Please help - virus attack
 

If anyone can help, please...

Was working on computer today, when suddeSnly screen flashed up with a virus detection. Software called 'Antivirus Action' then installed itself in the windows startbar, and told me the computer was infected, and started to scan it.

After supposedly identify threats, it informed me that I would need to purchase the full software to disable them.

I now can't use my own antivirus software - AVG, nor can i use any application on the computer. If I try, a message pops up telling me computer is infected.
(Windows security alerts, that prompts me to activate this software)

It appears that the culprit is the Antivirus Action software. Until I purchase it, my machine is completely disabled. The company is American, but has a british address - Great Marlbourgh Street, London SE 12TU.

I don't want to purchase this software, as I think it may be a con to get bank details, etc..

I'm not brilliant on computers - Please can anybody help, is there a way to get this off my system??? If I try, it just blocks me, and my whole life is on my laptop.

(using a friends laptop to post this thread)

Download MalwareBytes, save it on a USB stick then boot your machine into safe mode and run it.

I have suffered a similar infection recently and I managed to fix it by booting into safe mode (press F8 repeatedly during the boot up cycle before the windoze loading display occurrs) and then running system restore.
I must admit that I was doing it with a grin on my face as I had just replaced the computer (a laptop) hard disk and had the image of the entire disc on another machine, hence if all else failed it would be a matter of a quick reformat and then rebuilding the hard drive - a two hour job of waiting while my other computer did the business.

P.P.

Look at this site, it should help you to remove it: Remove Antivirus Action (Uninstall Guide)

And next time you see a warning page like that, shut it down as fast as you can. Dont click on any butttons.

And then report the company to trading standards/police for distributing a virus.

Start with this guide and follow the instructions to the letter.

If you fail to solve the issue running the software in sequence and according to the detailed instructions (including how to get around the virus blocking certain removal programs) then follow the instructions for seeking help. The site has a number of trained volunteers who will help you resove the problem.

In my (considerable) experience running the software suggested, in the way suggested and in the sequence suggested has always solved the problem I have been dealing with.

It is all free.

The "Windows System restore from safe mode" followed by downloading MalwareBytes (MBAM) and running it (don't forget to update the MBAM virus databasey-description thing first) sorted out a very similar problem on my daughter's laptop recently.

I went back a good long way for a restore date to be as sure as I could be that I wasn't restoring to a date when the infection was already present....

Not much point if it's not within their jurisdiction.

Agreed - but it is like wetting your nappy - you DO get a nice warm feeling for a few moments.:)

Guys / Girls

Thanks ever so much for all the information - I've now got various things to try to hopefully reclaim my computer.

Cheers

The company is American, but has a British address - Great Marlbourgh Street, London SE 12TU.

Sorry - dim question. How does this nasty get past one's existing anti virus software? OP mentions AVG and I have Zone Alarlm extreme, how does it get past these? Not updated regularly perhaps?

Ah Ha! I think that that is the one that caught me - if it is then system restore from safe mode will fix it, followed, as suggested above by running an updated version of Malwarebytes. I have also found that Superantispyware, another free virus/malware search tool seems to find things that Malware bytes doesn't and vice versa. www.SUPERAntispyware.com.

P.P.

Because most AV software is very good at slowing your system down but often miss some virii. No AV software will catch everything despite the writer's extravagant claims.

AVG is free but clunky in later editions. Avast! is free and as effective as any without a large overhead.

Zone Alarm is almost a complete waste of time especially if you are behind a router.

Malwarebytes is a good program but all the people here extolling its virtues are omitting the fact that it will not necessarily rid you of ALL malicious software. Hence my link to Majorgeeks and the step by step procedures you need to go through to be certain to find everything causing problems or lurking unseen.

Maybe this will work
 

I had a virus very similar pop up a little while ago. It disabled AVG, Malwarebytes and generally was a bl**dy pest.
I contacted my local computer genius and even he couldn't get rid of it so I googled it and found pages of info, all of it very technical and not at all simple.
Having nothing else to do I started reading the prophets of doom and considered a complete re-install until one short reply caught my eye, it follows:

If the icon appears on the task bar right click properties, highlight the address and write it down, make sure you get it all.
Shut down and restart in safe mode and then search for the address, lo and behold it came up with a prefix that prevented me from finding it before.
DELETE THE B*****rd and then restart
As you can tell I am not an expert but it worked, felt really smug.
Hope it works for you.
PJ

It sounds very similar to this one I saw on Click on the BBC yesterday


BBC News - How to avoid the fake security tool scam

I realise this won't help in this case, but I have built or configured countless PCs and laptops for friends etc over the years, and since most of these were not computer-literate people many of them eventually got infected with various stuff.

In particular any PC used by a child is likely to have a useful life measured in months if not weeks :)

Obviously you cannot get infected if behind a NAT router (as most people are) but infections come to you by email or from infected websites. AV software (esp. Kaspersky) catches most of them but not all, and once infected most infections cannot be cleaned by any software (because they have damaged windoze files, etc).

So in most cases the infections are simply too complicated to remove. You might find it and apparently remove it, but it has done damage and the PC doesn't work properly.

On top of the infection itself, the user has often trashed the machine by doing something silly.

The only way to deal with this stuff is to install (in my case; there are other similar tools) Trueimage before the delivery of the machine, make a boot CD and store that somewhere (I used to give it to the "customer" but they tend to lose them) and then do a full image backup of the HD. This often fits onto a DVD (dual layer perhaps; 9GB) but in some cases I just store the image on a 2TB network drive.

Then when the customer comes back asking for help to clean out a trashed machine (which IME is guaranteed to happen within 1-2 years) I just copy off what data one can copy off (e.g. jpegs, docs, etc) to a DVD, and restore the image. This is what computer shops used to do and it is all they can do.

Unfortunately, deleting will not be sufficient in most cases. In fact, merely deleting can make matters a lot worse. During the infection process, code is written into the registry, inconspicuous files will be infected etc. (and because the virus will thus bury itself deeper and deeper into your system it becomes harder to detect), and the culprit may reproduce itself and reactivate. :(

One anti-virus tool is never enough. In addition to Malwarebytes, you should try Hijackthis (e.g. HijackThis Logfileauswertung).

Also make use of CCleaner on a regular basis.

With respect he is not particularly competent in that case. PCs have been a hobby for the past twenty years. I have become quite well known for restoring systems corrupted by malware. I have never been beaten by a virus. It is sometimes quite time consuming and tricky to remove the difficult ones but not, in my experience, impossible.

I disagree with IO540's generalisation that the only way to effectively resolve issues is to reinstall a disk image. That is what professionals do because a) it is simple and b) they cannot spend the time doing othyerwise.

What I find is that I spend far longer than a paid technician could reasonably charge for. I do not charge and I do it purely for the fun of it.

Others on this thread are suggesting try this and try that. I am talking from experience when I say use the MajorGeeks Malware removal guide because I can virtually guarantee that you will methodically, thoroughly and permanently remove the malware that is causing the problem. The guide has not been written in a random fashion nor the procedures guessed at. It has been written from experience and works. It is all free.