Selasa, 26 Oktober 2010

anti virus

What is AlfaAntivirus?
AlfaAntivirus is a new scum in the anti-spyware software front. Well, not really new – its the same old pest with the new skin and website. This time the website is www.alfaantivirus.com  -with ugly blue colors that hurt my eyes and software that will hurt the purses of many unsuspecting victims. The domain is registered under name of "New Generation Technologies 3000 Inc.", a corporation with no face on web and probably fake address.
This is the usual way to enter the market.
Alfa Anti-virus is hosted on the same server as other rogue WinFixer and around 20 other rogue domains (IP 72.52.225.11),  they  fail to cover all the tracks about their intent.
It is highly probable that this tool will be shipped to user PC’s using fake codecs and other trojans, thus it is highly advisable to scan your PC with a free detector.
As usual, this fake anti-virus does not removes infections, but asks for purchase of full version. To force the purchase, Alfa Antivirus fakealerts try to convince that your PC requires to be cured from malware. This is true, but the main malware is Alfa Antivirus itself. Stay cautious and do not fall to its trap.
Alfa Antivirus seems to be a direct clone of Personal Antivirus. This program often times blocks users from running any programs. Of course I am sure you already can guess that it's a fake security tool. I know your too smart to fall for this trick. We have found away to get around not being able to run any tools that you should take a look at if your having issues.
Alfa Antivirus Removal Alfa Antivirus
» Download Alfa Antivirus Removal Software UPDATE: 9-29-09  After contacting PCtools about SDA not fully picking this threat up and removevirus.org providing the source files for it their client does now work to fully remove the threat. Alfa Antivirus looks to be a clone of Personal Antivirus.  This is can be one hard threat to remove.  It's important to note that this is a fake security program.  If you had any ideas about purchasing this client then forget about it.  You would just be taken advantage of.  What makes alfa Antivirus hard to remove is that every executable that someone opens gets shut down right away. To get around this you need to end the current running process of this virus.  Often times being in safe mode will do no good because people get a blue screen when trying to go that route.  Our guide below on how to remove Alfa Antivirus covers some good tips to help you get around this. You need to understand that this fake software is not the only threat on your computer.  More often then not users will have several viruses installed on the system and you need to ensure that you remove all of them.  That is why we strongly recommend everyone runs a scan using Spyware Doctor with Antivirus.  It's one of the better clients out there and will help out. Of course you will not be able to run a scan in many instances until you can stop this running application.

Some symptoms of Alfa Antivirus:

  • Bogus Scan results
  • Auto Scans on Start-up
  • Warning coming out of a fake shield in the system tray
  • pop-ups and re-directs to the fake software's website
  • constant warnings of being infected as well as false statements of other trojans
We Made a Video to help you out :) .  Just so you know.  Spyware Doctor with Antivirus does now fully work to remove Alpha Antivirus.  They updated the client to fully pick this strain up.  So if your looking for an easy way to remove it then use SDA.
Alfa Antivirus Removal Video
<a href=Spyware Doctor with Antivirus Downlaod" src="http://www.removevirus.org/images/sdadownloadbutton.jpg" />

We do recommend you scan your computer with the free trial of Spyware Doctor with Antivirus to see how infected you really are. If it is just this fake security product then follow the manual directions below. If you have other trojans and spyware applications then consider making a purchase of Spyware Doctor with Antivirus Here to remove all other threats and to keep your PC secure. If you follow the link above and use coupon code removevirus10 you will get 10% off. This is an exclusive coupon we got just for our readers. As well we do recommend this remote computer repair company. They are the leaders in remote computer repair and can have you up and going in no time at all. This option is more for people who don't feel comfortable removing viruses by themselves and just want an expert to do it for them.

Manual removal instructions for Alfa Antivirus ( Please read our disclaimer below )

