Tuesday, September 2, 2008

XP Antivirus 2008 - 2009 and AVG

I have been using AVG to successfully remove this virus but the last machine I de-virused caused some problems. I started as per normal, I took an image of the hard drive using Acronis. While the hard drive was slaved to my workshop machine I removed the XP Antvirus directory under program files (You can do this when you are in safe mode but you still may have to kill some processes). Before they are deleted I make note of the last five characters of the random looking files (in this case it was '1ee0p'. I then look for and remove all files on the computer ending with these characters.

I then replace the hard drive and start the machine. In regedit, I remove all entries with this suffix.

Normally, I then install AVG as my first anti virus program and run this. It seemed to load and run okay. When it asked to reboot I got a blue screen with system error 34 which is to do with a logon issue. I restored the image from acronis and started again. I removed the obvious virus and then used superantivirus and spybot. I then tried AVG again. Again after the reboot windows would not come up. Luckily this time I could get in via safe mode and uninstalled AVG. the computer rebooted as normal and I used some other antivirals to finish up the computer.
