Home » Fake Antispyware » Antivirus XP 2008

Antivirus XP 2008 Removal Guide

Threat Level:
9/10
Rate this Article:
Comments (0)
Article Views: 2185
Category: Fake Antispyware

There are many ways for rogues such as Antivirus XP 2008 to arrive at your computer. In this case, the rogue antispyware application is being promoted and advertised via Trojans and other types of malware. In general, such infections can spread via spam email or social engineering. When you receive an email message from an unknown sender that is absolutely random, you should not open an attachment if there is one, or try and click on the link that is embedded on the message. It is very likely that you would end up being infected with Antivirus XP 2008 eventually.

Also, there are a lot of fake security alerts on the websites that you visit on daily basis, so if you click on any of these ads it is also possible to get infected with Antivirus XP 2008. In a nutshell, you would save yourself a lot of trouble by not clicking anywhere. However, even if you apply all the safety measures, rogues like Antivirus XP 2008 can still enter your system, because they don’t need to prompt you about the oncoming infection, and you will become aware of it only when the rogue’s interface pops into your screen.

Actually, Antivirus XP 2008 looks like a legitimate program, because it copies the color scheme and logo of official Windows products. For users who are not very much computer-savvy Antivirus XP 2008 can definitely seem reliable, especially as it launches a full system scan and finds a lot of viruses, giving description, level of threat and status. It says “Alert! Your system is infected!” and then offers to Remove Viruses. Don’t miss the golden tab at the left bottom corner of the interface which “Get Maximal Realtime Protection with Antivirus XP 2008”.

It implies that you would need to pay for the activation or the registration of this program in order to acquire this ultimate real time protection. That is absolutely out of question, because if you pay, you would reveal your credit card number, expiration date and the CVV2 to a third party thus giving a key to your bank account to cyber criminals. Of course, it is understandable that you would want to remove these parasites from your computer that are slowing down your system a great deal, but the truth is that the only thing slowing your computer down is Antivirus XP 2008 itself.

Your problems will be gone if and when your remove Antivirus XP 2008. Acquire a legitimate antimalware tool that will terminate the rogue and will help you to look for other malicious threats in your system, because Antivirus XP 2008 seldom comes alone.

Download Malware Scanner to detect Antivirus XP 2008*
Tested Antivirus XP 2008 removal solution for 64/32-bit Windows 7/Vista/XP/2000
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter.

Antivirus XP 2008 Screenshots:

Antivirus XP 2008

Antivirus XP 2008 technical info for manual removal:

Files Modified/Created on the system:

# File Name File Size (Bytes) File Hash
1lphcrw3j0e5e5.exe199168 bytesMD5: 4740615d379ec65e77d6414c1e9de9ca
2ave.exe200192 bytesMD5: f3daefe27408c203ef4a4c19f06039e3
3lwpwer.exe, empa.exe1189857 bytesMD5: c91ef4d73d64d00663c04adf19b5782b
4rhca9fj0e7jr.exe9457664 bytesMD5: 83259ea84925f23ce43f526c0fc4d24b
5%ProgramFiles%\rhcn7cj0ea59
6Register Antivirus XP 2008.lnk
726scan[1].exe
8ieupdates.exe
9lphcef9j0e15r.exe110080 bytesMD5: 158da82d501be7e394b0327bcff04981
10pphcr66j0e11c.exe
11rhcg2sj0ep0c.exe831488 bytesMD5: 0f79fbdbcf2a416d1831570f461f8240
12pphc38wj0e7er.exe
13lphc110j0e78a.exe134144 bytesMD5: 765f909fc1b15d20796cfa467bcafc57
14Antivirus-2008.exe1075712 bytesMD5: aa8ea9ef0820268d9246ff3d3d5422ac
15rhcn7cj0ea59.exe9457664 bytesMD5: e41af37d5cd6508107efb81784f77e59
16vma.exe182784 bytesMD5: a409477352916aac173b02b747151b7f
17antiviirus.exe10240 bytesMD5: f811c4377332c81fde4e4dfa1c6d5ea0
18pphcvmfj0e5a1.exe
19wav.exe325632 bytesMD5: 4fbc16d94ea226f7278e294e0044b2b0
20AntvrsInstall[1].exe60416 bytesMD5: fcfb95b95b2812bd93aff08e0e608667
21AntivirusXP2008.exe1671168 bytesMD5: 3c23036f83013ced69398c50c1d8cc46
22scan16085[1].exe195072 bytesMD5: 0c575193d1a1344f01b844b7911ff716
23av2008xp.exe1227264 bytesMD5: 04a76850419d15ed8f713a38d8e55865
24yayxuRJc.dll321792 bytesMD5: 08a133614055caf4cd5f2afd77e36e5c
25Antivirusgolden 4.0.exe1953792 bytesMD5: cf5a5c661b9cb6fce5cc92ac6f906c16
26pphcn3jj0epf7.exe
27rhcn7cj0ea59Skin.dll8245248 bytesMD5: 317bbd8489a60112cf4958f40cf040d1
28antivirus-2008pro.exe1231064 bytesMD5: 4c372f908aa1abc8b7184c49f1ac089c
29rhctp3j0en6c.exe
30lphca80j0e11g.exe130048 bytesMD5: c0776ab5d08df451897670752548f95b
31xpa2008.exe1056256 bytesMD5: 6a616e48b6bdbf0796a5a598fe5aef9b
321scan31[1].exe
33pphcn4nj0e58t.exe
34scan[1].exe60928 bytesMD5: a45e0c5d415f7a9ce0eed56d177e40ed
35pphcjuej0en4o.exe
36vvunbwrhxa.exe132096 bytesMD5: f6eca74cd80fe171003f71a5aede2ff4
37rhcn7cj0ea59.exe.local
38av[1].exe462848 bytesMD5: d4ddb37ef8f171406e117d3dc7d99f6f
39AntivirusGolden.exe2273280 bytesMD5: 471977806c4ceba71cbe040885b200a8
40rhc13bj0e73j.exe831488 bytesMD5: f1692980a3ab58a22b33442cfd8f9c23
41lphcg1gj0er7r.exe110080 bytesMD5: f5624d97a72e252d1fa252edc1fab213
42Setup_trsupersolution-freeantivirus_com[1].exe199168 bytes
43lphcjosj0e9e5.exe114176 bytesMD5: 1f07bc3c130b2ccd952c01588e3fdc6f
44lphcj7cj0ea59.exe110080 bytesMD5: d85e0a81c0c3665f36c17ed001f578c1
45%AppData%\rhcn7cj0ea59
46AntivirusXP.exe1512960 bytesMD5: d30b70479b5949ede657231ecd974aa4
47lphcj7cj0ea59.exe,26scan[1].exe,642292000.exe203776 bytesMD5: 619fab63e1a12f2cf948e812131dce04
48How to Register Antivirus XP 2008.lnk
49.tt89.tmp1589014 bytesMD5: 626018abdf88b5134601723c9b6bde47
50lphcjc8j0ec35.exe199168 bytesMD5: 609e59d17a35e514caea543868134d7a
51pphcruaj0e355.exe
52pphc1q9j0e5vc.exe
533.exe827392 bytesMD5: 1fc7d7591e0edcad45565ccda51a4528
54.tt7.tmp.exe1603919 bytesMD5: 07a690fe30506a1a1a4e4f997d044dd4
55imod3.dll
56642292000.exe
57pphcahoj0ercl.exe106496 bytesMD5: 69534bea316938567b5c53e697d21222
58Antivirus XP 2008.lnk
59rhcpwqj0ej27.exe, rhce80j0e11g.exe9457664 bytesMD5: 30e26e1a6a81503bd3c6008486386ca1
60lphcc3qj0eacl.exe, lphce9fj0e7jr.exe110080 bytesMD5: d6c2a10553c213e9ede4f62137e45338
61xpa_2008.exe1050624 bytesMD5: 8130d8a90b89b07f52f321c1b8f89379
62pphc1kdj0elbj.exe
63%AllUsersProfile%\Start Menu\Programs\Antivirus XP 2008
64wscntfy.exe30408704 bytesMD5: f95cbc60e79ae4f0e9efdc1a4d3819ae
65rhcgedj0ep8l.exe
66lphccn4j0eadc.exe110080 bytesMD5: 00fe0f3086a6e4297f901f60516de0a6
67Antivirusgolden 3.8.exe2080768 bytesMD5: 2ff9e315a9b6d340b2daa6e4ee8d03d6
68pphc31wj0e9ea.exe
69AntvrsInstall.exe52224 bytesMD5: 4a574021ce73bdade5281b52ef667f72
70lphcgl5j0en59.exe35328 bytesMD5: 2913d35231da4c43a380e10a6c0e6643
71pphcj7cj0ea59.exe94208 bytesMD5: 43b4f1d85a9ae77a818b4ffec7984247
72rhcg4kj0e98e.exe
73SetupAntivirusXP[1].exe804864 bytesMD5: bf5de889078aafe7af90d5d5e176db6a
74Antivirus-Golden.exe2273280 bytesMD5: 03b478b848cea9282dc964dfd10ee8e0
75Antvrs.exe878592 bytesMD5: 650a6cb1433b764e27ea59d2eca999a3
76lphc395j0ee2a.exe110080 bytesMD5: 7ce64667732234eca965e01c4d0106a2
77bpphcj7cj0ea59.exe106496 bytesMD5: 83eae4fc14acd18de28b313c821ca235
78MSASCui.exe183808 bytesMD5: 912cfea4c8420146d77900a115c07097
79Antivirusgold 4.1.exe1994752 bytesMD5: 43285e38f15090960a3ff09ff2a5803a
80lphcrkkj0erbr.exe110080 bytesMD5: 0d0d2b357df5205bbce414e514be6b7e
81lphc748j0elfp.exe110080 bytesMD5: 715b63c8e14e093ab269f665a0e88bdb
82av.exe178688 bytesMD5: 5f966fac2df8730c9db4b0f4f6ee4238
83.tt5E.tmp.exe1606431 bytesMD5: 0ac13469fe7054790800fd8e24d8c5df
84setup_1_1_[1].exe69120 bytesMD5: 698dee2006883c23b3b7abcc29facc1f
85vav.exe325632 bytesMD5: 4f94513287f9f829d4ef2b0bd177bd5e
86lphc1tgj0e5e9.exe110080 bytesMD5: ce564d30ec9bbbc8278661b54f9a16db
87pphclpmj0e73r.exe
88lphcj7cj0ea59.exe,04scan[1].exe,584289103.exe152576 bytesMD5: 17aa05f3c70e113770e62d4875c13c0d
891450345358.exe
90lphcc65j0e909.exe203776 bytesMD5: cd55078e05ec97707836e982a88336e9
91av2008xp.exe,Install_1_1_[1].exe1233920 bytesMD5: 18db68b9045c0fe8096e0e46c95cb365

Files in the following directories were modified:

  • %ProgramFiles%
  • %AppData%
  • %AllUsersProfile%\Start Menu\Programs

Memory Processes Created:

# Process Name Process Filename Main module size
1lphcrw3j0e5e5.exelphcrw3j0e5e5.exe199168 bytes
2ave.exeave.exe200192 bytes
3lwpwer.exe, empa.exelwpwer.exe, empa.exe1189857 bytes
4rhca9fj0e7jr.exerhca9fj0e7jr.exe9457664 bytes
526scan[1].exe26scan[1].exe
6ieupdates.exeieupdates.exe
7lphcef9j0e15r.exelphcef9j0e15r.exe110080 bytes
8pphcr66j0e11c.exepphcr66j0e11c.exe
9rhcg2sj0ep0c.exerhcg2sj0ep0c.exe831488 bytes
10pphc38wj0e7er.exepphc38wj0e7er.exe
11lphc110j0e78a.exelphc110j0e78a.exe134144 bytes
12Antivirus-2008.exeAntivirus-2008.exe1075712 bytes
13rhcn7cj0ea59.exerhcn7cj0ea59.exe9457664 bytes
14vma.exevma.exe182784 bytes
15antiviirus.exeantiviirus.exe10240 bytes
16pphcvmfj0e5a1.exepphcvmfj0e5a1.exe
17wav.exewav.exe325632 bytes
18AntvrsInstall[1].exeAntvrsInstall[1].exe60416 bytes
19AntivirusXP2008.exeAntivirusXP2008.exe1671168 bytes
20scan16085[1].exescan16085[1].exe195072 bytes
21av2008xp.exeav2008xp.exe1227264 bytes
22Antivirusgolden 4.0.exeAntivirusgolden 4.0.exe1953792 bytes
23pphcn3jj0epf7.exepphcn3jj0epf7.exe
24antivirus-2008pro.exeantivirus-2008pro.exe1231064 bytes
25rhctp3j0en6c.exerhctp3j0en6c.exe
26lphca80j0e11g.exelphca80j0e11g.exe130048 bytes
27xpa2008.exexpa2008.exe1056256 bytes
281scan31[1].exe1scan31[1].exe
29pphcn4nj0e58t.exepphcn4nj0e58t.exe
30scan[1].exescan[1].exe60928 bytes
31pphcjuej0en4o.exepphcjuej0en4o.exe
32vvunbwrhxa.exevvunbwrhxa.exe132096 bytes
33rhcn7cj0ea59.exe.localrhcn7cj0ea59.exe.local
34av[1].exeav[1].exe462848 bytes
35AntivirusGolden.exeAntivirusGolden.exe2273280 bytes
36rhc13bj0e73j.exerhc13bj0e73j.exe831488 bytes
37lphcg1gj0er7r.exelphcg1gj0er7r.exe110080 bytes
38Setup_trsupersolution-freeantivirus_com[1].exeSetup_trsupersolution-freeantivirus_com[1].exe199168 bytes
39lphcjosj0e9e5.exelphcjosj0e9e5.exe114176 bytes
40lphcj7cj0ea59.exelphcj7cj0ea59.exe110080 bytes
41AntivirusXP.exeAntivirusXP.exe1512960 bytes
42lphcj7cj0ea59.exe,26scan[1].exe,642292000.exelphcj7cj0ea59.exe,26scan[1].exe,642292000.exe203776 bytes
43lphcjc8j0ec35.exelphcjc8j0ec35.exe199168 bytes
44pphcruaj0e355.exepphcruaj0e355.exe
45pphc1q9j0e5vc.exepphc1q9j0e5vc.exe
463.exe3.exe827392 bytes
47.tt7.tmp.exe.tt7.tmp.exe1603919 bytes
48642292000.exe642292000.exe
49pphcahoj0ercl.exepphcahoj0ercl.exe106496 bytes
50rhcpwqj0ej27.exe, rhce80j0e11g.exerhcpwqj0ej27.exe, rhce80j0e11g.exe9457664 bytes
51lphcc3qj0eacl.exe, lphce9fj0e7jr.exelphcc3qj0eacl.exe, lphce9fj0e7jr.exe110080 bytes
52xpa_2008.exexpa_2008.exe1050624 bytes
53pphc1kdj0elbj.exepphc1kdj0elbj.exe
54wscntfy.exewscntfy.exe30408704 bytes
55rhcgedj0ep8l.exerhcgedj0ep8l.exe
56lphccn4j0eadc.exelphccn4j0eadc.exe110080 bytes
57Antivirusgolden 3.8.exeAntivirusgolden 3.8.exe2080768 bytes
58pphc31wj0e9ea.exepphc31wj0e9ea.exe
59AntvrsInstall.exeAntvrsInstall.exe52224 bytes
60lphcgl5j0en59.exelphcgl5j0en59.exe35328 bytes
61pphcj7cj0ea59.exepphcj7cj0ea59.exe94208 bytes
62rhcg4kj0e98e.exerhcg4kj0e98e.exe
63SetupAntivirusXP[1].exeSetupAntivirusXP[1].exe804864 bytes
64Antivirus-Golden.exeAntivirus-Golden.exe2273280 bytes
65Antvrs.exeAntvrs.exe878592 bytes
66lphc395j0ee2a.exelphc395j0ee2a.exe110080 bytes
67bpphcj7cj0ea59.exebpphcj7cj0ea59.exe106496 bytes
68MSASCui.exeMSASCui.exe183808 bytes
69Antivirusgold 4.1.exeAntivirusgold 4.1.exe1994752 bytes
70lphcrkkj0erbr.exelphcrkkj0erbr.exe110080 bytes
71lphc748j0elfp.exelphc748j0elfp.exe110080 bytes
72av.exeav.exe178688 bytes
73.tt5E.tmp.exe.tt5E.tmp.exe1606431 bytes
74setup_1_1_[1].exesetup_1_1_[1].exe69120 bytes
75vav.exevav.exe325632 bytes
76lphc1tgj0e5e9.exelphc1tgj0e5e9.exe110080 bytes
77pphclpmj0e73r.exepphclpmj0e73r.exe
78lphcj7cj0ea59.exe,04scan[1].exe,584289103.exelphcj7cj0ea59.exe,04scan[1].exe,584289103.exe152576 bytes
791450345358.exe1450345358.exe
80lphcc65j0e909.exelphcc65j0e909.exe203776 bytes
81av2008xp.exe,Install_1_1_[1].exeav2008xp.exe,Install_1_1_[1].exe1233920 bytes

Registry Modifications:

The following Registry Keys were created:

  • MICROSOFT\WINDOWS\CURRENTVERSION\RUN\AntivirusXP.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ lphcc65j0e909
  • RUNNING PROGRAM\pphcvmfj0e5a1.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ inrhcnvjj0epd5
  • SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\AntivirXP08
  • Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AntivirusXP
  • RUNNING PROGRAM\pphclpmj0e73r.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SMrhcn7cj0ea59
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ lphc1tgj0e5e9
  • Microsoft\Windows\CurrentVersion\Run\lphcj7cj0ea59
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SMrhcg2sj0ep0c
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ AntivirusXP2008
  • rhcn7cj0ea59
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ lphcjc8j0ec35
  • Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus XP 2008
  • Microsoft\Windows\CurrentVersion\Uninstall\rhcn7cj0ea59
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ inrhc11wj0e13t
  • RUNNING PROGRAM\.tt89.tmp
  • Microsoft\Windows\CurrentVersion\Run\SMrhcn7cj0ea59
  • AntivirusGolden 3.8
  • RUNNING PROGRAM\pphc1q9j0e5vc.exe
  • HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\s9201
  • Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C0D6625-1D9B-48FB-BFE6-0E796464E576}
  • RUNNING PROGRAM\pphcn3jj0epf7.exe
  • RUNNING PROGRAM\pphcn4nj0e58t.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SM3
  • Antivirus-Golden
  • Software\Microsoft\Windows\CurrentVersion\RunOnce "3P_UDEC"
  • AntivirusGolden 4.1
  • RUNNING PROGRAM\pphcruaj0e355.exe
  • AntivirusXP
  • AntivirusGolden 4.0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • RUNNING PROGRAM\pphc38wj0e7er.exe
  • RUNNING PROGRAM\pphcr66j0e11c.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SMrhcgedj0ep8l
  • RUNNING PROGRAM\pphcjuej0en4o.exe
  • lphcj7cj0ea59
  • SOFTWARE\Microsoft\Windows\CurrentVersion "rhcn7cj0ea59"
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SMrhcg4kj0e98e
  • SMrhcn7cj0ea59
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ lphcjosj0e9e5
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SMrhctp3j0en6c
  • RUNNING PROGRAM\pphc1kdj0elbj.exe
  • AntivirusXP2008
  • RUNNING PROGRAM\pphc31wj0e9ea.exe
  • SOFTWARE\Microsoft\Windows\CurrentVersion rhcn7cj0ea59
  • SOFTWARE\Microsoft\Windows\CurrentVersion\rhcn7cj0ea59

Reply

Your email address will not be published.

Name
Website
Comment

Enter the numbers in the box to the right *