Home Rogue Websites Antiaid.com

Antiaid.com

Posted: November 12, 2009

Antiaid.com is the homepage of the rogue anti-spyware program AntiAID. Antiaid.com advertises AntiAID, which is completely useless, and tries to convince users to purchase the parasite's "full version". Antiaid.com contains tons of misleading information for the useless software toolkit "Virus Protector", which is actually AntiAID. Do not trust this website. Remove AntiAID immediately to prevent further damages.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Documents and Settings%\All Users\Desktop\AntiAID.lnk
    2 %Documents and Settings%\All Users\Start Menu\Programs\AntiAID
    3 %Documents and Settings%\All Users\Start Menu\Programs\AntiAID\1 AntiAID.lnk
    4 %Documents and Settings%\All Users\Start Menu\Programs\AntiAID\2 Homepage.lnk
    5 %Documents and Settings%\All Users\Start Menu\Programs\AntiAID\3 Uninstall.lnk
    6 %Program Files%\AntiAID Software
    7 %Program Files%\AntiAID Software\AntiAID
    8 %Program Files%\AntiAID Software\AntiAID\AntiAID.exe
    9 %Program Files%\AntiAID Software\AntiAID\uninstall.exe
    10 %Temp%\2gbk87zj.exe
    11 %Temp%\8enyqcv1.exe
    12 %Temp%\nsj3.tmp
    13 %Temp%\nsn6.tmp
    14 %Temp%\nss8.tmp

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “%ProgramFiles%\AntiAID Software\AntiAID\AntiAID.exe -min”HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “%System%\8enyqcv1.exe”HKEY_LOCAL_MACHINE\SOFTWARE\AntiAIDHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AntiAID
Loading...