1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Rootkit. Shape Changer, removes all entrys for AVG

Discussion in 'Virus & Other Malware Removal' started by RichTheTech, Jul 16, 2007.

Thread Status:
Not open for further replies.
  1. RichTheTech

    RichTheTech Thread Starter

    Joined:
    Apr 22, 2005
    Messages:
    9
    I was cleaning a customers PC today and came across something that I have not seen before. their original complaint was that AVG antivirus was not working and could not be reinstalled. Suspecting an infection, I installed and ran Super-Antispyware. It came up with various Vundo variant trojans and rootkits, but the problem still remained with AVG. I inserted my flash drive to reinstall AVG and it was missing from my drive too! To shorten the story, the rootkit was removing all entries in Windows Explorer with the letters "AVG", because when I renamed the AVG installation file "AV" it reappeared on my drive. Have you heard of a rootkit that has been targeting the "resident" antivirus in this way? I presume that it is able to cripple the AV (whether AVG or another AV) by blocking access to its files by name. Any thoughts?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Rootkit Shape Changer
  1. lunarlander
    Replies:
    5
    Views:
    634
  2. ricincalifornia
    Replies:
    2
    Views:
    462
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/596631

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice