320@TK2MSFTNGP04.phx.gbl...
| From: "Carey Frisch [MVP]" <cnfrisch@nospamgmail.com>
|
|| A virus attack mandates a complete "clean install".
|| Why? Read the following:
||
|| Viruses - I feel your pain
|| http://blogs.msdn.com/larryosterman/...18/159482.aspx
||
|| Read the following article thoroughly, then follow
|| the steps outlined to perform a "recovery from the hard drive"
|| which will reformat the drive prior to reinstalling Windows XP:
||
| http://h10025.www1.hp.com/ewfrf/wc/d...en#bph07145_cp
||
|
| You are assuming there is indeed a virus and it is so virulent that draconian action is
| required.
|
| "1. The Norton Anti Virus is disabled for 5 to 6 minutes on start up."
| - If it was a virus, it would have been totally disabled or even corrupted (some viruses
| target the Registry entries of major V packages)
|
| "2. When you click on the HP (Hewlett Packard) bar at the top, it starts
| off OK, and then says "malicious script executing""
| - What's reporting this ? HP software ? Norton.
| If it is Norton then Norton isn't completely disabled and is overly cautious on HP software
| scripts. Nothing uncommon with Norton.
|
| "3. When I do Symantec's online scan (from their web page), I'm told
| that a port is open."
| - What port ? This could be a simply Proxy Trojan or it could be flagging NetBIOS over IP.
| Basically insufficient information to make a confirmed conclusion.
|
| "4. I use Eudora email on my parents computer. Eudora is not as safe as
| Outlook Express. Recently I opened an email that just locked the
| computer for two minutes. I tried clicking on it a half hour later,
| and it did the same thing. I wonder if it might have executed some
| malicious code."
| - Eudora not as safe as OE ? That's an uninformed opinion. Maybe I should go to Secunia
| and lookup both software and compare vulnerabilities patched and unpatched { Another time }
| Nothing in that or the rest of the above is indicative of a totally infected platform
| requiring a draconian solution of a wipe and re-install. The post says nothing about the
| email message. For example its size, content, if there are attachments, etc. Nothing.
| Therefore there are so many variables that a conclusion can not be made.
|
| --
| Dave
| http://www.claymania.com/removal-trojan-adware.html
| http://www.ik-cs.com/got-a-virus.htm
|
|

From: "Carey Frisch [MVP]" <cnfrisch@nospamgmail.com>

| When in doubt, assume the worst case scenario and take
| prudent precautionary measures...

| --
| Carey Frisch
| Microsoft MVP
| Windows - Shell/User
| Microsoft Community Newsgroups
| news://msnews.microsoft.com/


Using a sledge hammer to kill a fly is not being prudent and is unwarranted.

An interactive discussion with the end user is needed to qualify his statements and
distill the problem into its core problems with specific facts that surround them and
really determine a proper course of action.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm