What a bad day with comp

Oh man, yesterday sucked so bad. Ill try to make this as short as possible here. Yesterday, Avast went off, Virus, Haxdoor virus, I deleted, again not one second later, went off again with, same hting, a total of at least 9 times, one after the other it went off. Then, I immedietly started to get Browser pop ups. Avast was shut off, so was my firewall. Both programs were shut down. I disconnected my modem, asap, for outbound connections were happening and no protection. Restarted up avast manually, to find that the Resident scanner was off, and the program was glitchy. Same with outpost, it was completely disabled in all settings. What ever this thing was, has wreaked havoc. At this point, there is a huge background screen on desktop that is black. Outpost wont turn on, avast is reporting memory resident viruses. So, I chose to run on boot up the memory scanner. Took a long time, but it reported thru this course, a Haxadoor.trj plus another 12 instances of trj and viruses hitting everthing from Windows 32, to mstask, it was just crazy. Deleting each entry as it was found, it was painfully obvious to me that the comp was going to be shot. Ironicaly, it booted back up. Yet outbound connections were active, clicks and background desktop corruption. Avast at this point wont load up, firewall also. Not even manualy, woudl they start up. Ran my spyware programs, showed a few, deleted them . Stil with cables pulled form modem, I decided to go to safe mode and run these tests.
Took 3 tries to get into safe mode, the rest of the time it wouldnt even boot.

Well, things only got worse, and at that point I just wound up reformating entire drive and now im here.

This computer was fort knox, well at least I thought so till yesterday. Thru some kind of virus, and I wish I could tell you more, I had no logs showing, becasue the programs were wiped out, it was like they were targeted, and new how to disable all protections.

Those few names, of haxadoor, or haxdoor, and so many .trj files of various names, I couldnt begin to tell you all of them. But this all happened in a course of 2 minutes. Avast went nuts, then was shut down, same with firewall.

This was a clean system up tothat point. Lie said im very security conscious, run scans everyday including virus, and spyware checks.

This was just so completely unbelievable

Well sorry this is so long, and for the ones who read it all, thanks for your time. Just wanted to share with yall, something that I have never seen before. I was shocked to say the least.

Dont know whats out there now, or if it will happen again. I am still using the same security protocols I have used for years now.

So becarefull you guys.

Datagg, I feel sorry about that :cry:
Did you protect the ashServ.exe by Process Guard 1.1?

Seems that the virus ‘disabled’ avast…
With the Professional version, I suggest to use a password…

No I used to have proccess guard on here, but got rid of it. And im running home version.

All is well now, but I need to find out what in the heck cuased this to prevent it again.

All is well now, but I need to find out what in the heck cuased this to prevent it again.
Oh I will tell you how to prevent it... Switch to Mac OS X!!

Ok now being serious, Like technical said try the process guard. protect the avast services and the firewall services. (Mabye even get a hardware firewall?)

I do have a hardware firewall, luckily that is…

I just reinstaled protect guard also

Also try running Stinger by McAfee. It’s an on-demand AV that targets the viruses that disable firewalls & anti-viruses.

Why do you believe stinger is important at this point. Fresh instal of os, full avast up and running, outpost, and full version protect guard.

Im not saying you arent correct.Just trying to understand your thoughts. Avast + (gulp mcafee) is a scary endeavor…

As anyone used protect proccess here. Im using all option thus far to protect, all otehr programs such as outpost etc gave gloabal rights to download updates. But avast will not download, keeps saying not enough rights…All exe in avast folder given permission for hooks and download drivers in procccess guard. Does anyone have any idea how to fix this…???

Are you sure HaxDoor was the name of the virus reported? Which file was reported as infected?
Did the alert from avast come suddenly (with no particular timing) or were you browsing e.g. some not-really-safe websites at the moment?

Thanks
Vlk

Vik I so much wish I could give you more. Avast lit up, alarm after alarm. Once i was allowed to run a boot memory scan, it showed a virus called haxadoor and then many many trj… When avast went off, it was like litterally 10-12 times. I was browsing, then a pop up, then all went to hell.

I just got the full version pf protect guard tonight to prevent this from happenign again, yet when i have the program on full protection, im unable to download av updates, says not enough user rights.

