Ok i was browsing on the internet when my broswer suddenly started loading a pdf file I didnt click on or was even near. Of course every thing froze an I waited to long to reboot.
After which whenever I opened a browser I would get attacked by popups and fake virus warnings asking me to download so and so program. Or windows security. It dosnt popup in firefox as much but even if im running firefox it will open IE and bring all the popups from there. Even if im not connect it will try this for a little while even when I dont open a browser. It also takes a long time to delete files.
So i relized i had a problem, I ran AVG anti virus and it found gadcom.exe (Trojan horse agent.AOQC) It said it healed it an needed to reboot so I did but im still having popup trouble so I switched computers as looked the file up.
So I found the 8-step Vires/spyware/Malware Preliminary Removal Instructions. An im starting to go through them so i can get some logs up.
One problem so far I cant disable AVG anti-spyware since im using the AVG free edition (V.8.0.176) it dosnt have an option to just disable the function, I found a way to disable the whole resident shield would this do it? or should I just leave things as they are?
I installed and updated both Avira and Comodo, but Avira keeps detecting HEUR/Crypted (C:\WINDOWS\system32\lhtops.dll) an no matter what i do, deny access, ignore or move to quarantine it keeps coming up. Right now im running a system scan with Comodo. An I think Avira is scaning in the background.
Im adding the events log but this HEUR thing is now coming up every few seconds 3 at a time.
This is getting real bad this things come up as fast as i can close them, im going to abandon the Comodo scan and shutdown that computer untill I get a reply. I tried getting the other event that keeps repeating but its getting hard to use the computer so here it is.
I didnt know how to get all the events into one txt file, but they are all the same so I just put what repeated into seperate files then copied them into one.
Another problem is i dont know how to setup the SMTP thing so you can send a quarantined file to Avira to look at.
EDIT: When I turn my computer back on an am able to wade through all the dectections I found away to upload sample files to Avira without having to setup this SMTP thing.
All the events are the same for the lhtops.dll and qbjjhpmg.dll file. The second error message concerning the lhtops file normaly happens when I try sending it or qbjjhpmg to quarantine sorry I couldnt get the same message from for it into the log but it was getting real bad with those messages popping up an I couldnt even shutdown without having to just hold down the laptops power button.
Thanks for your time and awaiting your reply.
Ok after taking 20 minutes clicking on the dections from Avira I finally shut it down an ran a full system scan with MBA. After rebooting im going to boot into safe mode (If i can) and run superantispyware and atf cleaner.
EDIT: Ok now my laptop is stuck at the windows xp screen with that little blue bar going back and forth. Should I just power it off and back on or continue waiting? cause someone told me that MBA needed to have a normal reboot to get rid of those files that needed a reboot. (Nevermind on that part im just shutting it down an bringing it back up in safe mode if i can, cause its been on that screen for more then 45 minutes ago. But still any one have any clues from the log?)
Sorry I dont know how to merg the post, but 44 views an no one has any advise on this issue?
Iv had been trying to update MBA but it seems like my router cut off my computer (I checked my router web interface from another computer in the house the day my laptop was infected and its security log was spammed with something about some flooding) So I can't get the laptop to connect to the net by wire to my router or wireless, I even unplug both the router and modem for several minutes hoping to reboot them but still can't connect on that laptop. (If u have any advise here it would be very helpful or even if you just know where I could ask about this problem )
So I ran MBA then when I tried rebooting afterwards it stuck at the windows xp boot screen for an hour. So I shutdown and turned it back on, It booted fine but to get into safe mode I had to use SAS since for some strange reason my laptop won't normally boot into safe mode.
So I ran AFT then SAS (scan took 6 hours)
Everything seems fine now other then my inability to connect to that laptop out of the four computers running in my house.
I deleted Comodo, Avira, SAS, hijackthis, AFT-cleaner and MBA thinking maybe one of them was causing this but still nothing. (I still have AVG running though)
So hows my viral status look?
After which whenever I opened a browser I would get attacked by popups and fake virus warnings asking me to download so and so program. Or windows security. It dosnt popup in firefox as much but even if im running firefox it will open IE and bring all the popups from there. Even if im not connect it will try this for a little while even when I dont open a browser. It also takes a long time to delete files.
So i relized i had a problem, I ran AVG anti virus and it found gadcom.exe (Trojan horse agent.AOQC) It said it healed it an needed to reboot so I did but im still having popup trouble so I switched computers as looked the file up.
So I found the 8-step Vires/spyware/Malware Preliminary Removal Instructions. An im starting to go through them so i can get some logs up.
One problem so far I cant disable AVG anti-spyware since im using the AVG free edition (V.8.0.176) it dosnt have an option to just disable the function, I found a way to disable the whole resident shield would this do it? or should I just leave things as they are?
I installed and updated both Avira and Comodo, but Avira keeps detecting HEUR/Crypted (C:\WINDOWS\system32\lhtops.dll) an no matter what i do, deny access, ignore or move to quarantine it keeps coming up. Right now im running a system scan with Comodo. An I think Avira is scaning in the background.
Im adding the events log but this HEUR thing is now coming up every few seconds 3 at a time.
This is getting real bad this things come up as fast as i can close them, im going to abandon the Comodo scan and shutdown that computer untill I get a reply. I tried getting the other event that keeps repeating but its getting hard to use the computer so here it is.
I didnt know how to get all the events into one txt file, but they are all the same so I just put what repeated into seperate files then copied them into one.
Another problem is i dont know how to setup the SMTP thing so you can send a quarantined file to Avira to look at.
EDIT: When I turn my computer back on an am able to wade through all the dectections I found away to upload sample files to Avira without having to setup this SMTP thing.
All the events are the same for the lhtops.dll and qbjjhpmg.dll file. The second error message concerning the lhtops file normaly happens when I try sending it or qbjjhpmg to quarantine sorry I couldnt get the same message from for it into the log but it was getting real bad with those messages popping up an I couldnt even shutdown without having to just hold down the laptops power button.
Thanks for your time and awaiting your reply.
Ok after taking 20 minutes clicking on the dections from Avira I finally shut it down an ran a full system scan with MBA. After rebooting im going to boot into safe mode (If i can) and run superantispyware and atf cleaner.
EDIT: Ok now my laptop is stuck at the windows xp screen with that little blue bar going back and forth. Should I just power it off and back on or continue waiting? cause someone told me that MBA needed to have a normal reboot to get rid of those files that needed a reboot. (Nevermind on that part im just shutting it down an bringing it back up in safe mode if i can, cause its been on that screen for more then 45 minutes ago. But still any one have any clues from the log?)
Sorry I dont know how to merg the post, but 44 views an no one has any advise on this issue?
Iv had been trying to update MBA but it seems like my router cut off my computer (I checked my router web interface from another computer in the house the day my laptop was infected and its security log was spammed with something about some flooding) So I can't get the laptop to connect to the net by wire to my router or wireless, I even unplug both the router and modem for several minutes hoping to reboot them but still can't connect on that laptop. (If u have any advise here it would be very helpful or even if you just know where I could ask about this problem )
So I ran MBA then when I tried rebooting afterwards it stuck at the windows xp boot screen for an hour. So I shutdown and turned it back on, It booted fine but to get into safe mode I had to use SAS since for some strange reason my laptop won't normally boot into safe mode.
So I ran AFT then SAS (scan took 6 hours)
Everything seems fine now other then my inability to connect to that laptop out of the four computers running in my house.
I deleted Comodo, Avira, SAS, hijackthis, AFT-cleaner and MBA thinking maybe one of them was causing this but still nothing. (I still have AVG running though)
So hows my viral status look?