Kill PAlfa Antivirus processes: ( Learn How to Kill a Process Here. Opens in new Window )
  • alphaav.exe or Alpha Antivirus.exe
For those who have the Task manager disabled but can still download and run tools we recommend you download the process killer on the side bar.  You can use this to terminate the above file.  If you can not open or install any programs then we came up with a little hat trick.  Right click on the alpha Antivirus client file on your desktop.  Now select properties.  Once there under the general tab you should see a path location for the shortcut file.  Look at the end and you should be able to see the alphaav.exe trace file or something similar.  Now write down the entire path and browse to that directory.  Then re-name the trace file.  For instance if yours is alphaav.exe then name it alphasucks.exe or something like that.  Then re-boot your computer.  On boot-up you should now be able to open up programs. :) If you can not view security websites or download products then we recommend you download the HOSTS fix on the side bar and run the tool.  Also if you are using Internet Explorer then you can use the re-set tool on the side bar as well to bring it back to the default settings. We do recommend you run a full scan using Spyware Doctor with Antivirus » download. Even if you do not intend on purchasing the product it will help to stop the virus from re-installing and re-activating while you manually remove it. Also it will inform you of any new changes to the file names. You may need this if it mutates. Delete Alfa Antivirus registry values: ( Learn How to Edit Registry Here. Opens in new Window )
  • HLMK\Software\Microsoft\Windows\CurrentVersion\Run “Alpha Antivirus”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alpha Antivirus
  • HKEY_LOCAL_MACHINE\SOFTWARE\Alpha Antivirus
Delete files: ( Hint ) Most of these files will be in the %Program Files\Protection System\ directory.
  • alphaav.exe or Alpha Antivirus.exe
  • Alpha Antivirus.lnk
  • Uninstall Alpha Antivirus.lnk
Delete directories: ( Please note that in most cases everything in this folder can be deleted. Just be sure it's the correct folder ;)
  • %Program Files%\Alpha Antivirus
  • %Documents and Settings%\All Users\Start Menu\Programs\Alpha Antivirus
  • %Documents and Settings%\All Users\Application Data\Alpha Antivirus
Please keep in mind that viruses mutate and change all the time. Do expect the above to change around a little. However this guide should work well for you and any experienced pro will be able to follow it and figure out the traces if they mutate. If you do not feel comfortable deleting files and the like then consider purchasing Spyware Doctor with Antivirus or have www.onlinecomputerrepair.org remove this and all other threats for you. Leading Security Clients for you to consider ( Click the Links Below to Learn More )

computertrend blog

Just another weblog

·         Recent Posts

·         Blogroll

To remove Antivirus Alpha – Alpha Lead removal easy Antivirus

http://farm3.static.flickr.com/2803/4214650582_5a8c413d37.jpg
Image : http://www.flickr.com
Alfa Antivirus is an anti-spyware new red. What is Anti-Spyware red? E "The core problem of fake anti-spyware that messages used false alarms and system analysis of the version scare the user must purchase full. The virus is very dangerous, learn quickly and effectively remove the Antivirus software Alpha read below. Descriptive I both manual and automatic removal of the Alfa anti-virus options. ..
Typically, infection These viruses can use the codec, movies, music videos, or unreliable sources. If the computer is running an alpha-Virus startup every time your computer. Then, a person with fake popups and system analysis plagued shows that the system is full of spyware. Are forced to purchase the full version so you do not buy it because it's just more vicious.
Please note the removal of the alpha> Anti-virus on your computer as quickly as possible, because the virus is very dangerous and can cause fatal system error.
Now there are two ways to remove it, you can try a manual or automatic method can be removed from the tool to remove spyware is justified. Manual removal is not recommended for Vundo trojan virus and the files have the ability to regenerate itself to be if the virus once it is started is displayed.
He described the next, I do not rememberguaranteed, and the risk of ruining the entire system if you happen to delete the wrong file. Recommended only for experts in the entire team.
1. Remove the "Alpha Anti Virus" in cases of human trafficking:
2. Find and delete register the "Alpha-antivirus":
3. Search cancel and alpha Anti Virus DLL
Most people have no idea what the above information should be considering that the manual usually does not work automatically suggestsRemove spyware removal tool correctly.
These tools are designed to remove threats to and they have sufficient capacity and effective anti-virus program always alpha. It also allows real-time protection, so you take care to not worry about re-infection with spyware.
Therefore, if you're wondering how to disable anti-virus software on your PC, Alpha, it would be best to get the confidence to download removal tool. You can try toManually remove viruses alpha, but not recommended because the virus can recrated. For more information on the discharge instructions and download the appropriate anti-spyware tool on the link below …
Thanks To : symantec free virus scan forecast anti spyware
Alpha Antivirus (a.k.a. AlphaAV, AlphaAntivirus) is a malicious antivirus application, involving all annoying features of any rogue. This program starts fake scans of the computer, and then the attack of computer users begins. After the scan, different warnings and popups start showing on the screen. They announce that your computer is infected and you have to take care of these issues. However, the only solution Alpha Antivirus provides is purchasing the full version of the application.
But beware! This is a trap only for inexperienced users! Alpha Antivirus can’t suggest anything helpful for you. Do not buy this program! If it is on your pc already, we recomended to remove it as soon as possible.

