Antimalware Removal Guide

This is a rogue software. It is a very bad program from the WiniSoft family. It is also a clone of System Veteran. AntiAid is one of the latest release from this malware family.This time, AntiAid has a different Graphical User Interface (GUI).

Anti Malware

» Download Anti Malware Removal Software

This is the second time people behind the WiniSoft family will do that. For AntiAid, they are using the GUI from TRE Antivirus. The one being used for the others malware in the WiniSoft family is like System Warrior or Trust Fighter.

Be aware AntiAid has its own website, named AntiaidDOTcom . From that site, you can get a fake software toolkit called “Virus Protector”. This is simply AntiAid disguised. There are also lots of false information on the website.

The two main goals of AntiAid are: to compromise your computer system a lot and to try to get your money. AntiAid wants you to buy a fake online solution (the registered version). Programs like AntiAid usually stays resident in the background.

AntiAid uses Trojans to infect computers. They can be disguised as almost anything down-loadable: flash downloads, codecs, online scanner, fake softwares being pushed onto your computers by drive by download and more. All they want is to find a way to get installed unto your system.

The first thing any Trojan will do is to download AntiAid unto your system and install it.

AntiAid will then create many fake files in your main Windows directories, e.g. : C:Windows and C:WindowsSystem32 . Remember those files are harmless and fake. They will be used later by AntiAid to claim they are infections and security threats.

This malware will change your System Registry so it will boot itself on each logon .

The next step would be for AntiAid to do a fake system scan. You will get false reports of threats and such on your system. The files reported are those created before. An example of such a file can be “newfeat3.chm”.

AntiAid will also impersonate the Windows Security Center.

You will get lots of pop-ups, fake system notifications to tell you of some infection or many ones on your computer. You can also get them even if not online. Those pop-ups can try to trick you to download more malware and Trojans. You will also get reports your system is being attacked and your personal data can be stolen.

What you will read is that your computer has no protection. That you should register AntiAid to get a full system protection.
We have the Protection System removal instructions at the bottom of this guide.

Some symptoms of Anti Malware:

• It will block security programs, either from running them or updating them
• It will block you from acceding security related websites ; you might then be redirected to compromised ones
• Your browser will be hijacked
• It will disable applications like System Restore, Safe Mode, Task Manager, Registry Editor
• You will get new desktop shortcuts. Clicking on them will redirect you to more compromised websites.
• Your browser homepage might be switched for a compromised website
• Your system will perform a lot slower than usual. The reboot time and the Internet connection might appear slower.
• You might get frequent and automatic reboot. AntiAid might auto-reboot your system.

All of that is to scare you so you will eventually accept the solution AntiAid is showing you: to make an online purchase of a fake full version. This is a fake program as well. The full version is a scam and you will compromise your personal information.

We do recommend you scan your computer with the free trial of Spyware Doctor with Antivirus to see how infected you really are. If it is just this fake security product then follow the manual directions below. If you have other trojans and spyware applications then consider making a purchase of Spyware Doctor with Antivirus Here to remove all other threats and to keep your PC secure. If you follow the link above and use coupon code removevirus10 you will get 10% off. This is an exclusive coupon we got just for our readers.

As well we do recommend this remote computer repair company. They are the leaders in remote computer repair and can have you up and going in no time at all. This option is more for people who don’t feel comfortable removing viruses by themselves and just want an expert to do it for them.  Visit http://www.pcninja.com for more information.

Manual removal instructions for Anti Malware ( Please read our disclaimer below )

Kill Anti Malware processes: ( Learn How to Kill a Process Here. Opens in new Window )

• AntiAID.exe
• 2gbk87zj.exe  ( this process may be unique to your computer )
• 8enyqcv1.exe ( this process may be unique to your computer )
• m6axycx9.exe  ( this process may be unique to your computer )
• uninstall.exe

We do recommend you run a full scan using Spyware Doctor with Antivirus » download. Even if you do not intend on registering the product it will help to stop the virus from re-installing and re-activating while you manually remove it. Also it will inform you of any new changes to the file names. You may need this if it mutates.

Delete Anti Malware registry values: ( Learn How to Edit Registry Here. Opens in new Window )

• HKEY_LOCAL_MACHINESOFTWAREAntiAID
• HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallAntiAID
• HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “%System%8enyqcv1.exe”
• HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “m6axycx9.exe “
• HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “%ProgramFiles%AntiAID SoftwareAntiAIDAntiAID.exe -min”
• HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “AntiAID”

Delete files: ( Hint ) Most of these files will be in the %Program FilesProtection System directory.

• %Documents and Settings%All UsersStart MenuProgramsAntiAID
• %Documents and Settings%All UsersStart MenuProgramsAntiAID1 AntiAID.lnk
• %Documents and Settings%All UsersStart MenuProgramsAntiAID2 Homepage.lnk
• %Documents and Settings%All UsersStart MenuProgramsAntiAID3 Uninstall.lnk
• %Documents and Settings%All UsersDesktopAntiAID.lnk
• %Documents and Settings%All UsersStart MenuProgramsAntiAID
• %Documents and Settings%All UsersStart MenuProgramsAntiAID1 AntiAID.lnk
• %Documents and Settings%All UsersStart MenuProgramsAntiAID2 Homepage.lnk
• %Documents and Settings%All UsersStart MenuProgramsAntiAID3 Uninstall.lnk
• %Documents and Settings%All UsersDesktopAntiAID.lnk
• %Program Files%AntiAID Software
• %Program Files%AntiAID SoftwareAntiAID
• %Program Files%AntiAID SoftwareAntiAIDAntiAID.exe
• %Program Files%AntiAID SoftwareAntiAIDuninstall.exe
• %Temp%nss8.tmp
• %Temp%nsj3.tmp
• %Temp%nsn6.tmp
• %Temp%2gbk87zj.exe
• %Temp%8enyqcv1.exe
• %Temp%m6axycx9.exe
• c:WINDOWS100849pambotz85.bin
• c:WINDOWS1019wo5m65bz.dll
• c:WINDOWS10568hack9o5l5z5.dll
• c:WINDOWSsystem322901sp55za.bin
• c:WINDOWSsystem3229290wozm6795.cpl
• c:WINDOWSsystem3229418tro5ez.ocx

Delete directories: ( Please note that in most cases everything in this folder can be deleted. Just be sure it’s the correct folder)

• c:Documents and SettingsAll UsersStart MenuProgramsAntiAID
• c:Program FilesAntiAID Software
• c:Program FilesAntiAID SoftwareAntiAID
• %Temp%

Please keep in mind that viruses mutate and change all the time. Do expect the above to change around a little. However this guide should work well for you and any experienced pro will be able to follow it and figure out the traces if they mutate. If you do not feel comfortable deleting files and the like then consider purchasing Spyware Doctor with Antivirus or have http://www.pcninja.com remove this and all other threats for you.

Leading Security Clients for you to consider ( Click the Links Below to Learn More )

• Spyware Doctor with Antivirus
• Norton
• Trend Micro
• Kaspersky
• AVG
• MalwareBytes