AVG Upgrade to 9.0 and the Blue Screen Of Death

Image via Wikipedia

I use AVG anti-virus / anti-malware software, among others, on my work computer. I like to keep everything up to date to make sure my computer doesn't get infected. So when the AVG software popped up a notice saying I could get a free upgrade to version 9 from version 8.5, I went for it - my bad!

AVG is excellent software, don't get me wrong. But when I upgraded to version 9 (which is said to be 6x faster and uses less resources than 8.x), it recommended uninstalling my other software, Symantec AV Corporate edition (which my college requires) and Sophos AV (which I was testing).

Once I uninstalled those pieces of software (this should be done automatically from the installer - I had to remove the software and restart the installer). I restarted the installer which then upgraded my version 8.5 to version 9.00. That's when my problems started.

I was going through the various components (it looked really really good - even had it's own firewall - which turns off windows firewall BTW), when I came upon the Rootkit scanner. I decided to try it out - That's when I got the Blue Screen Of Death (BSOD)! I recovered from that and started researching the problem. AVG had some suggestions on their website, which turned out to be okay. Microsoft came back with a message after the error reporting went in that I had a bad driver (hardware or software) on my system.


When I came in this morning - another BSOD awaited me. After recovering from that I saw that a message I sent to AVG tech support was waiting for me in my inbox. I started to answer it when I got another BSOD. I restored my system to an earlier state (before the upgrade) and finished answering the email to AVG then started straitening out my system.

I'm hoping that AVG will be able to solve this quickly, because what I saw of the 9.00 version looked really nice and I like AVG a lot better than the Symantec product we are using here.

Rootkit detectors

I work at a cancer center as the IT guy.  One of the things I run into regularly is infected computers.  Many times these infections are NOT minor, so I've collected a slew of tools to deal with them.  One type of infection is the Rootkit.  I have a bunch of FREE tools I use to clean these.  These are portable tools, so that you don't have install anything on the computer in question.


A rootkit is a program or programs designed to make it so the user does not relize the system is infected in some way.  Rootkits are tenacious, they tend to install themselves in system files and rewrite themselves into other files when they are attempted to be cleaned by normal methods.  There are many methods by which infection occurs and that is another blog.  Because of the way a rootkit works it makes it very difficult to get rid of.

Image via Wikipedia

F-Secure has an excellent program called Blacklight.  It is very easy to use, just accept the caveats and click scan.

Sophos also makes a great application.  Their anti-rootkit program does require you to supply some basic information before downloading here, but it is worth it.  The sophos software is relatively easy to use just choose the type of scan and click scan.

Panda anti rootkit, Run Pavark.exe.  Accept the first screen, check deep scan, click scan, this will schedule a scan the next time your system restarts (you can restart right away or later).

Spybot Search & Destroy 1.6.2,  has a rootkit section.  Note that you must choose "advanced" from the mode menu, then choose rootkit scan.

Gmer is a more complicated application.  It is extremely good, but is aimed at the information Technology professional or at least someone more conversant with computers.  The GUI (Graphical User Interface) is not as easy to use as the other programs.

With anti-rootkits you should run at least 3 before feeling safe.  Some of these applications will identify false positives - things that seem like rootkits but are not - so be careful.  After running your anti-rootkit programs, if you found something, be sure to run an antivirus /malware application with up to date virus definition file to be sure to get rid of any vestiges that were left behind.