Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




709 posts

Ultimate Geek


#57206 5-Feb-2010 17:40
Send private message

This is what could happen to you!

I put an add in the paper for data entry work a few weeks ago, yesterday i got a phone call from a local asking if i fix pc's, well the ad in the paper was about data entry work but I can take a look at it if you want. Yes please i think my pc has a worm was his reply. So I tell him to bring his case over and i'll hook it up to my monitor/keyb as i never go round to peoples places to do this type of work and they so desperately want to get their pcs fix they never decline to bring it over.

He brings over his pc an eMachine E1600, 1.6ghz 1g ram onboard gfrx, the case is the size of a shoebox. Start his pc up running windows home edition, first thing i notice is Ares file sharing app running on his taskbar that their sent warnings. No grfx detected so update his drivers and fix that. No signs of viruses i can surf the internet, no slowdowns or anything strange im playing around with his pc checking folders for at least 30min. He has no antivirus or firewall running except Windows firewall. So i download Avasti 5 free edition and run a scan. That's when everything turned to mud. I couldn't believe well put it this way i stopped counting once i got to Trojan number 30 detected. Once the scan had finished which took over 2 hrs to scan, 88 trogans and malware was found on his pc. Yet i may not be up with the times here but surfing the internet was not a problem nor accessing anything on his drive it was like his computer was fine no slowdowns nothing. Or these trogans just laid dormat and trigger on certain events.

So avasti fixed the above problems then i ran a second scan just to make sure, avasti popup window went crazy about a herss.exe (nasty!)was detected by and stopped before it can modify - then it would repeat the warning over and over. Once herss was detected & triggered it blocked access to the C drive double clicking on the C drive would cause a tab to open with the ''Open with'' option, 'Show hidden services' in the folders/view menu was blocked everytime i checked that it would revert back. So i couldn't open the C drive or access hidden services. Meanwhile Avasti was popping up with same trogan detected every 10 seconds Avasti couldn't fully stop it but just kept sending it to the vault. Still had access to the internet so Google a fix for this herss.exe and found a program called Flash Disinfector. Installed this and ran it, once that was done the c drive was back and the herss.exe file was no longer coming up as warnings in Avasti. I could also check hidden services as i wanted to see what crap was in the Temp folder.

restarted pc and did one more full scan. Everything turned up with no viruses found. Job done. No wait one more thing i should check - his browser and see what sites they visit. I found in a drop down menu full of file sharing links so i installed Zonealarm and blocked them all. This couple is in their 50's and they have two teenagers using the pc so i suspect the file sharing sites are been used by them unless of course they too listen to snoop dogg

Woke up this morning turned on his pc and ran one more scan just to be safe. His windows is good as new.

I stopped using anti-viruses and just run Malwarebytes once a week but after working on this guys computer i think i will go back to having an antivirus installed just incase! Avasti 5 at least found the Trojans and fixed but had problems with getting rid of herss.exe even so i now have this antivirus install on my pc. Version 5 is smooth and light on the resources and comes with a silent gaming mode option im sure it never had this in Version 4. Flash disinfector is another that's worth having on your pc.




Worst Response To A Crisis:
From a readers' Q and A column in TV GUIDE: "If we get involved in a nuclear war, would the electromagnetic pulses from exploding bombs damage my videotapes?"



Create new topic
253 posts

Ultimate Geek

Geekstore

  #296526 5-Feb-2010 22:16
Send private message

Thanks for letting everyone know about this vicious virus.

Definitely doesn't seem like a nice one according to greatis: http://www.greatis.com/appdata...




Shaun Fisher - www.geekstore.co.nz

E: shaun[at]geekstore[dot]co[dot]nz
P: 0800894508  F: 0800897451

2260 posts

Uber Geek

Trusted

  #296658 6-Feb-2010 19:33
Send private message

Good job :)

yeah you should use Avast and Malwarebytes in combo with windows firewall :)

Zone alarm just slows things down too much, also Avira is good, it's low in size too, but sometimes pops up annoying adverts saying "Your PC could be hacked at any time" usually just after an update




I have moved across the ditch.  Now residing in Melbourne as a VOIP/Video Technical Trainer/Engineer. 

