How to Detect & Remove Antivirus XP 2008
What's Antivirus XP 2008?
Antivirus XP 2008 Threat Level: 
Antivirus XP 2008 is more fake anti-spyware; Antivirus XP 2008 is just XP Antivirus 2008 by another name. Like XP Antivirus 2008, Antivirus XP 2008 pops up fake security alerts to try and trick you into buying Antivirus XP 2008. Antivirus XP 2008 may have downloaded itself onto your computer through a trojan, like Zlob. Antivirus XP 2008 can launch when you start up Windows, and Antivirus XP 2008 may popup tons of ads that are difficult to close.
Get rid of Antivirus XP 2008, if only because Antivirus XP 2008 may make you want to throw your PC out the window.
Do I Have Antivirus XP 2008?
You can search your computer manually, but it might take hours to find Antivirus XP 2008’s hidden files. To save time, I recommend you automatically scan your PC for Antivirus XP 2008 and other spyware. Why not? It’s free.
Free Antivirus XP 2008 Scan, with SpyHunter
You can easily detect Antivirus XP 2008 with SpyHunter’s FREE spyware scanner. And if you’re really infected with Antivirus XP 2008, you can buy the full version of SpyHunter to remove Antivirus XP 2008 and other spyware. Or you can use my instructions below and remove Antivirus XP 2008 for free.
I’m a big fan of SpyHunter. Here’s why: SpyHunter offers live support on the phone, and if SpyHunter doesn’t automatically remove Antivirus XP 2008, you can get a custom fix for your computer.
How to Remove Antivirus XP 2008
Your best protection against Antivirus XP 2008 is to remove Antivirus XP 2008 processes, registry keys, DLLs, and other files ASAP.
Get Rid of Antivirus XP 2008 Manually
Manual removal of any spyware can be difficult. When you manually remove Antivirus XP 2008, you have to fiddle with your registry and risk destroying your PC. It’s highly recommended you use an automatic spyware scanner to make sure you’re infected with Antivirus XP 2008. Also, I recommend you backup your system any time before editing your registry.
To remove Antivirus XP 2008 manually, you need to delete Antivirus XP 2008 files. Not sure how to delete Antivirus XP 2008 files? Click here, and I’ll tell you. Otherwise, go ahead and…
Remove Antivirus XP 2008 processes:
%ProgramFiles%\[RANDOM NAME]\Uninstall.exe
%System%\[RANDOM NAME].exe
Delete Antivirus XP 2008 DLLs:
%ProgramFiles%\[RANDOM NAME]\MFC71ENU.DLL
%ProgramFiles%\[RANDOM NAME]\msvcp71.dll
%ProgramFiles%\[RANDOM NAME]\msvcr71.dll
%ProgramFiles%\[RANDOM NAME]\rhccv9j0e1b1.exe.local
Remove Antivirus XP 2008 registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\”AntivirXP08″ = “AntivirXP08″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\[RANDOM NAME] HKEY_LOCAL_MACHINE\SOFTWARE\[RANDOM NAME] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\[RANDOM NAME]
Detect and Remove Antivirus XP 2008 files:
C:\Documents and Settings\All Users\Desktop\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\License Agreement.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Uninstall.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008.lnk %ProgramFiles%\[RANDOM NAME]\database.dat
%ProgramFiles%\[RANDOM NAME]\license.txt
Delete Antivirus XP 2008 directories:
%UserProfile%\Application Data\[RANDOM NAME]
Note: In any files I mention above, “%System%” is a variable referring to your PC’s System folder. Maybe you renamed it, but by default your System folder is “C:\Windows\System32″ on Windows XP, “C:\Winnt\System32″ on Windows NT/2000,” or “C:\Windows\System” on Windows 95/98/Me.
Relatedly, “%UserProfile%” is a variable referring to your current user’s profile folder. If you’re using Windows NT/2000/XP, by default this is “C:\Documents and Settings\[CURRENT USER]” (e.g., “C:\Documents and Settings\JoeSmith”).
Antivirus XP 2008 changed your homepage?
