Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: VIRUS!

15 May 2011   #11
yowanvista

Windows 10 Pro x64, Arch Linux
 
 

Quote   Quote: Originally Posted by rigz View Post
Quote   Quote: Originally Posted by UnderJonathan View Post
Quote   Quote: Originally Posted by rigz View Post
hey help?i found virus. .in my netbook. .HERSS.EXE and PAIQE.exe. .avast couldnt detect it..im using Altap Salamander..and when i go to location..i couldnt find it..

I saw it when i type Msconfig..and i saw it in Start up list.. but it is not also in task manager processes..

PLEASE?..it slows down my netbook. .
If avast! did not detect it, how did you know it was a virus? Anyway, if it is, start in Safe Mode and then go to the location and see if you can find it. Download Malwarebytes' Anti-Malware Free and run a FULL SCAN. Then, download SUPERAntiSpyware and run a "Complete Scan" (Note: All these actions can be done in Safe Mode but it can also be performed in Windows' normal state.

well i run the msconfig..and i saw some suspicious running files in start up :
Herss.exe and Paiqe.exe..then i looked for their names in google.
These are malware, did you run Malwarebytes?


My System SpecsSystem Spec
.
15 May 2011   #12
rigz

windows 7 32 bit build 7600
 
 

[/QUOTE]


well i run the msconfig..and i saw some suspicious running files in start up :
Herss.exe and Paiqe.exe..then i looked for their names in google.[/QUOTE]
These are malware, did you run Malwarebytes?[/QUOTE]

yah boss.. that is why i was thankful for you.. ^^
My System SpecsSystem Spec
15 May 2011   #13
damien76

Win7 Ultimate 64bit
 
 

Hello rigz,

You mentioned you are using Avast. Free? So you got a non-detection? As I read it the worm/trojan infection either came from an infected removable media or via online gaming. Are you using a firewall with HIPS? What is your security set-up? I think you should re-think your security set-up and how you behave while using the internet especially online gaming.

Had a nephew who previously would go nuts calling for help when he get's infected. He is apt to do all sorts of things that do not promote his security until the laptop broke down and parts had to be replaced. Honestly, the biggest flaw(including those who have no clue what they're doing) is most people want to have his/her way. Doesn't want to be inconvenienced or something..at the expense of being vulnerable. If user just starts hitting YES over and over without looking that's trouble.

Some (kids mostly) will spend their time playing games or visit sites on the internet "finger's-crossed" all the while accumulating trojans and various malware silently. When an infection is suspected/seen they cry wolf and blame the AV. Some learn after they get a trojan that brings the computer to its knees. Some never.

Keeping away from threats/infections(prevention) is the "cure" and not removal.

Assuming you use common sense when using the net/pc, try re-setting up your security applications to get you protected properly. Try a layered security and not just trust one AV.

Some light combinations and discussions can be seen here(containing links for download):

What is a good free security software suite?

Get this one(for quick file submission testing):

VirusTotal Uploader 2.0

or(alternative),

Jottiq

Threat analysis:

ThreatExpert

Threat Explorer

ThreatCenter

Computer Threats

Because you are using Avast, read here:

How to use the Virus Chest in avast!

The future of avast protection

More importantly,

Securing Your PC and Data

How did I get infected? With steps so it does not happen again! by Grinler_Bleepingcomputer

One doesn't need to know a lot about pc security. But as much as one just want to click and click, he must at least try and take actions to learn. Again, keeping away from threats/infections(prevention) is the "cure" and not removal. No amount of security will be effective if you do not consider that.

And along "removal", Sevenforums has a very good guide for malware removal here:

Malware removal- resources packed website

Stay safe dude
My System SpecsSystem Spec
.

15 May 2011   #14
bigcitycat

Windows Seven, Ubuntu
 
 

Quote   Quote: Originally Posted by rigz View Post
Quote   Quote: Originally Posted by bigcitycat View Post
Use Firefox with noscript from now on.
im using Chrome..what is wrong with that?
Chrome does have the noscript add on available now. You should add it.
My System SpecsSystem Spec
15 May 2011   #15
damien76

Win7 Ultimate 64bit
 
 

