Friday, October 8, 2010

Remove Antivirus Action malware

Antivirus Action is another rogue antivirus program. The misleading application is a clone of Antivirus IS malware. This malware reports false infections and displays a lot of fake security alerts in order to trick you into purchasing its so-called full version.

HijackThis shows Antivirus Action infection:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}\{RANDOM}agnz.exe

What Antivirus Action does

Antivirus Action is distributed with the help of trojans that come from various misleading websites. When the trojan is started, it will install this malware. On first run, Antivirus Action configures itself to start automatically when Windows loads. Next, the fake antivirus will simulate a system scan and list a lot of false infections that actually does not exist!

Antivirus Action will state that your computer is infected with adware, trojans, worms or malware with one purpose - to scare you into thinking that your PC in danger. Obviously, such results are a fraud, so you can freely ignore them.

While Antivirus Action is running, it will flood your computer with fake security alert and notifications from Windows task bar. Moreover, the rogue will disable Task Manager and hijack Internet Explorer so, that it will display a misleading notification that states - "Internet Explorer Warning – visiting this web site may harm your computer!". Of course, all of these alerts and messages are a fake and like false scan results should be ignored.

As you can see, Antivirus Action is absolutely useless and what is more, even dangerous software. Most importantly, do not purchase it. Instead, please use the Antivirus Action removal guide or the instructions below in order to remove this malware from your computer for free.

Antivirus Action removal instructions

Reboot your computer in Safe mode with networking.

Reset proxy settings of your browser (this malware hijacked them) by doing: run Internet Explorer, Click Tools and select Internet Options. Select Connections Tab and click to Lan Settings button. Uncheck “Use a proxy server” box. Click OK and click OK again.

Download Malwarebytes Anti-malware. Double click mbam-setup.exe to install the application. When installation is complete, make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version.

Once the program has loaded you will see a screen like below.

Malwarebytes' Anti-Malware

Select "Perform Quick Scan", then click Scan. When the scan is done, click OK, then Show Results to view the results. You will see a list of malware that  Malwarebytes' Anti-Malware found on your computer. Note: list of malware may be different than what is shown in the screen below.

Malwarebytes' Anti-Malware - lists of malicious software

Make sure that everything is checked, and click Remove Selected. Once disinfection is finished, a log will open in Notepad and you may be prompted to Restart.

If the instructions does not help you, then ask for help in the Spyware removal forum.

No comments:

Post a Comment