Home Malware Programs Hijackers Shoprdig.com


Posted: February 15, 2011

Shoprdig.com is a malicious website that propagates the rogue anti-virus software AntiVira Av. You may find your browser redirected to Shoprdig.com automatically by hijacker infections or links created by AntiVira Av. Since the AntiVira Av product is a rogue scanner that harms your computer with erroneous pop-ups and the disabling of essential security programs, you should try to avoid AntiVira AV and the Shoprdig.com website. Although the interface looks professional, transferring money or private information through Shoprdig.com is giving these things to criminals who don't need to be rewarded for their extortion.

Looking Behind Shoprdig.com's Pretenses

The Shoprdig.com website is designed in a similar fashion to legitimate security software websites but has many minor telltale details that indicate an untrustworthy company. Although functional, the layout is sparse in functionality and cheaply-made, indicating a low budget and limited employees. This is because Shoprdig.com's only real purpose is to transfer money from victims of AntiVira Av to the hackers that designed it!

Customer support and contact information are barely represented, and essentially shells only there to make a meager effort at looking professional. Regardless of the problems you may suffer from while handling an AntiVira Av infection, you should never give information to Shoprdig.com. Even your email address will likely be used to promote spam.

When Forced to Make Contact With Shoprdig.com

The true giveaway behind Shoprdig.com's malicious intentions is the fact that its primary product is spread through Trojans and other infections. Even cursory research into AntiVira Av will show that it creates message errors and scan results with fake content, making it malware instead of a useful scanning program. This rogue security product and related malware may try to force you towards Shoprdig.com to give your money to criminals. Some common methods used are:

  • Error message-based browser hijacking. The infection will stop you from going towards a legitimate website by creating a fake error message about the site's supposedly unsafe nature. This is particularly likely if you were using a popular search engine to navigate towards the site in question. Unlike a true error message, infection-created ones will contain links towards Shoprdig.com. Genuine errors will simply return you to the previous page. This tactic may be overused to the point of entirely blocking out all non-Shoprdig.com websites.
  • Link insertion in website text content. This is usually an indication that you've already been directed towards a site that is, if not completely unsafe, at least somewhat risky. An excess of links indicates linking farms and other unsavory activities that are often affiliated with malicious websites like Shoprdig.com.
  • Alteration of your homepage to Shoprdig.com. This is a common trick used by many kinds of malware, and may be impossible to undo permanently until the infection is cleared out.

In all cases, the best response to avoid interacting with Shoprdig.com, is closing your browser, and rebooting into Safe Mode. From Safe Mode, one may halt all malware processes and scan one's computer with an actual security product, getting rid of AntiVira Av and any other malware.

File System Modifications

  • The following files were created in the system:
    # File Name

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http="HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random].exe"HKEY_CURRENT_USER\Software\[RANDOM CHARACTERS]