Quote   Quote: Originally Posted by bigcitycat View Post
Quote   Quote: Originally Posted by rigz View Post
Quote   Quote: Originally Posted by bigcitycat View Post
Use Firefox with noscript from now on.
im using Chrome..what is wrong with that?
Chrome does have the noscript add on available now. You should add it.
I second that, use it sandboxed. Or use Firefox 4.01 (in sandboxed also). Chrome vullnerability
My System SpecsSystem Spec
16 May 2011   #16
rigz

windows 7 32 bit build 7600
 
 

helo boss actually ..it was on my netbook,and it does not have a constant internet connection ,and i just connect it on my home..via wireless.. i think it is from a removable media when my relative borrowed my netbook. actually i just killed the first one virus Paiqe.exe manually..i dont know why Avast 6 cant detect it,i used a Pro one version ..and i just notice when my netbook runs slower so i check out my task manager if i used a lot of memory..then i just notice the "paiqe.exe"..which i tried to end process but it states: it was in used,so i suspected it was a virus i tried a boot scan..but still it was there. .so i looked for its location run in safe mode and run the Altap Salamander to view where it is.then i deleted it.. it happpened last march.. then just last week i run msconfig... i saw again the Paiqe.exe..with other one suspicious file "Herss.exe"..then i asked help in this forum..and now there where no more malwares. im using now Malwarebytes and MSE..it was now ok for me for the mean time.
My System SpecsSystem Spec
16 May 2011   #17
I be he

Win 7 64 premium
 
 

Quote   Quote: Originally Posted by CanIHaz View Post
i also suggesting to add some kind of sandbox software. You can try Sandboxie Free or Bufferzone Pro which became free. So when you're browsing, nothing to your real HD.
Makes life much easier
My System SpecsSystem Spec
17 May 2011   #18
damien76

Win7 Ultimate 64bit
 
 

@rigz,

Quote:
..it was on my netbook,and it does not have a constant internet connection ,and i just connect it on my home..via wireless..
-- Wireless is still a connection.

Quote:
actually i just killed the first one virus Paiqe.exe manually..i dont know why Avast 6 cant detect it,i used a Pro one version ..
-- Using only one AV setup there. No on-demand/2nd opinion checker.

Quote:
then i just notice the "paiqe.exe"..which i tried to end process but it states: it was in used,so i suspected it was a virus i tried a boot scan..but still it was there. .so i looked for its location run in safe mode and run the Altap Salamander to view where it is.then i deleted it.. it happpened last march.. then just last week i run msconfig... i saw again the Paiqe.exe..with other one suspicious file "Herss.exe"..
-- You cannot just delete a trojan even in safe mode. Altap Salamander is just a file manager. You should have placed the suspicious file in Avast's Virus Chest. Strains was still left and due to it's behavior..resurfaced as Herss.exe or you just missed Herss.exe in the first place.

AvastPro user. Why did you choose AvastPro? While it is one of the best user-friendly AV's around it still is "not" a "install and leave" application. User input is needed as well as settings beyond the defualt. I have AIS(without the firewall so it's function is same as AvastPro and also have used AvastPro till end of 2010).

Well imho in the very least it's quite effective especially with a low level trojan. Something is wrong with your settings. I can't imagine non-detection there File System Shield and Behavioral Shield or at least the AutoSandbox should have alerted it (well okay maybe not Behavioral Shield).

Either you or your relative has disabled something there or definitely "settings". If the borrower has a freehand to disable Avast or something in your shield settings or allow/ignore alerts then "game over".

as mentioned,
Quote:
Honestly, the biggest flaw(including those who have no clue what they're doing) is most people want to have his/her way. Doesn't want to be inconvenienced or something..at the expense of being vulnerable.
That is classic example of how a user wrongly uses his security app especially one like AvastPro.
Yes you trusted the AV but the AV cannot do it alone for you. User input is needed.

File system shield has a tendency to make opening/closing/reading files slow so I think there was something done there plus definitely settings are not to par. Instead of disabling a shield some advice to exclude it in the File System Shield>Exclusions, that is "if" you will exclude a file/folder/app, make sure it's clean. Then go and use that file/folder/app.

In the first place you should have password protected Avast (See files.avast.com/files/manuals/user-manual-pro-eng.pdf) so the whole disabling or changing some settings should not have occurred. (I know how Filipino's are when it comes to relatives so better that it's you who will takes steps).

As far as many are in doubt as to the effectiveness of the Behavioral Shield of Avast(I call it urban legend) I still believe that it should have alerted the user or you about this. This is just a low level trojan. What happened is an example of not using security app properly. A "flaw' exists there.

Quote:
..i dont know why Avast 6 cant detect it,i used a Pro one version ...i tried a boot scan..but still it was there. .
This is a cry-wolf syndrome. Not entirely the fault of non-detection by Avast. Just to make a point, I am not a die-hard fan of Avast (among my top 5 AV's, Avast is the last for me) but in fairness here..not entirely their fault until proven otherwise. The least you could have done was to:

a) place it in the virus chest, and then
b) submitted the files to avast for verification. (or checked it at VT or Jotti's)

Then you "wolf-cry" them for non-detection at the avast forums. Lot of good guys there, like British guy "essexboy" for me I think he's the top-gun for malware removal there.

