Re: Has my computer been hacked?

From: <MARVINJCOHEN@xxxxxxxxx>

Replies are inline...

|
| David,
| You suggest dumping Norton software and going with little companies
| without much of a rep. I think thats risky. Then you say I should run

On the contrary, they have a great reputation and are ICSA certified.
http://www.icsalabs.com/icsa/main.php?pid=b31a$6140dfe3-4a851ebd$eaa4-72b

http://www.av-comparatives.org/


| MULTI_AV.EXE on my computer. Are you going to give me the source code
| to this program so that I can read the whole thing to make sure its
| safe, and then let me compile it? You say to disable my firewall (or
| use WGET.exe) while I run MULTI_AV.EXE. Suppose I'm a lazy user and
| just disable my firewall. Would this be safe?



Compile it ? It is open source interpretive code to begin with and provides a front-end to
other ICSA Certified command line AV scanners from; McAfee, Sophos, Trend Micro and
Kaspersky.

As for the FireWall, WGET is a GNU free FTP and http 'get' utility and is open source.
Unfortunately a FireWall may block its ability to retrieve the needed utilities, AV scanners
and AV signature files and thus leaving the utility unable to perform its function. I can't
and won't distribute the AV scanners directly. As for disabling tghe FireWall
alltogether... I wish this would NOT have to be done but if the FireWall does NOT give
WGET.EXE permission to access the Internet then thast is the option. If the PC is behind a
NAT Router, this is not a problem. If the PC is up-to-date with patches and hotfixes with
no NAT Router than there is only a slight risk. If the PC is not up-to-date and is not
behind a NAT Router than the PC is being maintained properly in the first place and it is
already "at risk" FireWall or not.



| The internet is a strange place - you could be a very helpful,
| knowledgable individual, or you could be a hacker. I would have no way
| of knowing. In fact, you can be 3 people at once in this forum. (I am
| two myself.)


Do your homework -- start with Google !


| To answer some of the questions in this forum -
| 1. the email that locked my computer did not have an attachment.


That isn't indicative of a virus -- is it ?


| 2. The reason I think Eudora is less safe than Outlook Express is that
| I posted my question to a Eudora forum, and was told that Eudora was
| not safe. Also, in Outlook Express you can set all messages to be read
| as plain text, which prevents mischief. In fact, this is suggested by
| Microsoft Windows Help on my XP computer.


Go to an authotrrative location such as a CERT aor Secunia and compare patched and unpatched
known vulnerabilities of both products. If you really think OE is safer, whay are you not
using it and leaving your parents PC "At Risk" (based upon your own statement). Personally
I use Pegasus Mail.


| 3. When I clicked on the HP bar I'm not sure where the "malicious
| script" message came from - but I don't think it was NAV. I could
| repeat the experiment right now, but for obvious reasons I don't want
| to do that.
| -- Marvin


If NAV is the AV software on your PC then *IT* should be declaring "a malicious script".
Otherwise yopu have to ask what is generating this message and is it really true. i have my
doubts.

Instead of arguing you POVs, I strongly suggest taking proactive messures. Let's face it,
for all the arguments you just made, you failed to provide substantial information in your
original post. For example what version of NAV, what OS and Service pack level, what is the
EXACT message concerning the malicious script and its sourcem what was the "Open Port" (TCP
or UDP) that was reported and the facts surrounding Eudora and the email message. Don't you
think that the fact that the email message had no attachment was important to state in the
original post ?

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


.

Relevant Pages