Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




709 posts

Ultimate Geek


Topic # 57206 5-Feb-2010 17:40
Send private message

This is what could happen to you!

I put an add in the paper for data entry work a few weeks ago, yesterday i got a phone call from a local asking if i fix pc's, well the ad in the paper was about data entry work but I can take a look at it if you want. Yes please i think my pc has a worm was his reply. So I tell him to bring his case over and i'll hook it up to my monitor/keyb as i never go round to peoples places to do this type of work and they so desperately want to get their pcs fix they never decline to bring it over.

He brings over his pc an eMachine E1600, 1.6ghz 1g ram onboard gfrx, the case is the size of a shoebox. Start his pc up running windows home edition, first thing i notice is Ares file sharing app running on his taskbar that their sent warnings. No grfx detected so update his drivers and fix that. No signs of viruses i can surf the internet, no slowdowns or anything strange im playing around with his pc checking folders for at least 30min. He has no antivirus or firewall running except Windows firewall. So i download Avasti 5 free edition and run a scan. That's when everything turned to mud. I couldn't believe well put it this way i stopped counting once i got to Trojan number 30 detected. Once the scan had finished which took over 2 hrs to scan, 88 trogans and malware was found on his pc. Yet i may not be up with the times here but surfing the internet was not a problem nor accessing anything on his drive it was like his computer was fine no slowdowns nothing. Or these trogans just laid dormat and trigger on certain events.

So avasti fixed the above problems then i ran a second scan just to make sure, avasti popup window went crazy about a herss.exe (nasty!)was detected by and stopped before it can modify - then it would repeat the warning over and over. Once herss was detected & triggered it blocked access to the C drive double clicking on the C drive would cause a tab to open with the ''Open with'' option, 'Show hidden services' in the folders/view menu was blocked everytime i checked that it would revert back. So i couldn't open the C drive or access hidden services. Meanwhile Avasti was popping up with same trogan detected every 10 seconds Avasti couldn't fully stop it but just kept sending it to the vault. Still had access to the internet so Google a fix for this herss.exe and found a program called Flash Disinfector. Installed this and ran it, once that was done the c drive was back and the herss.exe file was no longer coming up as warnings in Avasti. I could also check hidden services as i wanted to see what crap was in the Temp folder.

restarted pc and did one more full scan. Everything turned up with no viruses found. Job done. No wait one more thing i should check - his browser and see what sites they visit. I found in a drop down menu full of file sharing links so i installed Zonealarm and blocked them all. This couple is in their 50's and they have two teenagers using the pc so i suspect the file sharing sites are been used by them unless of course they too listen to snoop dogg

Woke up this morning turned on his pc and ran one more scan just to be safe. His windows is good as new.

I stopped using anti-viruses and just run Malwarebytes once a week but after working on this guys computer i think i will go back to having an antivirus installed just incase! Avasti 5 at least found the Trojans and fixed but had problems with getting rid of herss.exe even so i now have this antivirus install on my pc. Version 5 is smooth and light on the resources and comes with a silent gaming mode option im sure it never had this in Version 4. Flash disinfector is another that's worth having on your pc.




Worst Response To A Crisis:
From a readers' Q and A column in TV GUIDE: "If we get involved in a nuclear war, would the electromagnetic pulses from exploding bombs damage my videotapes?"



Create new topic
253 posts

Ultimate Geek

Geekstore

  Reply # 296526 5-Feb-2010 22:16
Send private message

Thanks for letting everyone know about this vicious virus.

Definitely doesn't seem like a nice one according to greatis: http://www.greatis.com/appdata...




Shaun Fisher - www.geekstore.co.nz

E: shaun[at]geekstore[dot]co[dot]nz
P: 0800894508  F: 0800897451

2260 posts

Uber Geek

Trusted

  Reply # 296658 6-Feb-2010 19:33
Send private message

Good job :)

yeah you should use Avast and Malwarebytes in combo with windows firewall :)

Zone alarm just slows things down too much, also Avira is good, it's low in size too, but sometimes pops up annoying adverts saying "Your PC could be hacked at any time" usually just after an update




I have moved across the ditch.  Now residing in Melbourne as a VOIP/Video Technical Trainer/Engineer. 