Click Windows Start menu > Control Panel > Internet Options. Next, under Home Page, select the General > Use Default. Type in the URL you want as your home page (e.g., “http://www.homepage.com”). Then select Apply > OK. You’ll want to open a fresh web page and make sure that your new default home page pops up.
Recommendation:
To save time and avoid risking destroying your computer, I highly recommend you use a spyware scanner, such as SpyHunter, to detect Antivirus XP 2008 and other spyware, adware, trojans, viruses, keyloggers, and more that can be hidden in your PC. It’s also recommended before you manually remove Antivirus XP 2008 you backup your system.
Free Antivirus XP 2008 Scan, with SpyHunter
Automatically detect Antivirus XP 2008 and other spyware on your PC with SpyHunter’s FREE spyware scan.
How Do I Remove Antivirus XP 2008 Files?
Need help figuring out how to delete files, DLLs, and registry keys? While there’s some risk involved, and you should only manually remove Antivirus XP 2008 files if you’re comfortable and confident editing your system, you’ll find it’s fairly easy to delete Antivirus XP 2008 files in Windows.
How to delete Antivirus XP 2008 files in Windows XP and Vista:
- Click your Windows Start menu, and from “Search,” click “For Files and Folders…“
- A speech bubble will pop up asking you, “What do you want to search for?” Click “All files and folders.”
- Type any file name in the search box, and select “Local Hard Drives.”
- Click “Search.” Once the file is found, delete it.
How to stop Antivirus XP 2008 processes:
- Click the Start menu, select Run.
- Type taskmgr.exe into the the Run command box, and click “OK.” You can also launch the Task Manager by pressing keys ALT + CTRL + DELETE or CTRL + Shift + ESC.
- Click Processes tab, and find Antivirus XP 2008 processes.
- Once you’ve found the Antivirus XP 2008 processes, right-click them and select “End Process” to kill Antivirus XP 2008.
How to remove Antivirus XP 2008 registry keys:
Your Windows registry is the core of your Windows operating system, storing information about user settings, system preferences, and software, including which applications automatically launch at start up. Because of this, spyware, malware, and adware will often bury their own files into your Windows registry so that they automatically launch every time your start up your PC.
Because your registry is such a key piece of your Windows system, you should always backup your registry before you make any changes to it. Editing your registry can be intimidating if you’re not a computer expert, and when you change or a delete a critical registry key or registry value, there’s a chance you may need to reinstall your entire Windows operating system. Make sure your backup your registry before editing it.
- Select your Windows menu “Start,” and click “Run.” An “Open” field will appear. Type “regedit” and click “OK” to open up your Registry Editor.
- Registry Editor will open as a window with two panes. The left side Registry Editor’s window lets you select various registry keys, and the right side displays the registry values of the registry key you select.
- To find a registry key, such as any Antivirus XP 2008 registry keys, select “Edit,” then select “Find,” and in the search bar type any of Antivirus XP 2008’s registry keys.
- As soon as Antivirus XP 2008 registry key appears, you can delete the Antivirus XP 2008 registry key by right-clicking it and selecting “Modify,” then clicking “Delete.”
Computer acting funny after you’ve edited your registry and deleted Antivirus XP 2008 registry keys? Just restore your registry with your backup.
How to remove Antivirus XP 2008 DLL files:
Like most any software, spyware, adware, and malware may also use DLL files. DLL is short for “dynamically linked library,” and Antivirus XP 2008 DLL files, like other DLLs, carryout predetermined tasks. To manually delete Antivirus XP 2008 DLL files, you’ll use Regsver32, a Windows tool designed to help you remove DLL and other files.
- First you’ll locate Antivirus XP 2008 DLL files you want to delete. Open your Windows Start menu, then click “Run.” Type “cmd” in Run, and click “OK.”
- To change your current directory, type “cd” in the command box, press your “Space” key, and enter the full directory where the Antivirus XP 2008 DLL file is located. If you’re not sure if the Antivirus XP 2008 DLL file is located in a particular directory, enter “dir” in the command box to display a directory’s contents. To go one directory back, enter “cd ..” in the command box and press “Enter.”
