AVG Internet Security has found a virus called Luhe.Boxed.AM in “C:\Windows\SysWOW64\taskmgr.exe (6324)” and it says High Severity and is infected. Everytime I use the AVG Option “Remove selected” it just re-appears after restarting and scanning the computer again. Can’t get rid of Luhe.Boxed.AM by AVG anti-virus program? ? Why does it keeps coming back after a reboot?  What is the best solution?

Luhe.Boxed.AM Virus Description

The Luhe.Boxed.AM virus that spreads a malicious Java Script file throughout all of the computers it infects. It will display a message advising users that it is a required file that will need to be installed in order to visit a website. If the user executes the installation it will begin to work behind the scenes and damage the system without the user knowing it is going on. This is an attack that goes undetected by most anti-virus programs, and this allows it to be installed on virtually any computer it comes in contact with and even those that run daily scans to check for viruses will not detect it. This makes catching it prior to noticing the damage very difficult.

Once the Luhe.Boxed.AM virus is installed on the computer it will begin to make changes to the system settings. Along with modifying the settings it will also install additional registry values and entries that are needed by the virus in order to operate fully. The redirect will change the browser settings and the virus will dictate where the user will navigate to when opening the browser. They will typically send the user to sites that are infected with more malware, or sites that are full of advertisements with hope that the user will click on the ads, earning the hackers a commission from the ad network.

The main objection is to hijack the users browser and control what sites they are sent to. There are several other variations of the Luhe.Boxed.AM virus and they all do the same things, but may direct users to different sites containing more attacks. When the system picks up more viruses it will crash the computer much faster since there will be multiple attacks going on simultaneously  and slowing down the overall speed and performance of the PC.

To absolutely clean out this virus, you can follow the guide here if you are a computer savvy. As the anti-virus won’t be able to help, manual removal is the most effective way to remove it completely. Contact YooSecurity Online PC Expert to get further help to sort it out.

How Dangerous Would The Virus be? And What Will It Do On My Laptop?

While most computers are vulnerable to this attack, Macs are not, as it will only attack Windows based operating systems and tends to favor those that are running Windows 9, Windows 2000, Windows XP, Windows 7, and Windows XP. If you are currently running these systems it is important to not only run anti-virus programs on a daily basis and keep them updated, but to also frequently check your browser and make sure it directs you to the website or homepage that you have specified. If you land on an unfamiliar site or notice an increase in the number of ads and pop ups that are displayed then there is a very high probability that the computer has been infected with the Luhe.Boxed.AM virus.

This virus slows down your computer and then successfully crashes computer system. There are some symptoms of Luhe.Boxed.AM virus attacking the computer:

  • The desktop background image has been changed and the home screen icons have been rearranged.
  • While browsing websites several pop up advertisements are displayed.
  • The overall speed of the computer is slowed down and programs take longer time than normal to open. The Internet is also slowed down and simple tasks like shutting the computer down are also slowed.
  • Antivirus programs on the computer will be shut off and disabled to prevent detection of the virus.

Steps on How to Get Rid of Luhe.Boxed.AM Manually

Yes, it will take longer than using software, but it will also be more effective. This way the user will be sure that all of the associated files are removed. For complete instructions on how to remove the Luhe.Boxed.AM virus, please read below.

Step 1: Open Windows Task Manager to end processed related to the Trojan horse. To do that, press Ctrl+Alt+Del keys at the same time or right click on bottom Task Bar and select Start Task Manager.
Windows Task Manager

Step 2: Show hidden files. Go to Folder Options from Control Panel. Under View tab, select Show hidden files and folders and non-select Hide protected operating system files (Recommended) then click OK.
Folder Options

Step 3: Go to Registry Editor. First press Windows+R keys and then type regedit in Run box to search for virus. Delete all the following or those related to the following files and registry entries:
Run+Registry Editor

%AllUsersProfile%\random
C:\windows\system32\services.exe\
C:\Windows\SysWOW64\taskmgr.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Luhe.Boxed.AM
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe

Video on How to Modify or Change Windows Registry

Conclusion

So, what can be done once it is on the computer? The only way to stop the redirect and prevent future viruses from being installed is to completely clean the system and manually delete all of the infected files that have been placed throughout the computer. Since it tends to install without being detected by any anti-virus software it may have made its way deep into the system by the time it is discovered. For this reason a removal software is not suggested. To make sure that the entire Luhe.Boxed.AM virus is removed along with any other malware that it might have attracted, we suggest that a manual approach is used to clean the system.

Note: Still having the same problem after every reboot? If you don’t know how to remove this virus from your computer and don’t want to make thing worse. Contact Online PC Experts 24/7 online in time to get professional help.

Published by Tony Shepherd & last updated on April 9, 2013 7:31 am

Leave a Reply