Antivired.com

Antivired.com Description

Do not visit Antivired.com, if you have the choice. If you already have problems with your web browser taking you to Antivired.com on its own, please do not purchase the software that the site claims to offer. Antivired.com is a malicious website.

In this case, there are two things that are commonly referred to as Antivired.com: one of them is the website itself, and one is the hijacker that causes infected computers' web browsers to go there. Both the website and the hijacker support the fake anti-virus software Antivirus Monitor. Antivirus Monitor pretends to be anti-virus software, and Antivirus Monitor uses scare tactics to try to get people to pay for a license; but in reality, Antivirus Monitor is incapable of providing any security, because Antivirus Monitor is malware. So, Antivirus Monitor also uses Antivired.com as its payment site, where you can pay the con-artists behind Antivirus Monitor by credit card. Obviously, that's something you shouldn't do.

The Hijacker Antivired.com

The hijacker Antivired.com is often just referred to as Antivired.com, because if the hijacker is infecting your computer, Antivired.com will be the only website you'll be allowed to see. Whenever you try to go to any other site, one of two things will happen: either you will find yourself at Antivired.com instead, or you will get a fake error window that says that you were prevented from navigating to the site because the site is malicious. The error window will have a link at the bottom for more information, and if you click on it, you are taken to Antivired.com.

Although the primary symptom of the hijacker Antivired.com is its web browser redirection, the hijacker Antivired.com may also cause pop-up alerts and advertisement to appear, especially once you are on the Antivired.com website. These alerts and advertisement may say that your computer is at risk from some sort of threat, and they may recommend a free scan. If you fall for it and agree to the scan, you put your computer at extreme risk for a download of Antivirus Monitor, which will seriously interfere from your computer after the next time you restart it.

The Website Antivired.com

As a website, Antivired.com is extremely bland, containing the bare minimum in text and information needed to carry out Antivired.com's scam. Like the other sites for Antivirus Monitor, Antivired.com claims to be the one official site for the company selling Antivirus Monitor. Also like the other sites, Antivired.com has very little actual content, with the same handful of lame, basic malware terminology and definitions filling space in multiple locations throughout the site. There is also a customer support form, and a fake company address, both of which are just there to look good. Neither of them matches up to anything in the real world, since there is no customer support and no Antivirus Monitor company. In other words, Antivired.com is the end point of the scam, the point where the crooks try to get you to hand over your money, and they are only interested in making the site look good enough to convince you to pay them.

As of this writing, Antivired.com is at IP address 77.79.10.35, and it is the only domain hosted at that address. So, Antivired.com traces back to a source in Lithuania. Furthermore, the domain (the website name) Antivired.com was only registered on March 8, 2011, which corresponds to the release of the Antivired.com hijacker, which typically uses a Trojan that is hidden on other websites in order to download the hijacker to the victim computer. It is likely that the most visible registration information for the Antivired.com domain is either falsified, or is that of a web hosting service that Antivired.com uses. All of this makes Antivired.com extremely suspicious, and PC users should take care to avoid the site.

Technical Information

File System Details

Antivired.com creates the following file(s):
# File Name Detection Count
1 %Temp%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe N/A
2 %Temp%\[RANDOM CHARACTERS]\ N/A

Registry Details

Antivired.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter Enabled = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings ProxyEnable = 1
HKEY_CURRENT_USER\Software\[RANDOM CHARACTERS]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings ProxyOverride =
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run [RADNOM CHARACTERS].exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings ProxyServer = http=127.0.0.1:18810