- When you’ve located the Antivirus XP 2008 DLL file you want to remove, type “regsvr32 /u SampleDLLName.dll” (e.g., “regsvr32 /u jl27script.dll”) and press your “Enter” key.
That’s it. If you want to restore Antivirus XP 2008 DLL file you removed, enter “regsvr32 DLLJustDeleted.dll” (e.g., “regsvr32 jl27script.dll”) into your command box, and press your “Enter” key.
How Did I Get Antivirus XP 2008?
You may be wondering how Antivirus XP 2008 ended up on your PC. If you’re infected with Antivirus XP 2008 or other spyware, your system’s and web browser’s security settings may be set too low, you may not follow safe web browsing and email habits, and you may need to regularly use a good anti-spyware application. Unsafe computer behavior that may lead to your PC having Antivirus XP 2008 includes:
Freeware or Shareware:
Did you download and install shareware or freeware? These low-cost or free software applications may come bundled with spyware, adware, or programs like Antivirus XP 2008. Sometimes adware is attached to the free software to “pay” developers for the cost of creating the software, and more often spyware is secretly and maliciously attached to free software to harm your computer and steal your personal and financial information.
Peer-to-Peer Software:
Do you use a peer-to-peer (P2P) program or other application with a shared network? When you use these applications, you put your system at risk for unknowingly downloading an infected file, including applications like Antivirus XP 2008.
Questionable Websites: Did you visit a website that’s of questionable nature? When you visit malicious sites that are fishy and phishy, Trojans, spyware, and adware may be automatically downloaded and installed onto your computer, sometimes including applications like Antivirus XP 2008.
It’s important to practice safer online habits to prevent being infected with Antivirus XP 2008 . You may want to scan your computer for the latest version of Antivirus XP 2008 and other security threats.
Detect Antivirus XP 2008 & Other Malware
Is your computer infected with malware?
When you’re infected with malware, whether it’s Antivirus XP 2008, spyware, adware, trojans, rogue anti-spyware, keyloggers, worms, or viruses, there are a few key symptoms you may experience. If you notice one or more of the symptoms listed below, your PC may be infected with Antivirus XP 2008 or other malware. Continue reading below, or click here for a free malware scan.
Slow computer performance: It only takes one or two spyware parasites like Antivirus XP 2008 to cause your computer to slow dramatically. If your PC takes longer than usual to reboot or if your Internet connection is unusually slow, your computer may be infected with malware.
New desktop shortcuts or switched homepage: Malware like Antivirus XP 2008 may change your Internet settings or redirect your default homepage to another web site. Malware may even add new desktop shortcuts on your PC.
Annoying popups on your PC: Malware may bombard your computer with popup ads, even when you’re not online. Malware may stop your regular Internet activity and track your surfing habits and gather personal information about you, putting your financial and personal information at risk.
Understanding Antivirus XP 2008 & Spyware
If you’re infected with Antivirus XP 2008 and spyware, you should know what you’re fighting. I’ll explain some spyware definitions related to Antivirus XP 2008.
Antivirus XP 2008 May Be Rogue Anti-Spyware
What’s Rogue Anti-Spyware?
Rogue anti-spyware - or suspect anti-spyware - refers to anti-spyware software of questionable value. Rogue anti-spyware may not be proven to protect your computer from spyware, may popup fake alerts or create many false positives about your PC being infected, or may use scare tactics to try to get you to purchase the application. Rogue anti-spyware software may be installed by a Trojan, come bundled with other software, or install itself through web browser security holes. While it is fairly rare, some rogue anti-spyware is created and distributed by known spyware or adware companies, and the rogue anti-spyware may install spyware or adware itself.
Often when you’re infected with rogue anti-spyware like Antivirus XP 2008, you’ll see a false popup security alert like this:
Rogue Anti-Spyware Tactics
Typically, rogue anti-spyware has one or more of the qualities listed below, which is why rogue anti-spyware is considered anti-spyware software of questionable value.
» False positives/fake alerts: Rogue anti-spyware may produce a large number of false positives or use fake alerts, noting that your computer is infected with spyware parasites or other threats that do not really exist.
» Copycat looks: Rogue anti-spyware may copy the look and feel of other legitimate or rogue anti-spyware applications. Often, rogue anti-spyware applications may appear as close clones of other rogue anti-spyware software.
