Alpha Antivirus
What is Alpha Antivirus?
Alpha Antivirus is a fake security application which was recently categorized as rogue program because of similar goal to other scam software that deceive its victim of false alert messages and pop-up warning to be able to sell the Alpha Antivirus program. This fraudulent activity has been around for sometime and a Trojan was used in relation with scam security website to make the mission successful.
User who got infected with Alpha Antivirus will receive prompt for security protection and virus removal once the full version was purchased. Instead of paying for this useless program, just download a free Alpha Antivirus removal tool so that it can be removed on computer along with its files.
| Type | Rogue |
| Sub-Type | FakeAV |
| Aliases | |
| OS Affected | Windows |
| Detected By | MalwareBytes |
What are the Symptoms of Alpha Antivirus Infection?
It will run an Alpha Antivirus scanner once downloaded and installed completely.
It will modify Windows Registry and add the following entries:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Alpha Antivirus”
HKEY_CURRENT_USER\Software\Alpha Antivirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alpha Antivirus
HKEY_LOCAL_MACHINE\SOFTWARE\Alpha Antivirus
The threat will drop the following malicious files:
- %Documents and Settings%\All Users\Start Menu\Programs\Alpha Antivirus
- %Documents and Settings%\All Users\Application Data\Alpha Antivirus
- %System Root%\Samples
- %User Profile%\Local Settings\Temp
- %Program Files%\Alpha Antivirus
- %Program Files%\LabelCommand
How to Remove Alpha Antivirus Manually
1. Restart your computer in SafeMode
- After Power-On the computer, just before Windows start, press F8
- From the selections, Select SafeMode
2. Remove Registry entries that the threat added. You MUST BACKUP YOUR REGISTRY FIRST.
- Click Start > Run
- Type in the field, regedit
- Navigate and look for the registry entries mentioned above and delete if necessary
3. Delete malicious files that the threat added:
- Base on the given location above, browse and delete the file
- If no location is given, click Start>Search> and search for the file.
- If cannot be deleted, press Ctrl+Alt+Del to access Task Manager, see if the file is running in the process. If it is, select the file and click End Process. Perform file delete again.
4. Scan computer with Antivirus Program
- Update antivirus program
- Scan computer and delete all detected threats.
Automatic Removal of Alpha Antivirus
1. Print this procedure as we need to close all programs running later.
2. Download MalwareBytes’ Antimalware here and save it to your Desktop.
3. Close all open applications.
4. Double-Click on the downloaded mbam-setup.exeto start the installation. If unable to execute, infections on computer is preventing it from running, rename the file mbam-setup.exe to anything (like myfile.exe)
5. Run the installation on the default settings. No changes are necessary.
6. Just before completing the installation, make sure that the following are marked check.
- Update Malwarebytes’ Anti-Malware
- Launch Malwarebytes’ Anti-Malware
7. MBAM will run and update itself after installation. Close MBAM after the update.
8. Restart your computer in SafeMode
- After Power-On the computer, just before Windows start, press F8
- From the selections, Select SafeMode
9. Click on the MBAM icon and start to Perform Full Scan to begin scanning your computer for Alpha Antivirus related files.
10. After scanning, a message will appear stating that the scan is completed successfully. Click OK.
11. Click Show Results and detected threats will be displayed.
12. Make sure that all threats are marked check, then click Remove Selected to begin removal of the malicious files.
13. Exit MalwareBytes’ AntiMalware and restart your computer.
14. Alpha Antivirus and all its files are now removed from your computer. To protect your computer from this threat and avoid future infections, you may want to obtain a Full Version of MalwareBytes’ AntiMalware.