Alpha Antivirus (aka AlphaAntivirus or Alfa Antivirus) is the newest rogue anti-spyware application that possesses huge destructive potential and has been released to take advantage of computer users’ credulity. Alpha Antivirus GUI appears to be similar to the nasty rogueware known as Personal Antivirus, so we do not exclude these programs’ referring the same malware family. Alpha Antivirus installs onto one’s PC through exploiting the “traditional” rogueware tactics which pre-suppose the use of Trojan.Downloader or annoying browser hijacking routine. Having infiltrated the computer system without letting the user know about it (i.e. without any signs of user authorization), Alpha Antivirus commences deploying its dirty strategy by making some slight system modifications and dropping a number of executables into the System32 folder and creating some registry keys. Consequently, the compromised computer receives Alpha Antivirus signals to launch its executable each time Windows is logged on to. When operating, Alpha Antivirus displays multiple security alerts and fake system scanners which report the alleged detection of malware applications, viruses, trojans, worms, rootkits etc. and recommend the unsuspecting user to install and register Alpha Antivirus paid full version (doing which is a BIG mistake). The truth is – Alpha Antivirus alerts and scanners are fabricated and must therefore not be trusted. Please, do not follow the tips prompted through Alpha Antivirus ads – it’s the shortest known way to severe system contamination. Alpha Antivirus rogue anti-spyware has been developed to bring profit to its creators by deceiving people, so don’t become one of its victims. Please, follow the security guide below to neutralize and uninstall Alpha Antivirus badware ASAP.
Malware Type: Rogue Anti-Spyware
Malware Author: Innovagest2000 SL
Threat Level: http://remove-malware.net/wp-content/uploads/star.gifhttp://remove-malware.net/wp-content/uploads/star.gifhttp://remove-malware.net/wp-content/uploads/star.gifhttp://remove-malware.net/wp-content/uploads/star.gifhttp://remove-malware.net/wp-content/uploads/star.gifCritical
Advice: Immediately remove and scan for additional malware
Alpha Antivirus is a misleading anti-virus program that deliberately displays fake security alerts and reports false system security threats to trick you into thinking your computer is infected with spyware, adware, Trojans or other malicious software. The graphical user interface of this bogus application is almost identical to widely spread rogue's anti-spyware application called Personal Antivirus. When the program is installed it will list a variety of infections and prompt you to pay for a full version of the program to remove infections which do not even exist. You shouldn't purchase this program. We strongly recommend you to uninstall Alpha Antivirus from your computer upon detection.

Alpha Antivirus is installed through the use of fake online anti-spyware scanners and Trojan viruses. Trojans, usually FakeAV, display fake security alerts and notifications stating that your PC is infected or under attack by an Internet virus. FakeAV variants may also download additional malware. In this case is also installs a password stealer on the compromised computer. Once active, AlphaAntivirus will be automatically configured to imitate system scan and display bogus results each time you log on into Windows. As we have already mentioned, the scan results are fake, you may safely ignore them. The main goal of this infection is to trick you into purchasing totally useless software.

Furthermore, Alpha Antivirus will block anti-virus programs and security related websites to protect itself from being deleted. It may disable certain Windows tools and options too, for example Task Manager, Registry Editor and etc. The program will also impersonate Windows Security Center and state that you must purchase AlphaAntivirus to ensure full system protection. As you can see, this program is nothing more but a scam. Please use the removal guide below to remove Alpha Antivirus from your computer manually for free. What this infection does:
Alpha Antivirus is a rogue anti-spyware program from the same family as Personal Antivirus. This program is promoted through the use of malware and web pop-ups that will be displayed as you browse the web. If you are infected via a malware infection, then Alpha Antivirus will be installed onto your computer without your knowledge or permission. If you encounter it via a pop-up, you will see a prompt stating that your computer is infected. When you click on this prompt you will be brought to a page showing an advertisement that pretends to be an online anti-malware scanner. This advertisement will pretend to scan your computer and then state that there are infections and that you should download and install Alpha Antivirus to protect yourself.
When Alpha Antivirus is installed it will be configured to start automatically when you boot into Windows. Once running it will perform a scan of your computer and when finished state that there are numerous infections on your computer. It will not allow you to remove these infections, though, until you first purchase the program. These infections are all fake and do not exist on your computer. They are only being shown to scare you into purchasing Alpha Antivirus.

Alpha Antivirus screenshot
Alpha Antivirus screenshot
For more screen shots of this infection click on the image above.
There are a total of 3 images you can view.

While the program is running you will see a constant barrage of fake security alerts and windows. These alerts, like the fake scan results, are designed to make you think there is a security risk on your computer and then suggest that you purchase Alpha Antivirus in order to protect your computer. Just like the scan results, these fake alerts are all fake and the only infection is Alpha Antivirus and the malware that was installed alongside it.
If you are infected with Alpha Antivirus, then please do not purchase this program. If you have already purchased it, then we advise you to contact your credit card company and dispute the charges as this program is a scam. Last, but not least, please use the guide below to remove Alpha Antivirus and related malware from your computer.

Threat Classification:

Advanced information:
View Alpha Antivirus files.
View Alpha Antivirus Registry Information.