 
 
 
 


3000 posts

Uber Geek

Trusted

  Reply # 296660 6-Feb-2010 19:50
Send private message

Avast recently changed the logo due to too many people reading it as "Avasti"

See below from the official site:

The word ?avast!?. As you may notice, the font has been cleaned up a bit from what you see in 4.8. That was to make it more readable. Mainly, some people read it as ?avasti?. Try it, google ?avasti? and you will see. Unfortunately you will see that scammers also latched onto that. Anyways, it should now be clear that it is ?avast?.


On the topic of antiviruses, does anyone know what is is the smallest, low footprint (trusted) antivirus application?, not a full firewall and security but a simple "antivirus" with few "features" but a good engine.

I used to think Nod32 was light and small but I downloaded the demo and the file size was huge.

2074 posts

Uber Geek
+1 received by user: 619

Subscriber

  Reply # 296682 6-Feb-2010 23:42
Send private message

I am using MS Security Essentials, seems to have a rather small footprint sitting here browsing the web its using about 4mb of RAM.



709 posts

Ultimate Geek


  Reply # 297534 9-Feb-2010 22:22
Send private message



On the topic of antiviruses, does anyone know what is is the smallest, low footprint (trusted) antivirus application?, not a full firewall and security but a simple "antivirus" with few "features" but a good engine.

I used to think Nod32 was light and small but I downloaded the demo and the file size was huge.


ESET NOD32 Antivirus is the best antivirus ive known, previous versions were very light on resources being a gamer its a favourite as there is no need to disable the antivirus while playing online games its that light.  Dont know about the latest version though Nod32 v4 as sounds by what you said they have changed.

Another good one is 'Nortons Antivirus Gamers Edition' its on the same par with Nod32 very light and not a resource hogger like nortons is known to be.

As for me i find the free versions good enough now Avast 5 is pretty good.

Nortons gamers edtion
http://www.symantec.com/norton/antivirus-gaming/welcome/index.jsp









Worst Response To A Crisis:
From a readers' Q and A column in TV GUIDE: "If we get involved in a nuclear war, would the electromagnetic pulses from exploding bombs damage my videotapes?"



BDFL - Memuneh
59180 posts

Uber Geek
+1 received by user: 10414

Administrator
Trusted
Geekzone
Subscriber

  Reply # 297536 9-Feb-2010 22:24
Send private message

Folks, just for the sake of Google juice, I have edited the subject with the correct spelling for Avast.




BDFL - Memuneh
59180 posts

Uber Geek
+1 received by user: 10414

Administrator
Trusted
Geekzone
Subscriber

  Reply # 297542 9-Feb-2010 22:40
Send private message

Windows Vista and Windows 7 firewall does inbound/outbound filtering. The Windows XP is inbound only.




Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

UAV Traffic Management Trial launching today in New Zealand
Posted 12-Dec-2017 16:06


UFB connections pass 460,000
Posted 11-Dec-2017 11:26


The Warehouse Group to adopt IBM Cloud to support digital transformation
Posted 11-Dec-2017 11:22


Dimension Data peeks into digital business 2018
Posted 11-Dec-2017 10:55


2018 Cyber Security Predictions
Posted 7-Dec-2017 14:55


Global Govtech Accelerator to drive public sector innovation in Wellington
Posted 7-Dec-2017 11:21


Stuff Pix media strategy a new direction
Posted 7-Dec-2017 09:37


Digital transformation is dead
Posted 7-Dec-2017 09:31


Fake news and cyber security
Posted 7-Dec-2017 09:27


Dimension Data New Zealand strengthens cybersecurity practice
Posted 5-Dec-2017 20:27


Epson NZ launches new Expression Premium Photo range
Posted 5-Dec-2017 20:26


Eventbrite and Twickets launch integration partnership in Australia and New Zealand
Posted 5-Dec-2017 20:23


New Fujifilm macro lens lands in New Zealand
Posted 5-Dec-2017 20:16


Cyber security not being taken seriously enough
Posted 5-Dec-2017 20:13


Sony commences Android 8.0 Oreo rollout in New Zealand
Posted 5-Dec-2017 20:08



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.