Alfa Defender Pro 2011

By | August 4, 2011 | 0 Comment

Alfa Defender Pro 2011 is a fake computer security software that is also called “a must-avoid program.” If Alfa Defender Pro 2011 enters the system, it will begin to carry out the mission of earning money from its illegal activities. It was solely developed to rip-off money from users who fell into its dirty tactics. Just as any rogue security application from its group, Alfa Defender Pro 2011 will promote itself as a legitimate security product to deceive viewers. A well designed web site is also utilized to promote this potentially unwanted program.

Distribution channels include fake online virus scanner, Trojan and spam email messages. Downloading contracted files from file-sharing networks can also contribute to the propagation of Alfa Defender Pro 2011 virus. If installed, severe annoyances is performed that will begin with excessive pop-up of alerts and warning messages. User may encounter browser redirects that point search result to predefined web pages. Right after Windows start, Alfa Defender Pro 2011 will initiate a virus scan without an execution. Thereafter, dozens of threats detected on the system will be published to commit victims into purchasing the registered version of Alfa Defender Pro 2011.

Start to remove Alfa Defender Pro 2011 as soon as symptoms of its presence are recognized. Use security product that came from reputable software vendors to make sure that you will not be scammed. Alternatively, free versions of anti-malware applications are available from legitimate rogue-fighting web sites. You can also follow the step-by-step guide on this page to remove Alfa Defender Pro 2011 without spending a single penny.

Type Rogue
Sub-Type FakeAV
OS Affected Windows XP, Windows Vista, Windows 7

What are the Symptoms of Alfa Defender Pro Infection?

Alfa Defender Pro 2011 Scanner

It will modify Windows Registry and add the following entries:
HKU\DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation “TLDUpdates” = ’1?
HKCU\Software\Classes\.exe\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%1? %*’
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exee” -a “%Program Files%Internet Exploreriexplore.exe”
HKLM\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = ’1?
HKLM\SOFTWARE\Microsoft\Security Center “FirewallOverride” = ’1?

The threat will drop the following malicious files:
%CommonAppData%\[random]
%LocalAppData%\[random].exe
%LocalTempDir%\[random]

Leave a Reply

Your email address will not be published. Required fields are marked *