How to Remove AntiAid | AntiAid Removal Guide



AntiAid is a rogue antivirus/security program that is from the Wini family of Rogues. This is a bit of a departure from much of the long recent history of these rogues due to a new user interface. This rogue (and it’s family) is usually advertised (pushed would be a better term) through codec downloads. They will present content and say that in order to view it you must download this codec which turns out to be the rogue. Once installed, AntiAid will scan your computer and claim there are numerous problems with your system with regards to viral infected files. To remove these it will require that you purchase the software which…. you really shouldn’t do. Read on for how to remove AntiAid.


Like most of these rogue applications the program will also popup numerous warnings and complaints about the security of your system. Just like the infected files that it claims to find, all of these warnings are fabricated and should be ignored.

First, in order to remove AntiAid you should download and install mawarebytes antimalware. (You can find a link to it on my virus removal toolkit page.) While you’re there you may optionally go ahead and download process explorer as well. You may need it further along in the removal process.

If you are unable to install and run malwarebytes initially you may try the following tricks to get it to run. 1) rename the installer mbam-setup.exe to something that will likely be allowed to run such as firefox.exe. Then retry the installer 2) reboot into safe mode and then retry the install. (You will need safe mode with networking for it to update.) 3) continue through the next step of killing off the running processes associated with antiaid and then retry the install.

The following processes are associated with AntiAid and should be killed off via the task manager to continue with your AntiAid removal. If you are unable to launch task manager you may try the following tricks to continue. 1) reboot into safe mode and then retry launching the task manager (most rogues will not run during safe mode – so just verify they’re not running and then continue. 2) copy, paste and rename the taskmgr.exe executable. Copy it to the desktop and then rename it to a program that is likely to be allowed to run such as firefox.exe 3) use process explorer instead to kill off the following programs:

AntiAid.exe
Uninstall.exe
8enyqcv1.exe

There may be some randomization involved in the creation of the filename 8enyqcv1.exe – use the information below plus what you see on your system to determine if that is the correct filename to look for or to determine the appropriate filename on your system.

The following files and folders are related to AntiAid and should be deleted for complete removal of AntiAid:

%docs%All UsersDesktopAntiAID.lnk
%docs%All UsersStart MenuProgramsAntiAID
%docs%All UsersStart MenuProgramsAntiAID1 AntiAID.lnk
%docs%All UsersStart MenuProgramsAntiAID2 Homepage.lnk
%docs%All UsersStart MenuProgramsAntiAID3 Uninstall.lnk
%progfiles%AntiAID Software
%progfiles%AntiAID SoftwareAntiAID
%progfiles%AntiAID SoftwareAntiAIDAntiAID.exe
%progfiles%AntiAID SoftwareAntiAIDuninstall.exe
%win%100849pambotz85.bin
%win%1019wo5m65bz.dll
%win%10568hack9o5l5z5.dll
%win%system322901sp55za.bin
%win%system3229290wozm6795.cpl
%win%system3229418tro5ez.ocx
%tmp%8enyqcv1.exe

After you have removed the above files (or their equivalents) on your system you should now have completed a manual removal of antiaid. Even after a successful removal I would still install and update malwarebytes antimalware and let it run a full scan as well as scanning the system with a trusted antivirus product such as AVG/Avira/etc.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove ShieldSafeness | ShieldSafeness Removal Guide The Wini family of rogue antivirus software has given us yet another version in the last couple days... ShieldSafeness. This is quick on the heels of SoftStronghold (softstronghold removal guide) and succeeds the following variants in this prolific family.... Softveteran (see the softveteran removal guide) but.... SoftCop (see the SoftCop......
  • How to Remove APCProtect | APCProtect Removal Guide APCProtect is the latest rogue antivirus product in the wini family of rogue security sotware. It is generally pushed through sites that claim in order to view a video you need to install a video codec update or flash player update. This "update" is actually the loader for apcprotect. Once......
  • How to Remove SecureKeeper | Secure Keeper Removal SecureKeeper is a rogue antivirus application in the Wini family (with their recent new look user interface.) The Wini family is a very long running line of rogue security applications that have been producing two to three different rogues each week. Of course, the primary changes are the names, but......
Blog Traffic Exchange Related Websites
  • Generali Ladies Linz and Shanghai Rolex Masters This week in Tennis featured three different tournaments, two for the women and one for the men. The women competed in the Generali Ladies Linz in Linz, Austria as well as the HP Open in Osaka, Japan. The men competed in the Shanghai Rolex Masters held in Shanghai, China. The......
  • Computer Malware and Preventive Recommendations: Botnets It’s often what we don’t know can hurt us the most… That is the case when it comes to the effects of malware such as computer viruses, worms and Trojans. Botnets are one of the fastest growing and the most dangerous threat on the Internet today. “Bot” stands for robot,......
  • How To Save $100-$1,000 By Troubleshooting Your Faulty Computer “Oh, wow. Looks like it’s completely dead! At this point, it’s not even worth saving. You might as well just buy a new computer.” “Really, we can’t just fix it? It’s only 2 years old!” Have you ever had that conversation before? It’s pretty common at retail establishments like Best......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site