Quote:
im using now Malwarebytes and MSE..it was now ok for me for the mean time.
MSE/MBAM..maybe...I can't say I'll take that as "enough" security. If you have a default-deny settings and light virtualization like Sandboxie/Bufferzone, yes definitely..but just them and considering the behavior when you got infected..(plus MBAM scanning a measely 160gb/250gb drive for long stretches of 2-3hours...----tendency of not finishing it looms..this will be close to "game over" again).

AvastPro is good + you need a good HIPS program (MBAM as on-demand or the light HitmanPro --Prevx/GData/Emsisoft/Dr.Web/Ikarus cloud fast scanners) but that's just me. I be he and CanIHaz has a point there also. What is needed IS a review of your security settings/how you use it/what to do..etc.

The links given above are worth reading to be better informed so this "event" to not happen again. But in all honesty/as stated also, no amount of security will be effective if you do not consider what really went wrong there (the main reason for being infected with non-detection) and take steps to correct that.

Stay safe dude (at least try and take actions to learn from this)and give your relative a whacking "pitik sa tenga" , netbooks aren't cheap there in your country.

damien
My System SpecsSystem Spec
17 May 2011   #19
rigz

windows 7 32 bit build 7600
 
 

Wireless-yeah its a connection but i said "not constant"..what i mean about that is i just use my netbook's wireless connection when i needed it,not the same with desktop always on connected..

and Altap Salamander was "only" file manager...but if you have tried using its benefit. .you can easily view files with attributes RSHA..which commonly used with worms and viruses to hide and cannot be seen in ordinary windows or just viewing hidden files w/c other anti viruses couldnt even detect it..

And actually i was not totally dscourage with Avast Pro..but i dont know what your trying to point with this post are you trying to say that i should use back avast?? dont worry evryone of us has a time of choice im just trying another suggestion...because ive tried already avast,and the point of this thread was about "HELP!VIRUS"..and now my virus was cured its my now dcsion how to prevent it..and what should i used ,sir..Thanks anyway for the effort to give information
My System SpecsSystem Spec
18 May 2011   #20
Layback Bear

Windows 10 Pro. 64/ version 1709
 
 

You are absolutely correct rigz. You have the right to choose how to get rid of a infection; just like you have the right of how to get a infection. Some post give suggestion of how to get rid of the infection and some on how to stop from getting them again. All are intended to help you. Any thing that connects to a computer can do good or bad things. It could be a usb,floppy,cd,dvd or the internet. It can happen wired or wireless it doesn't matter. Connected is connected. I have used many paid for anti virus programs and a few free ones and they all have something in common; user input.
My System SpecsSystem Spec
Reply

 VIRUS!




Thread Tools




Similar help and support threads
Thread Forum
Possible Memory Leak Virus - Anti-virus detects nothing?
Hello, I am needing some support on what is exactly taking up all the RAM on my brother's PC as after about 8 hours of uptime, 65% of my Physical Memory is being used up with nothing really open. I did some research and found out it was a possible memory leak or virus, so I first tried to run...
Performance & Maintenance
how to fix / clean windows from ramnit virus and virut virus?
my windows infected ramnit virus and virut virus,how to clean them?
System Security
I have a virus and unable to run/download anti-virus software
Hi, This is my first time posting to the forum. I am not that knowledgeable with computers, but can follow basic instructions. My laptop is acting funny--I think I have a virus. However, I am unable to run any anti-malware or anti-virus software. I try to run McAfee and I get an error...
System Security
Want ideas for Virus removal if virus shows up in safemode CMD
Hi, Looking for general ideas on how everyone else handles a strong virus. If the virus is showing up in Windows regular mode, it opens in safemode and opens in safmode with command prompt. Besides the usual such as boot to repair mode and use system restore, dock hard drive to another pc and...
System Security
RPC Virus message in Action Center, though the virus seems to be gone?
So I was managing my Laptop (Compaq Presario CQ57 with Windows Home Premium SP1) after a long time away from it, I left it in the care of a friend of mine, I noticed a few strange things. 1) I couldn't update Windows. 2) I couldn't turn ON my firewall 3) Windows Security Center was missing....
System Security
Want are the best afforable anti-virus for a trojan virus
what anti-virus would be great at getting rid of a trojan virus some of the anti virus i have used told me i had one but could not delete it.
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:46.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App