Entries for this program found in the Add or Remove Programs control panel:
Alpha Antivirus

Tools Needed for this fix:

Symptoms that may be in a HijackThis Log:
O2 - BHO: &Helper - {A77D3539-581D-450C-9E44-A84C415A6172} - C:\WINDOWS\system32\msnaoladdon.dll
O2 - BHO: &Advanced Explorer Editor - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\WINDOWS\system32\ExplorerImages.dll
O4 - HKLM\..\Run: [AlphaAV] C:\Program Files\AlphaAV\AlphaAV.exe
O4 - HKCU\..\Run: [AlphaAnt] C:\Program Files\AlphaAnt\alpha.exe

Guide Updates:
09/28/09 - Initial guide creation.
10/05/09 - Updated for new version
11/16/09 - Updated for new version.

Automated Removal Instructions for Alpha Antivirus using Malwarebytes' Anti-Malware:

  1. Print out these instructions as we will need to close every window that is open later in the fix.
  2. Download Malwarebytes' Anti-Malware, or MBAM, from the following location and save it to your desktop:

    Malwarebytes' Anti-Malware Download Link (Download page will open in a new window)

  1. Once downloaded, close all programs and Windows on your computer, including this one.
  2. Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MBAM onto your computer.
  3. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure you leave both the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware checked. Then click on the Finish button.
  4. MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan. As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.

MalwareBytes Anti-Malware Screen

  1. On the Scanner tab, make sure the the Perform full scan option is selected and then click on the Scan button to start scanning your computer for Alpha Antivirus related files.
  2. MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.

MalwareBytes Anti-Malware Scanning Screen

  1. When the scan is finished a message box will appear as shown in the image below.

MalwareBytes Anti-Malware Scan Finished Screen
You should click on the OK button to close the message box and continue with the AlphaAntivirus removal process.
  1. You will now be back at the main Scanner screen. At this point you should click on the Show Results button.
  2. A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.

MalwareBytes Scan Results

You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so. Once your computer has rebooted, and you are logged in, please continue with the rest of the steps.
  1. When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window.
  2. You can now exit the MBAM program.
Your computer should now be free of the AlphaAntivirus program. If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes' Anti-Malware to protect against these types of threats in the future.
If you are still having problems with your computer after completing these instructions, then please follow the steps outlined in the topic linked below:
Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Associated Alpha Antivirus Files:
c:\Documents and Settings\All Users\Start Menu\AlphaAV
c:\Program Files\Common Files\Uninstall
c:\Program Files\Common Files\Uninstall\AlphaAV
c:\Documents and Settings\All Users\Start Menu\AlphaAV\Alpha Antivirus.lnk
c:\Documents and Settings\All Users\Start Menu\AlphaAV\Uninstall.lnk
c:\Documents and Settings\Bleeping\Desktop\Alpha Antivirus.lnk
c:\Program Files\Common Files\Uninstall\AlphaAV\Uninstall.lnk
c:\WINDOWS\system32\msnaoladdon.dll
c:\Program Files\AlphaAnt
c:\Program Files\AlphaAnt\alpha.exe
c:\Program Files\Common Files\AlphaAntUninstall
c:\Program Files\Common Files\AlphaAntUninstall\Uninstall.lnk
c:\WINDOWS\system32\ExplorerImages.dll
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\AlphaAnt.lnk
%UserProfile%\Desktop\Alpha Antivirus.lnk
c:\Documents and Settings\All Users\Start Menu\AlphaAnt
c:\Documents and Settings\All Users\Start Menu\AlphaAnt\Alpha Antivirus.lnk
c:\Documents and Settings\All Users\Start Menu\AlphaAnt\Computer Scan.lnk
c:\Documents and Settings\All Users\Start Menu\AlphaAnt\Help.lnk
c:\Documents and Settings\All Users\Start Menu\AlphaAnt\Registration.lnk
c:\Documents and Settings\All Users\Start Menu\AlphaAnt\Security Center.lnk
c:\Documents and Settings\All Users\Start Menu\AlphaAnt\Settings.lnk
c:\Documents and Settings\All Users\Start Menu\AlphaAnt\Update.lnk
File Location Notes:
%UserProfile% refers to the current user's profile folder. By default, this is C:\Documents and Settings\ for Windows 2000/XP, C:\Users\ for Windows Vista/7, and c:\winnt\profiles\ for Windows NT.

Associated Alpha Antivirus Windows Registry Information:
HKEY_CLASSES_ROOT\CLSID\{A77D3539-581D-450C-9E44-A84C415A6172}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A77D3539-581D-450C-9E44-A84C415A6172}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "WinNT-PAI 05.10.2009"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "AlphaAV"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\AlphaAnt
HKEY_CLASSES_ROOT\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKEY_LOCAL_MACHINE\SOFTWARE\5FFB10D58FFCF482208906E6A889FD56
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AlphaAnt"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\post platform "WinTSI 15.11.2009"

Diposting oleh di Tidak ada komentar:
Langganan: Postingan (Atom)