» High pressure marketing: Rogue anti-spyware may use scare tactics or other aggressive advertising and marketing tactics to try to trick you into buying the rogue anti-spyware application. Often, rogue anti-spyware may produce false positives and fake alerts about your computer being infected.
» Poor detection/scan reporting: Rogue anti-spyware may produce poor reports when it scans your PC. For example, rogue anti-spyware may say your computer is infected 11 parasites, but not specify which spyware parasites or what type of parasites. Rogue anti-spyware may also report that your PC is infected with SafeAndClean, but not tell you which related files, DLLS, etc. were found on your computer.
» Weak scanning/detection: Rogue anti-spyware may not only poorly report on computer infection, but rogue antispyware may also poorly scan your PC. Rogue anti-spyware may skip over important folders and files of your computer that should be scanned to detect spyware.
Antivirus XP 2008 may use these tactics to trick or scare you into purchasing Antivirus XP 2008.
Antivirus XP 2008 May Be a Trojan
What Are Trojans?
Trojans install themselves secretly onto your computer, most often through your downloading a simple email attachment (often .avi, .pif, .exe, and even .jpg files.) Most Trojans are able to gain complete control over your PC after installation. With this control, the Trojan and the hacker behind it may change your system settings, delete important files, steal your passwords, and watch your computer acitivity.
Some Trojans may also fall under the category of spyware. Spyware is any software or malware (”malicious software”) used to spy or track your computer activity. While some spyware is legitimately and intentionally installed by parents or employers to monitor Internet activity on a computer, spyware may be installed maliciously. Often spyware may come bundled with downloads of free software or come in the form of a cookie via a website, and this spyware may track your Internet activity or may steal secret account usernames and passwords, credit card numbers, and other personal and financial information.
Methods of Antivirus XP 2008 and Other Trojans Infection
Most trojans infect your computer by tricking you into running an infected application. This infected application could disguised as a small file, such as a jpeg or other email attachment, or it might be downloaded via a website or FTP.
» Email: Your PC may be infected with a trojan when you download infected email attachments, or sometimes even when you simply open an email. Many trojans exploit security holes in Microsoft Outlook. You may be able to reduce your chances of getting infected by a Trojan by using a spam-blocking software.
» Websites: Your PC may be infected with a trojan when you visit a rogue site. Many trojans exploit security holes in Internet Explorer web browser so that by simply visiting a website you may unknowingly download a Trojan.
» Open ports: If your computer runs programs that provide file-sharing functions - such as AOL Instant Messenger (AIM), MSN Messenger, and more - you may open your computer up to vulnerabilities. Using file sharing through these applications may create a network that gives attackers the opportunity to remotely access your computer.
Antivirus XP 2008 may have infected your PC by through one of those methods. Trojans are some of the most sophisticated and dangerous type of malware, capable of controlling your system. Because of this, it may be best if Antivirus XP 2008 and Trojans are removed from your computer immediately.
Antivirus XP 2008-Related Posts
Antivirus XP 2008's Threat Level Explained
Antivirus XP 2008 Is a Minor Pest 
The parasite isn't a real threat, but Antivirus XP 2008 may track your Internet activities. Antivirus XP 2008 may be easily removed with your Windows system "Add/Remove" function.
Antivirus XP 2008 Is a Pest 
The parasite might profile you web activities and may have installed itself onto your PC via a drive-by download. You can probably manually remove Antivirus XP 2008 yourself.
Antivirus XP 2008 Is a Minor Threat 
The parasite might profile you and other users of your PC, and Antivirus XP 2008 may send this data back to its parent server.
Antivirus XP 2008 Is a Medium Threat 
The parasite might profile you and other users of your PC, and Antivirus XP 2008 may send this data back to its parent server. Antivirus XP 2008 may be impossible to manually remove.
Antivirus XP 2008 Is a Threat 
The parasite might profile you and other users of your PC, and Antivirus XP 2008 may send this data back to its parent server. Antivirus XP 2008 may download and install more malware onto your PC, and Antivirus XP 2008 may be impossible to manually remove.
Antivirus XP 2008 Is a Minor Danger 
The parasite may profile you, log every keystroke you make, and take snopshots of your computer activity. Antivirus XP 2008 may also be difficult to manually remove.
Antivirus XP 2008 Is a Medium Danger 
The parasite may profile you, log every keystroke you make, and take snopshots of your computer activity. Antivirus XP 2008 may download more malware and also be very difficult to manually remove.
Antivirus XP 2008 Is a Danger 
The parasite may profile you, log every keystroke you make, and take snopshots of your computer activity. These logs may be sent to anonymous attacker, and Antivirus XP 2008 may download more malware. Antivirus XP 2008 may be very difficult to manually remove.
Antivirus XP 2008 Is a Major Danger 
The parasite may track all of your computer activity, and Antivirus XP 2008 may allow a hacker to access your PC. Antivirus XP 2008 may pipe more malware into your computer, and may disable your anti-spyware or anti-virus software. Antivirus XP 2008 may be very difficult to manually remove.
Antivirus XP 2008 Is an Extreme Danger 
The parasite may track all of your computer activity, and Antivirus XP 2008 may allow a hacker to control your computer. Antivirus XP 2008 may pipe more malware into your computer, and may disable your anti-spyware or anti-virus software and firewall, and block your access to anti-spyware sites. Antivirus XP 2008 may be very difficult to manually remove.
June 28th, 2008 at 8:36 am
The version of Antivirus XP 2008 I just removed had several variations that may be new:
Some registry keeys were “antivirus xp” rather than “xp antivirus”
June 29th, 2008 at 5:32 am
I’ve been wasting all night trying to get rid of AntivirusXP 2008 and you have been of no use. I know i’m not computer savvy so is there someone out there who can get rid of the mother fucking antivirusxp for me? Please help me. Forgive my french but I’m at the end of my rope. It’s not your fault.
July 7th, 2008 at 12:39 am
I am trying what you said but when I try to check my email it blocks me. So far it is letting me type this message to you. I wish we could sue this company for attaching a virus to our computer. This seem like an invasion of privacy as well as trying to manipulate you into buying their product. With the headache they have caused no one will ever want to do business with them. If I don’t get rid of this virus I am going to take the chip out of my motherboard and start over. One good thing though, it only effects the computer you may have downloaded on. I was trying to download microsoft word and I got the virus.
July 7th, 2008 at 4:10 pm
hello people, one friend of mine got an Antivirus 2008, I will try to take it out manually… but the best solution to get rid of any viruses is to format the system, so reinstalating the windows… good luck :D
July 8th, 2008 at 9:42 pm
I really wish the FTC would sue these guys, stat!
July 8th, 2008 at 9:44 pm
PS..I had some luck suspending the popups (but not getting rid of it altogether) with a program called Process Explorer
July 10th, 2008 at 10:00 am
Once you have the virus deleted you will notice you are missing the Screensaver and Background Wallpaper TABS in Display Properties. This will prevent you from removing that annoying message or the modified Wallpaper. Here is how you get the TABS back to be able to get rid of the message or stupid Wallpaper:
Manual Steps Using Windows XP Registry…….. be careful
1. Click Start and then Run.
2. Type regedit in the Run dialog box & Click OK.
3. Navigate to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
4. Right-click NoDispScrSavPage to select Modify.
Change the value to 0.
5. Do exactly the same with the NoDispBackgroundPage entry
6. Go out of the Registry and Restart your Computer
*************************************
In Addition this Viral Abomination also goes and disables your System Restore Options
Here are Instructions to correct this:
1. Go to the System Registry (Start Run, type in: regedit and click OK)
2. Highlight My Computer, then under Edit in the File Menu select Find
3. Type RestoreOpenIsSafe and click on Find Next
4. At the Fist Instance of the Entry, Right-Click on it and select Modify………. change the value to 1 (if it is not 1 already, Click OK, then press the F3 Button to search for more of the same Entry
5. At the 2nd Instance of the Entry, do the same
6. There should only be 2 Instances of the Entry but to make sure that you press F3 again and modify any additional Instances of the Entry until you are through the Registry.
7. Go out of the Registry and Restart your computer.
Now your Restore Systems should work again.
Regards
Rudi Geldenhuys
Legal Easy CC - Computer Consultants
Gauteng Province, South Africa
July 10th, 2008 at 1:25 pm
I found that Sophos, Norton, SpyBot, SpyHunter, etc did not find/fix this virus. However I found I could fix it manually. This is what I did to get rid of it:-
1. Directory list C:\WINDOWS\system32 and sort by date to look for files created since the infection began. In my case there were three suspicious ones:-
blphcv76j0e76a.scr
lphcv76j0e76a.exe
phcv76j0e76a.bmp
Notice that part of the file name is common to all of them (cv76j0e76a). Delete these files.
2. Run msconfig, click on the startup tab and untick the startup for the virus .exe file (in my case lphcv76j0e76a.exe)
3. Restart your computer.
4. Check that the virus files above have not come back. You may also need to reset the wallpaper in Control Panel Display settings.
5. Run regedit and search for items containing the “common” name (cv76j0e76a). You should find at least two (the screensaver and the startup register). Delete the items found from the registry.
6. Restart your computer again.
7. Check that virus has gone, then create a System Restore point using the options in “Help and Support”
8. Job done!
July 12th, 2008 at 10:15 am
to: Fix it Manually
Thanks a lot for that info. Among the solutions listed above, yours was really effective. Keep it up! Again, thanks.
July 12th, 2008 at 10:57 am
Similar to what Fix it Manually said, I also found out that many antivirus softwares don’t even work for this virus. I followed his steps and I just want to make a more detailed procedure from what he stated.
1. Go to directory list C:\WINDOWS\system32 and sort by date to look for files created since the infection began. In my case there were three suspicious ones:-
blphc1f1j0ev7l.scr
lphc1f1j0ev7l.exe
phc1f1j0ev7l.bmp
Notice that part of the file name is common to all of them (c1f1j0ev7l).
You cannot delete these files immediately because it is still running on your computer so proceed to step 2.
2. Run msconfig, click on the startup tab and untick the startup for the “virus”.exe file (in my case lphc1f1j0ev7l.exe)
3. Restart your computer.
4. This is the time you will continue with step 1. Go to system 32, arrange files by date modified and delete the files with the common name (mine is c1f1j0ev7l).
5. Check that the virus files above have not come back. You may also need to reset the wallpaper in Control Panel Display settings.
6. Run regedit and search for items containing the “common” name (c1f1j0ev7l). Here’s an easy step: On the first panel, click My Computer. Click Edit from the menu bar and click Find.
Type the common name and the computer will automatically show the files containing the common name. You should find at least two (the screensaver and the startup register).
Delete the items found from the registry.
7. Restart your computer again.
8. Go to My Computer, Drive C, Program Files. Arrange icons by Name, then on the folders beginning with “R”, delete the one with the unusual name (on my case, rfstp30hdgjl). This folder contains
the Antivirus XP 2008.
9. Go to Start, All Programs, and right click “Antivirus XP 2008″, this time, it’s safe to delete it.
10. Go to Control Panel, Add/Remove Programs, then remove Antivirus XP 2008.
11. Finally, remove all contents of the recycle bin.
12. Restart your computer and you can now get back to work!
Hope this helps a lot for freshers in manually removing virus and other malwares. Thanks a lot to Fix it Manually.
July 13th, 2008 at 1:44 pm
My wife just got this. I checked the URL and found it was just purchased 7/10/2008, yet they claim to be in business for 7 years. Also, they must have changed the file and process names because I tried the removal technique and could not find those files.
The URL is http://www.antivirxp08.com
July 13th, 2008 at 5:10 pm
A simple solution to get task manager back if it blocks you out of it is simply to:
1. Navigate to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
2. Delete DisableTaskMgr or set it’s value to 0.
3. Immedeatley after, right click either policies or system and go to permissions.
4. Disallow any access to Administrators.
5. Press Ok or Apply.
Ctrl+Alt+Del to get the task manager and stop this virus.
After you clean everything off, be sure to go back and re-allow the permissions.
You will likely have to be under the administrative account for this to work.
July 13th, 2008 at 5:15 pm
I went through the instructions given by “Fix it Manually” and Rudi Geldenhuys and have managed to remove this nasty piece of software from my computer. It is now back to normal! Thanks guys :)
July 15th, 2008 at 7:35 pm
This appears to have worked for me. Step 1 is key as it appears that the file names are different for each instance but at least in my case they appeared to have the date when the infection occurred.
July 19th, 2008 at 3:03 pm
thank you for the instruction of manuel removal, it was the only way to remove it all.
Not all the files in the instruction were there, but when i acces to de reg edit it was very easy to remove the program fron the control panel and the active proces
Thank you very much.
with that “antivirus XP “2008″ my PC did not work at all it was always visible the advertisement an the warning in the screen and as a wallpaper.
An by the way the antivirus XP 2008 erase all the control points of the sistem and i couldn’t restore the sistem to a previous date.
thank you
July 20th, 2008 at 9:35 am
I got this crap too but mine was in a folder called rhcenvj0e13c . Thank You to Rudi Geldenhuys
Legal Easy CC - Computer Consultants
Gauteng Province, South Africa…….. your reg edit got my desktop back and all the tabs back in the settings menu.
July 22nd, 2008 at 8:32 pm
tks for destroy 4 years my work. Tks a lot!!
July 24th, 2008 at 12:21 am
Wow! Everything is back to normal. My only concern is that that the the 2 files (lphc9v6j0e3f9 & rhccv6j0e3f9″ are still in the System Configuration Utility Startup. I can’t get rid of them.
Anyone else have this situation?
Thanks
July 25th, 2008 at 6:30 am
Thanks to the information on this site, I was able to remove this virus from my sister-in-law’s computer. One thing I did not see mentioned; there was a file with a name like setup69.exe lurking in her user area. When I searched the entire system on that name, a reference to some kind of pre-fetch file or area also came up (sorry, I should have taken notes). Anyway, until I deleted them, IE’s home page setting wouild be set to the antivirusxp08 web site, which would and download the virus back into the computer and we’d start all over again.
Hope these guys burn in hell.
Again, great web site…thanks.
July 25th, 2008 at 3:21 pm
I dont think you guys are cleaning your machines… at least for the new version of this junk.. I would like to see if you run gmer do you see a root kit? no one is talking about the root kit that you have to del in safe mode.
July 26th, 2008 at 10:17 am
I have been able to delete all necessary files regarding antivirus xp 2008 but ca not get rid of the popup that says computer is infected etc any ideas?
July 26th, 2008 at 7:03 pm
^&*^#*!!!!!!
What a nasty piece of software - thanks for the instructions on how to remove the sucker and also get my dekstop back to normal. I really should do my ‘research’ surfin’ inside a VM from now on - served me right I suppose.
THe only leftover bit is the registry key that I cannot delete. Tried it in safe mode to no avail as the permisisons keep resetting. This machine will get an eventual rebuild I suspect.
thanks again
July 28th, 2008 at 9:20 am
Thanks for the info on how to remove this crap. All of it was extremely helpful and easy to follow (especially since I am illiterate when it comes to the workings of computers). My folders were labeled as follows:
blphcgfkj0eg3p
rhclfkj0eg3p
phcgfkj0eg3p
Thanks again! You all saved me from having to buy a new computer (at least for now)!
July 30th, 2008 at 6:04 am
thanks for the info easy to do and now i can game without the stupid annoying pop ups thanks again and keep up the good work..got this from and email..very annoying thanks again
July 31st, 2008 at 3:15 pm
It is so bad on my moms computer that I can not get to the run screen. All things on my start up are gone. I got to the internet by accident - how can I get ridof this when I can not use my task mnngr or even get to run?? Please help us.
August 6th, 2008 at 10:51 pm
I would like to thank you, especially to Rudy Geldenhuys and Fix It Manually. Your writing has helped a lot. Thanks for sharing your expertise…
August 10th, 2008 at 8:54 pm
[...] XP Antivirus 2008 Removal Instructions (XP Antivirus 2008) - MS Windows Vista Compatible Software Remove Antivirus XP 2008 (Removal Instructions) 411-Spyware.com __________________ Chappaquiddick 1 - Dick Cheney [...]
