4 Replies Latest reply on Jul 21, 2011 3:25 AM by sgrimmel

    After GetSusp completed scan and recognized, then what???

      After GetSusp completed the scan, and having foun about 20 unknown files and some suspicious ones, how do I know they where actually sent to McAfee Labs to analyse???


      I have to mention the vast majority of these "unknown" files are program files that I know and use, such as Autodesk 3DMax,  Avira Free Antivirus, several sys32 files, ArcGIS license files, and more.

      Mi PC functions perfect and has no issues related to malware/trojan/virus or rootkits.


      Will anyone at mcafee send me some sort of feedback?  In about how much time?

      People in charge of analysing them belong to some Virus Removal Team and not simply Tier 1 technicians right?



      Thanks in advance.



      Alex N.

      GetSusp results.JPG


      PS: I have to mention that I have a friend with an actual infection of Adware-OneStep.b virus.  Will this GetSusp be of any help to remove that virus????

        • 1. Re: After GetSusp completed scan and recognized, then what???

          Re adware-one step.b it will I assume show it but remember it does not remove anything only shows issues and reports to Mcafee syspicious fiol;es so they can either whitelist them if safe or add to their dat updates. Try running Mcafee in safe mode it should detect and remove that virus as it is not a new 1.


          Please use the following instructions for all supported versions of Windows to remove threats and other potential risks:

          Clean all tempa nd internet temp foldersThere is a tool in system tools ie Disk cleanup

          1.Disable System Restore (Windows ME/XP only).

          2.Update to current engine and DAT files for detection and removal.

          3.Run a complete system scan.

          Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

          General repair may be unsuccessful in some instances. If this occurs, please submit a sample for further evaluation.



          If you had an internet connection when you ran it it would have reported the files back to the lab. Did you add in your email address to the preferences it needs that to report back.


          The tech is a lab tech not support tier 1. Vinoo will answer better though 

          • 2. Re: After GetSusp completed scan and recognized, then what???

            Well, after submitting the files via GetSusp, looks like my friend could remove the Adware-OneStep.b with the Disk Cleanup tool, with evthg checked.


            Previously she ran the MTP complete scan, then Stinger, there the virus was recognized but not deleted, then Windows Defender, no luck either, and finally Disk Cleanup tool that seems having deleted the virus for good.



            Thanks for the help Tony.



            Alex N.

            • 3. Re: After GetSusp completed scan and recognized, then what???

              I thought  safe mode would work as well. There are 2 registry keys that this virus makes that need cleaning up so retry mcfee maybe as well.


              Anyway glad it is clean now

              • 4. Re: After GetSusp completed scan and recognized, then what???



                In additioon to the above, the following KnowledgeBase article provides answer to FAQs.


                KB69385 - McAfee GetSusp FAQs