I do have every exe in the folder, telling it to allow downloads and drivers, yet still no luck. Only way it will work is if I drop the protection " Block drivers and services protection "

Perhaps one of you guys know why that is hopefully.

As said vik, I wish I had more, there were no logs in any programs I had, outpost or avast. Whatever I got hit by completely wiped out all my protection programs. It even turned off the avast scanner once I was able to manually boot it up…it was unreal, and I dont want it to ever happen again I tell ya.

I looked up haxadoor, didnt see anything on it, so im really lost here…

Thanks vik and all who can assist here on this
oh and vik, from wha tI recal, the files done at boot scan showing were mstask.exe,windows32.exe,documents,tempfiles, so many, im trying to remember them all, there were at least 20 or so in total

Well i found the culprit…Reading up on it, brings back things that I forgot…

http://www.sophos.com/virusinfo/analyses/trojhaxdooru.html

Does anyone kow why I cant get updates with full process guard protection all point. All esle will work, yet avast will not even when told to allow download/etc still wont…says not even access to do this…

im sure its a setting im missing…all eexe in avast folder was given permission to hook up, yet doesnt matter unless the protection is disabled

Really unlucky !! You have many advanced protection software and hardware, but do you have the basic protection ? that is : don’t use Internet Explorer and don’t use Outlook.

Sometimes the best protection is basic protection. I recommand Mozilla or Firefox and Foxmail. All freeware.

I have many browsers, i design websites so i have to have them all. Email is mozilla.

i sypathise with you and wish i could help with process guard i also run it but i only have the trial/free version which allows one process so i have it on zone alarm . my question would be have you got any resident shields running as the likes of SSD and SWBlaster are great and free and use little or no resources . i also run a program called MRU blaster but i dont know wether that does any good or not.

My complete seet of security is Avast,outpost,spyhunter,aluria (protects against spyware installations ) spyware blaster,and now process guard.

Ive been real lucky for years now, pretty much fort knox on my end, and with my harwired firewall also I was pretty confident i was secure. Till yesterday, never witnessed before all my security programs being eradictaed 1 by 1…Hence now I just bough process guard…

Pretty sad when your protection programs needs protection themselves…

Yeah… Don’t give up. Let’s learn about this tragedy… :-\

Oh im not giving up…Love avast too much and outpost for that…

Now im messign around with Process Gaurd. I got the entoire comp locked up, yet no matter how I give all avast exe’s full permission in the rights, it wont download . Outpost and all else works, yet this is driving me nuts. Globally all is prevented to download anythign without permission . In the list, adding the main avast exe, and giving it right and to allow driver updates etc, doesn not sem to be working. I just went thru and added all the exe files in the avast folder, gave them all permission, yet still it says when i initiate a download, i dotn have anough access to do this. Damn, perhaps there is a .dll that needs permission or something. Anyone got any ideas???

sorry for typos, ive been up like 24 plus now gettign things back to normal. And making sure to the best I can that this never happens again…

fyi- Just got word form one of the PG moderators , pretty much said what I wrote above as far as anotehr process somewheres…Heres what he wrote.

I am pretty certain that it is another executable file that is probably not in the main Avast folder but possbly in Windows system32 folder or one of it’s sub folders.
Avast support should be able to tell you which of it’s files call up a service/driver and then you can make the necessary allows

Anyways, as mentioned all in avast folder is clicked on and given full rights… Any suggestions??

Thanks yall

Well i’d go with my avast! External Control utility and schedule Boot-Time scan externaly from it :stuck_out_tongue: You can get it in my signature.
This is the easiest way. You should also update avast! IAVS before Boot-time scanning with AEC too.

There are no perfect defense against PC gremlins. I keep ONLY the operating system in the primary C partition (only 710MB), then make weekly backup image file of that partition. That way, I can restore the PC with the good image file in case of a major corruption.

I don’t even run a full-time AV scanner in the background. Just ZA Pro 4.5 (high security mode) and the e-mail scanner. This is one way to obtain a fast PC with near-perfect restoration capability. There are many good imaging software…True Image, Drive Image, BOOTITNG, etc…

F.

Thanks all. Does anyone know why PG wont allow updates to work for avast. One of the moderators at PG forum said there must be an external file somewheres which I cant find that I must allow. If anyone has thsi info i would be appreciated. Im new to this PG program, so any suggestions would be so cool.

And again thank you for the avatar my good friend…