Monday, September 28, 2009

Beware of Alpha Antivirus

Today, I was doing some research on a client's motherboard and found myself clicking a link which promised more information about that model.  But when I clicked the link, I was faced with a white screen and the following message:



Making matters worse, when I tried to "X" out of the screen, I was hit with several more windows which gave me the impression the software was already downloading itself to my computer, followed by several virus warnings.   And of course, it was impossible to "X" out or "Cancel" the screens.


Luckily for me, I've seen this rogue malware program before under different names.  It's basically the Windows Antivirus malware program renamed and redistributed.  Only this time, it was called, "Alpha Antivirus". 


This message was intended to scare me into downloading this malware software.  And of course, programmers fixed it so that when you hit the red "X" or "cancel" to close the window, more messages popped up giving the impression the software download was in progress.  They also wanted you to believe that your computer was horribly infected with viruses as seen on the screen below:




If you should fine yourself in this situation .... here's what you do.  First, don't panic!  This is a very effective scare tactic designed to persuade you into downloading rogue software.  But if you follow the instructions below, Alpha Antivirus (or Windows Antivirus, or whatever name it's going by) will NOT be downloaded to your computer.

It's impossible to "cancel" or "X" out of the warning messages.  So don't waste your time.  Instead, go to your keyboard and hit the CNTRL + ALT + DEL keys to bring up the task manager (some computers will see a blue windows screen with the option to click on Task Manager).


Once the Task Manager is open, click on the PROCESSES tab (if you're not already on it) and then scroll down the list to find your internet browser. In my case, I was using Firefox when the Alpha Virus warning messages started popping up, so I wanted to find the process "Firefox.exe"  If you're using Internet Explorer, you'll want to find the process, "Iexplorer.exe.

Once you find the process, single left click it once to highlight it in blue and then click the END PROCESS button at the bottom of the Task Manager window.  This will close your internet browser.

The next thing you want to do, is a health check of your computer.  There's a program you can (and should) download called, "Malwarebytes AntiMalware".  This is on the best programs you can have on your computer. It's also one of the few programs that will erase Alpha Antivirus (Windows Antivirus, etc.) from your computer. The free version will work.

So if you don't already have Malwarebytes AntiMalware on your computer, download it and run a Full scan just to be sure that you don't have Alpha Antivirus on your computer.

If you do already have Malwarebytes AntiMalware on your computer, update it and run a full scan. 

If you love Malwarebytes AntiMalware as much as I do, you can buy the full version which will also let you automate the software (for auto updates and scans).  The free version works great, but there's no automatic features in it.  To buy the full version of Malwarebytes AntiMalware, click here.

Oh yeah ... one more thing.  When you go to reopen your internet browser, you may the option to "start a new session" or "restore previous session".  If you do, be sure to choose the "new session" option.

1 comment:

  1. I don't agree Malwarebytes are good so much. I prefer Spyware Doctor for the removal of such rogues.

    ReplyDelete