8 Replies Latest reply on Nov 19, 2010 11:45 PM by newjack

    Antivirus Action Infection

      The Antivirus spyware infected my computer yesterday. I've tried multiple ways of getting of rid. Currently, I've run Getsusp on my computers and it's turned up a few logs. However, I'm not sure how to convert these logs into a file that I can post on this forum, so that someone can identify the bad file for me. I just have a Web page with Scan Results, and I'm not sure where I'm supposed to go from there.

        • 1. Re: Antivirus Action Infection

          My Computer Has This Antivirus Action Infection Too and I Don't Know What Else To Do To Get Rid Of It.I Too Have used Several Different Removal Methods and It Still Hasn't Worked.

          • 2. Re: Antivirus Action Infection
            Hayton

            (This is basically a copy of what I have already posted in the current thread on this topic ...)

             

            There are two good sites that provide guidance on getting rid of this - not virus, exactly, but certainly rogue program.

             

            http://www.myantispyware.com/2010/10/07/how-to-remove-antivirus-action-uninstall -instructions/

             

            http://www.bleepingcomputer.com/virus-removal/remove-antivirus-action

             

            Both recommend that you run Malwarebytes Anti-Malware, which I think might fix it for you.

            • 3. Re: Antivirus Action Infection

              Hi, my computer is infected, too, with the antivirus action.  I thought I had deleted the .exe on the local settings, but was not able to find any relevant antivirus action software under the registry.  Now, I can't open my IE nor my outlook.  Bc of that, I can't download any anti-software to run on my computer.  I am using another computer to find solutions and post this message.  Cannot do system restore bc it is turned off, tried downloading spyware doctor to CD from another computer and booting it on the infected pc, but can't run w/o downloading the software upgrades upon execution.  Appreciate any help.  Is this perhaps the virus is still in the pc blocking connections?  or did i delete the wrong .exe?

              • 4. Re: Antivirus Action Infection
                Peacekeeper

                Try malwarebytes and www.superantispyware.com but download them to a usb stick rename the downloaded files and install both but when you do so and are asked for install folder rename the default to something different as some Trojans recognise the name of AV setup filkes and folders.

                 

                Try resetting IE to defaults if it still doesn't work.

                 

                 

                You could have deleted a required file yes so maybe if still no chop try the bleeping computer link mentioned 2 posts up.

                • 5. Re: Antivirus Action Infection

                  Virus Scan often cannot detect or clean these type of infection. You'll have to use the latest Mcafee Stinger to remove it.

                  • 6. Re: Antivirus Action Infection
                    Peacekeeper

                    Thanks should have added this I usually do it has stinger link

                    https://community.mcafee.com/docs/DOC-1294

                    • 7. Re: Antivirus Action Infection

                      Your best bet is to start up in safe mode then run your system restore. Restore back to an earlier date before the virus. That's what worked for me. My question is WHY DIDN'T MCAFEE STOP THIS! I have McAfee running in the background and set to constantly scan, while this virus was attacking I scanned my computer and it didn't even pick up on it!

                      • 8. Re: Antivirus Action Infection

                        hey lleavi1,If the other suggestions don`t work for you.I posted this on another thread a few weeks back.It did work for a few other people.Copy the instructions off your good computer and follow them.Here is the link.

                        http://www.bleepingcomputer.com/virus-removal/remove-antivirus-action            Just noticed Hayton has the link above.Bleeeping computer has a good source of removal guides                   

                                                                                                                                                                                                                                                                                      newjack

                         

                         

                        Message was edited by: newjack on 11/20/10 12:45:59 AM EST