When I tried to uninstall AIM 6 Avast detected two trojans. I sent then to the chest and then a box came on the screen with the message “Please run the uninstaller after installation is complete.” That didn’t make sense so I just Xed it off. I’ve tried it a few more times and the same thing happens each time. Any ideas for how to proceed in uninstalling AIM? The current AIM on our computer is not logging properly so I was attempting to uninstall and do a fresh install.

The only thing I’ve read elsewhere is that someone was able to do a fresh install without uninstalling and then was able to uninstall. Haven’t tried this yet and don’t know if it would need to be done with AIM 6 (the one currently on the comp) or if the latest version would work. TIA!

I really doubt this is an avast message…
Are you sure?
Aren’t you infected by a rogue antivirus?

Hi :

For uninstalling AIM ( and possibly NOT re-installing this malware-prone IM ),
try the FREE Revo Uninstaller from www.revouninstaller.com .

IF you insist on using AIM, then run the FREE program at
http://jayloden.com/aimfix.htm on a regular basis .

Tech,

It certainly appears to be Avast that is picking up the trojan. The regular warning message appears and directs me to move the trojan to the chest. After I’ve done that the other box appears with the message noted in my first quote. There is also yellow, blue and red pop up that appears briefly at the bottom of the screen that is labeled an Avast scanner message and shows the location of the infected file. It indicates that utility.dll contains a sample of Win 32 Trojan. Is it possible for a rogue antivirus to impersonate Avast? Or can it somehow jump in the middle of Avast’s process, as with the appearance of the box with the uninstaller message? If it is a rogue antivirus will Avast pick this up on a scan? I’ve not scanned yet; I came right over here after encountering the uninstall troubles.

Spiritsongs,

In addition to add/remove programs, I did try the uninstaller on CCleaner to uninstall AIM but the same thing happened . If neither of these worked do you think I’ll have better luck with Revo Uninstaller? If so, I’m willing to give it a try.

Actually, I’m no AIM fan but my dc use it on a daily basis. Is the aimfix link a program to regularly debug AIM?

I don’t think so.
I think that message is coming from the trojan or .msi installation file.
It makes not sense: uninstall after the installation… don’t you think?

Go ahead…

To be sure you’re clean, I also suggest:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Disable System Restore and then reenable it again.
7. Immunize your system with SpywareBlaster or Windows Advanced Care.
8. Check if you have insecure applications with Secunia Software Inspector.

I’m trying the Revo Uninstaller. The warning to move the trojans to the chest still came up along with the other things I mentioned earlier but it did allow me to continue to the registry items it found leftover from AIM6. It lists a bunch of bolded leftover items to potentially check and delete but it notes to do so carefully. I have no idea which ones to check and don’t want to do something that will mess things up further. Can anyone give me any direction on what to check or should I just not go there?

I had this exact same problem back in July. In order to get AIM 6 (which I had previously uninstalled a number of times without incident) uninstalled I had to uninstall AIM 6 in safe mode. Worked like a charm in safe mode. I believe this avast notice was a false positive.