• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 640
  • Last Modified:

Virus, Spyware, Malware? Can't uninstall AVG 2011 etc..

I have a pc here that I can not uninstall AVG 2011 free edition. I scanned the PC with Malwarebytes (found 2 Trojans Fake AV) and found nothing with SuperAntiSpyware. When I would try to download other programs(HighJackThis etc.) the AVG 2011 would say that the file was infected with a virus and was deleted. This person even paid for AVG 2013 and the disk that came in the mail was supposedly infected with a virus. What type of bug on a Vista desktop would make this happen. I tried uninstalling AVG 2011 and it does nothing. I even downloaded the uninstall AVG 2011 program and it said it was infected with a virus and was deleted. Can some of you experts lead me where to go from here? I don't know what else to try. PC is a 2008 HP Pavilion a9614f running Vista 32 bit.
4 Solutions
Will it restore back?  This would only affect installed software, not your files.
bbbb2Author Commented:
I restored back to a time that they said it was working right  6-8-13. It took a while but ot did restore. Maybe they are wrong about when the infection set in and I need to go back a little further?
I would try back a bit further.
WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Try also (even after restoring):  Boot up and scan with an antivirus rescue disk (free) from a well known antivirus vendor (e.g, Avira, Comodo, Bitdefender, etc.)

At the least, try scanning for a rootkit:

(1) TDSSKIller: < http://www.bleepingcomputer.com/download/tdsskiller/ >

(2) MBAM AntiRootkit: < http://www.malwarebytes.org/products/mbar/ >
slave the disk to a working- and protected system, and run the scan from there
or scan from a boot cd : http://windows.microsoft.com/en-gb/windows/what-is-windows-defender-offline
☠ MASQ ☠Commented:
Sounds like you have a virut variant infecting your system.  If so everytime you try to run an .exe file virut will try to write code to it and AVG will flag it.  The problem with virut is as a virus program it is badly written and also injects a load of "harmless" code into files as well.  The end result is the more that you run the more files that get infected/damaged, mainly the Windows system files.

Virut is one of the few infections where my advice is unless you've caught this immediately don't bother repairing, Just flatten the partiton and reinstall or use a recovery partiton to rebuild.  You can off load data as virut only targets .exe .asp. html and .scr files and only when the partition it is in is active, but as nobus says make sure if you are slaving the drive that the host machine is protected as normally it arrives with a host of other nasties.

Some virut background:

AVG's removal tool (if you want to try a clean up) follow instructions exactly!
Sudeep SharmaTechnical DesignerCommented:
Almost all the vendors have Virut cleaner available, you could try other cleaners too if required and do post the logs once the tools are finished running.



I've requested that this question be closed as follows:

Accepted answer: 168 points for nobus's comment #a39261638
Assisted answer: 166 points for SSharma's comment #a39271472
Assisted answer: 166 points for MASQUERAID's comment #a39262271

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
bbbb2Author Commented:
agree with
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now