August 13th, 2008 at 8:20 am
Hi,I did a search on the forum and someone else had this same problem. Unfortunately their thread didn’t help me any. So am posting a new thread.
Here’s the problem:
1. I uninstalled the Antivirus XP 2008 using the malware removal software, but now I still cannot access any antivirus sites like norton or mcafee, when i click on links from a google search I am directed to unrelated pages trying to sell me stuff. Wheneve I do a google search and the result page comes up, all the result links get redirected to different unrelated sites (usually ad sites,) when I click on them.
I fear that my hard drive has been damaged, and the problems with the internet lead me to believe that either there is still a virus on my system which is an excellent hider, or these are the after-effects of the virus which need to be fixed.
I have downgraded from IE7 to IE6. Still it behaves oddly.
2. In Task Manager i cannot see the user name… its completly blank. ( not sure if this is because of the virus).
Please help! I have no idea how to fix these problems, short of doing a clean reinstall of XP
cheers
Kriativp
August 13th, 2008 at 6:09 pm
I’ve tried all the fix it manually and Rudy’s tips. It all went well but in my task bar there is still this X icon saying my computer is infected bla bla bla… i can’t get rid of this. and if i accidently click it either right or left click, it will dload all over again the stupid antivirus XP 2008. urrhhh im so tired. and i cant repair my wallpaper eventhough ive tried rudy’s tip. did i get it wrong? when i search the RestoreOpenIsSafe (no.4) nothing appeared. HELP me!!! thanks :p
August 15th, 2008 at 11:24 am
There are a number of Rogue Trojans doing the same thing. They are Antivirusdoc-scanner.net, Antivirusdoc.net, Systemantiviruspro.com, Websurfsecure.com and Systemantiviruspro-scanner.com. The idea is to scare people into buying their software which does nothing. It also redirects both IE and FF to their download as well as any MS downloads to it’s site as well as disabling IE Update. In addition, it changes your background and screen saver. Lastly, it disables the Restore software. That’s what i have found so far.
There is a fix for the DNS redirection it is SmitFraudFix, it fixes the root. It fixes the root file. Boot into safe mode run SmitFraud and use option 2. Click on yes when asked. Then reboot under safe mode and go to C:\Docs & Settngs\User\local Settings\Temp…remove all files. Then go to C:\Windows\Temp and remove all files.
You’ll still have Restore problems and IE update problems but not the DNS redirect.
cdwy
August 15th, 2008 at 12:06 pm
OMG, this is driving me mad. I can’t get to taskman or control panel. I did a search from Explorer and no files are coming up. Even the DLL’s can’t be access much less Regedit… It sort of seems like a newer version of this rogue. Any help?
August 15th, 2008 at 2:13 pm
Thanks so much to: Someone and Fit it Manually.
And also to Google for finding me this forum.
Never come across something like this.
CHEERS!
August 18th, 2008 at 4:09 pm
I am ready to freak out. I have tried everything under the sun (including this) to remove Antivirus XP 2008 from my computer and NOTHING is working. I keep getting a message every 10 goddamn seconds that says “Security Alret” 638 virus’ detected and it WON’T go away. I tried everything step by step in this site, but it did not work. Can ANYONE out there help me? I cannot do anything with my laptop without those annoying antivirus shits pop up. The thing is, I did not even sign up for this or anything… I think I accidentally clicked on it and got into a world of shit. I feel like calling up someone and complaining and getting my computer fixed for free.
August 19th, 2008 at 1:40 pm
Erica, i’m so sorry to hear that, as this website states there is a level of severity that you can get from this virus. I was quite lucky and didn’t get it as bad. I am unsure what you should do. It may be best that you consult a professional, prehaps an online computer software engineer or a local shop that repairs computers. The only other thing you could do is totally wipe you’re computer. This may cause you to loose all your files if you are unable to back them up on a CD or USB stick.
As for others, after the process of getting rid of it, please make sure to delete all cookies and try a virus scanner/destroyer free from moneysavingexpert’s website.