 
 
 
 


3000 posts

Uber Geek

Trusted

  #296660 6-Feb-2010 19:50
Send private message

Avast recently changed the logo due to too many people reading it as "Avasti"

See below from the official site:

The word ?avast!?. As you may notice, the font has been cleaned up a bit from what you see in 4.8. That was to make it more readable. Mainly, some people read it as ?avasti?. Try it, google ?avasti? and you will see. Unfortunately you will see that scammers also latched onto that. Anyways, it should now be clear that it is ?avast?.


On the topic of antiviruses, does anyone know what is is the smallest, low footprint (trusted) antivirus application?, not a full firewall and security but a simple "antivirus" with few "features" but a good engine.

I used to think Nod32 was light and small but I downloaded the demo and the file size was huge.

2364 posts

Uber Geek


  #296682 6-Feb-2010 23:42
Send private message

I am using MS Security Essentials, seems to have a rather small footprint sitting here browsing the web its using about 4mb of RAM.



709 posts

Ultimate Geek


  #297534 9-Feb-2010 22:22
Send private message



On the topic of antiviruses, does anyone know what is is the smallest, low footprint (trusted) antivirus application?, not a full firewall and security but a simple "antivirus" with few "features" but a good engine.

I used to think Nod32 was light and small but I downloaded the demo and the file size was huge.


ESET NOD32 Antivirus is the best antivirus ive known, previous versions were very light on resources being a gamer its a favourite as there is no need to disable the antivirus while playing online games its that light.  Dont know about the latest version though Nod32 v4 as sounds by what you said they have changed.

Another good one is 'Nortons Antivirus Gamers Edition' its on the same par with Nod32 very light and not a resource hogger like nortons is known to be.

As for me i find the free versions good enough now Avast 5 is pretty good.

Nortons gamers edtion
http://www.symantec.com/norton/antivirus-gaming/welcome/index.jsp









Worst Response To A Crisis:
From a readers' Q and A column in TV GUIDE: "If we get involved in a nuclear war, would the electromagnetic pulses from exploding bombs damage my videotapes?"



BDFL - Memuneh
66295 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #297536 9-Feb-2010 22:24
Send private message

Folks, just for the sake of Google juice, I have edited the subject with the correct spelling for Avast.




BDFL - Memuneh
66295 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #297542 9-Feb-2010 22:40
Send private message

Windows Vista and Windows 7 firewall does inbound/outbound filtering. The Windows XP is inbound only.




Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Intel introduces 10th Gen Intel Core H-series for mobile devices
Posted 2-Apr-2020 21:09


COVID-19: new charitable initiative to fund remote monitoring for at-risk patients
Posted 2-Apr-2020 11:07


Huawei introduces the P40 Series of Android-based smartphones
Posted 31-Mar-2020 17:03


Samsung Galaxy Z Flip now available for pre-order in New Zealand
Posted 31-Mar-2020 16:39


New online learning platform for kids stuck at home during COVID-19 lockdown
Posted 26-Mar-2020 21:35


New 5G Nokia smartphone unveiled as portfolio expands
Posted 26-Mar-2020 17:11


D-Link ANZ launches wireless AC1200 4G LTE router
Posted 26-Mar-2020 16:32


Ring introduces two new video doorbells and new pre-roll technology
Posted 17-Mar-2020 16:59


OPPO uncovers flagship Find X2 Pro smartphone
Posted 17-Mar-2020 16:54


D-Link COVR-2202 mesh Wi-Fi system now protected by McAfee
Posted 17-Mar-2020 16:00


Spark Sport opens its platform up to all New Zealanders at no charge
Posted 17-Mar-2020 10:04


Spark launches 5G Starter Fund
Posted 8-Mar-2020 19:19


TRENDnet launches high-performance WiFi Mesh Router System
Posted 5-Mar-2020 08:48


Sony boosts full-frame lens line-up with introduction of FE 20mm F1.8 G large-aperture ultra-wide-angle prime Lens
Posted 5-Mar-2020 08:44


Vector and Spark teamed up on smart metering initiative
Posted 5-Mar-2020 08:42



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.