My computer has been infected with a program called Antivirus Action which seems to be a lot like "Security Suite" and "Fake Alert". I managed to get control back of my internet but I don't know how to get rid of the virus. I did a full scan for Viruses and McAfee didn't find anything. So I took the advice of Vinoo Thomas and ran "GetSusp". So can someone help me get rid of this virus or is there a cleaner program that I can use.
Thanks for the posting the GetSusp logs. The culprit is:
Try to boot to safe mode and delete this file.
Vinoo - for the un-initiated this is not of great help..
I too have the virus above - but in replacing "aaron" with my name - I could not find the file..
What is McAfee doing to update the virus protection to eliminate this issue??
Disappointing too that there is NO WAY to access a Customer Service or Technical agent for Ireland - yet we pay the same fee as the rest of Europe..
@Garry: The folder name under Temp is random. That could be why you could not find the file. Could you run GetSusp on the affected machine and post the logs here please? Download it from: https://community.mcafee.com/message/148081
I'll be able to then help you isolate the culprit.
@Aaron: Glad you were able to delete the malware file. The registry changes this Trojan makes are benign without the actual file itself. For example it creates a run key to execute everytime at system startup - without the executable, this key is harmless. Based on reviewing your GetSusp logs and if your system is behaving as normal - there shouldn't be anything to worry about.
Hi Guys i just got infected too while running total protection, how did it slip by mcafee??
I was able to disable antivirus action on the process tree but it regenerated this morning.
Ran getsusp but what is it i am looking for ???
Please post the Gsusp.zip file that GetSusp created on your machine to this thread - i'll review and let you know if it identified the malware file.
Like the others I have aquired "Antivirus Action Infection". I am running Internet Security 2010 with the most current updates. I have downloaded GetSusp 220.127.116.11 and the application guide. When I attemp to execute it I get a "Password Needed" screen. Please advise me on how to proceed.
I insist on downloading Malware Bytes - Anti-Malware and updating that. I tried it and it seemed to find 2 infections related to Antivirus Action. I then removed these and it seemed to remove the program. Will update comment if anything returns.