Antivirus Action DescriptionType: Rogue Anti-Virus Program
Antivirus Action is a fake security application that can spread via Trojans, file-sharing networks and malicious websites. On infiltrating a system, Antivirus Action, a member of the FakeSpyPro family will create a start-up registry entry which will enable it to execute with every system start-up. Antivirus Action will generate fake system security warnings to convince victims that they need to purchase its full version to remove the detected threats. Antivirus Action (AntivirusAction) is a useless application that should never be purchased. The rogue anti-virus program can be unknowingly installed onto a user's computer by Trojans that exploit known Windows vulnerabilities or when a victim opens an infected attachment in spammed e-mails. It can also come bundled with downloads from infected websites or files from peer-to-peer networks. On infiltrating a system, Antivirus Action will create a start-up registry entry to ensure that it is automatically executed every time the infected PC is started up. Antivirus Action will also block a victim's access to applications such as Task Manager or Registry Editor. These actions will ensure that the rogue is not easily detected and removed from the system.
When a victim attempts to run programs on a compromised PC, Antivirus Action will display a message claiming that the file he/she is attempting to run is infected and then it will terminate the process. The security message is as follows:
Application cannot be executed. The file notepad.exe is infected. Do you want to activate your antivirus software now."
The programs and processes are terminated to prevent a victim from launching security software to remove the rogue. However if you attempt to run the programs enough times they should eventually work. To convince a victim that his/her system is infected, a fake system scan will be simulated which is designed to always report the detection of several dangerous computer parasites such as viruses, Trojan, spyware etc. Fake system security alerts and pop-up warnings will also be displayed to convince a victim that he/she needs to purchase its full version to remove the detected threats.
Below is an example of the security alerts:
"Windows Security Alert
Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here to scan your computer. Your system might be at risk now."
As a result of browser hijacking, when a victim attempts to browse the internet and even when a user clicks on the security alerts displayed by Antivirus Action, he/she will be redirected to malicious websites that promote the online purchase of this rogueware. Users should be aware that Antivirus Action is not able to detect or remove legitimate computer malware and thus should never be purchased. Instead use a reliable malware removal tool to rid your PC of this useless rogue.
There are numerous clones of Antivirus Action that include AntiSpyware Soft, Antivirus System Pro, Spyware Protect 2009, Security Central, Antivirus Soft, Antivirus Suite, Antivir Solution Pro, Security Suite, Malware Destructor 2011, Antivirus Scan, PC Security 2011, Antivirus .NET, AntiVira Av, AntiMalware GO, Antivirii 2011, Antivirus Monitor, Antivirus Live.
15 security vendors flagged this file as malicious.
File System Details
|#||File Name||MD5||Detection Count|
More Details on Antivirus Action
Application cannot be executed. The file notepad.exe is infected. Do you want to activate your antivirus software now.
|Windows Security Alert|
Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here for the scan your computer. Your system might be at risk now.
- 'Malware Detected, Action Required' Pop-Ups
- 'Transaction received into blockchain wallet' Email Scam
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.