Solved

Virus, Spyware, Malware? Can't uninstall AVG 2011 etc..

Posted on 2013-06-19
10
616 Views
Last Modified: 2013-11-22
I have a pc here that I can not uninstall AVG 2011 free edition. I scanned the PC with Malwarebytes (found 2 Trojans Fake AV) and found nothing with SuperAntiSpyware. When I would try to download other programs(HighJackThis etc.) the AVG 2011 would say that the file was infected with a virus and was deleted. This person even paid for AVG 2013 and the disk that came in the mail was supposedly infected with a virus. What type of bug on a Vista desktop would make this happen. I tried uninstalling AVG 2011 and it does nothing. I even downloaded the uninstall AVG 2011 program and it said it was infected with a virus and was deleted. Can some of you experts lead me where to go from here? I don't know what else to try. PC is a 2008 HP Pavilion a9614f running Vista 32 bit.
0
Comment
Question by:bbbb2
10 Comments
 
LVL 23

Expert Comment

by:tailoreddigital
ID: 39261299
Will it restore back?  This would only affect installed software, not your files.
0
 

Author Comment

by:bbbb2
ID: 39261312
I restored back to a time that they said it was working right  6-8-13. It took a while but ot did restore. Maybe they are wrong about when the infection set in and I need to go back a little further?
bbbb2
0
 
LVL 23

Expert Comment

by:tailoreddigital
ID: 39261313
I would try back a bit further.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 24

Assisted Solution

by:aadih
aadih earned 125 total points
ID: 39261320
Try also (even after restoring):  Boot up and scan with an antivirus rescue disk (free) from a well known antivirus vendor (e.g, Avira, Comodo, Bitdefender, etc.)

At the least, try scanning for a rootkit:

(1) TDSSKIller: < http://www.bleepingcomputer.com/download/tdsskiller/ >

(2) MBAM AntiRootkit: < http://www.malwarebytes.org/products/mbar/ >
0
 
LVL 92

Assisted Solution

by:nobus
nobus earned 125 total points
ID: 39261638
slave the disk to a working- and protected system, and run the scan from there
or scan from a boot cd : http://windows.microsoft.com/en-gb/windows/what-is-windows-defender-offline
0
 
LVL 62

Assisted Solution

by:☠ MASQ ☠
☠ MASQ ☠ earned 125 total points
ID: 39262271
Sounds like you have a virut variant infecting your system.  If so everytime you try to run an .exe file virut will try to write code to it and AVG will flag it.  The problem with virut is as a virus program it is badly written and also injects a load of "harmless" code into files as well.  The end result is the more that you run the more files that get infected/damaged, mainly the Windows system files.


Virut is one of the few infections where my advice is unless you've caught this immediately don't bother repairing, Just flatten the partiton and reinstall or use a recovery partiton to rebuild.  You can off load data as virut only targets .exe .asp. html and .scr files and only when the partition it is in is active, but as nobus says make sure if you are slaving the drive that the host machine is protected as normally it arrives with a host of other nasties.

Some virut background:
http://www.symantec.com/security_response/writeup.jsp?docid=2007-041117-2623-99



AVG's removal tool (if you want to try a clean up) follow instructions exactly!
http://free.avg.com/gb-en/remove-win32-virut
0
 
LVL 30

Accepted Solution

by:
Sudeep Sharma earned 125 total points
ID: 39271472
Almost all the vendors have Virut cleaner available, you could try other cleaners too if required and do post the logs once the tools are finished running.

http://support.kaspersky.com/2735?el=88446

http://www.symantec.com/security_response/writeup.jsp?docid=2009-022016-4444-99

Sudeep
0
 
LVL 38

Expert Comment

by:younghv
ID: 39335086
I've requested that this question be closed as follows:

Accepted answer: 168 points for nobus's comment #a39261638
Assisted answer: 166 points for SSharma's comment #a39271472
Assisted answer: 166 points for MASQUERAID's comment #a39262271

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 

Author Comment

by:bbbb2
ID: 39330848
agree with
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
dma locker 3 query 7 408
latest list of viruses / malware signatures for F-Secure 5 97
bit defender blocks good applications 2 106
Twitching screen 11 128
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question