Question:

AntivirusXP08 - How do you get rid of it ?

by  |  earlier

0 LIKES UnLike

There have been a number of questions already but none of the suggested remedies work.

At the moment the evil little b@stard is actively blocking any attempt to download any malware removers - managed to get RogueRemover down but it just stomped all over that. Mind it waltzed past a Norton firewall to get in.

Also blocking any attempts to contact any support (including Microsoft)

Doesn't appear to be doing anything nasty but you can't move without some crappy message coming up.

 Tags:

   Report
Answer The Question I've Same Question Too

7 ANSWERS

Sort By: Date  |  Rating

  1. Seeing as thought you cant get on the net very easily here ar instructions for your own removal pretty easy. Also if you have a firewall block internet access just to be sure

    Step 1: Open Task Manager And End The Infecting Processes

    Right click on the task bar and select the task manager, go to processes tab and end following process if found running(please note down the path)

    lphc9u2j0ejde.exe, and

    rhccu2j0ejde.exe (this is the process for antivirus xp software)

    please not the actually name in you list may very, so you may want to kill any process name starting with lphc or rhc. Just remember even if you make mistake by closing wrong process you can always restart you system.

    Step 2: Delete The Infecting Programs

    Find the files whose process you just closed(& path noted above), and either rename them or delete them.

    They are usually found at following locations

    C:\windows\system32\lphc9u2j0ejde.exe,

    c:\windows\system32\blphc9u2j0ejde.scr... (updated on 28th july) and

    C:\program files\rhc75dj0e1an\rhccu2j0ejde.exe

    Once you delete these two files you effectively removed the virus, but now we have to remove the side effects.

    Also found pphc5u2j0ejde.exe, so anyone doing this should look for files similar in nature. the jOejde.exe part on the end is the same but the beginning may be different

    Step 3: Open msconfig To Clean Start Programs

    Click ’start’->run and type ‘msconfig’ in run window. This will open system configuration utility. If you get any warning or the msconfig window closes automatically then you should check out “How to stop regedit, taskmanager or msconfig from closing automatically“.

    Click on startup Tab, and uncheck the boxes in front of “lphc and rhc” files as shown in figure, and click apply.

    Let’s now do a cold boot of the system(basically press the reset button on your PC). Wait for computer to boot again.

    Step 4: Change Group Policy To Restore Wallpaper

    Click ’start’->run and type ‘gpedit.msc’ in run window. This will open Group policy.

    Now navigate to User configuration -> Administrative Templates ->Control Panel-> Display.

    Finally double click on following items to open properties window and change the setting to disabled.

    Remove Display in Control Panel

    Hide Desktop Tab

    Prevent changing wallpaper

    Hide Appearance and Themes tab

    Hide Settings tab

    Hide Screen Saver tab

    Check the picture above for more detailed view.

    This will allow you to change the wallpaper back to normal.

    Please also check the alternative suggested by itzel in comments below, in case you don’t have gpedit on your system.

    Step 5 : Change Screen Saver

    You will need to change the screen saver from “blphc9u2j0ejde” to something else

    hOpe it helps. Finally download Malwarebites antimalware to get rid of anything else

    http://www.download.com/Malwarebytes-Ant...

    Download, install, update and select Quick Scan.

    Remove all infections that it finds after scan


  2. ah, you've got that too? i recognise that name. posing as a decent program. started off as a pop-up, then uh, it installed itself, and changed my background. it keeps on messing up my internet sessions. i had spybot search and destroy before i got it and it says it's fixed the problems but they keep on coming back. i think the whole pop-up thing came off limewire in my case.

    unfortunately at present i am on another computer several hundred or thousand miles away from mine, so i cannot figure out a way to deal with it. i will try later, and if i can figure it out, will message you.

  3. One of our computers did get this one.  It's nasty.

    I was able to get it cleaned with this 3 part procedure:

    This is a BAD program that installs many files onto your computer and reeks havoc.

    http://www.symantec.com/norton/theme.jsp...

    There are 3 things that you need to do all 3

    below A, B, and C.

    These tools do an EXCELLENT job, and the "home' versions are FREE to the public.

    (The business versions you should purchase)

    A.

    Avast free Home Edition

    Get it here:

    http://www.avast.com/eng/avast_4_home.ht...

    And please do a "thorough" scan as soon as you get it downloaded. The user interface is simple. Click the left side, and in the top menu that comes up, select thorough scan.

    When it finds a culprit it throws up an alarm, then you DELETE the culprit, (do not quarantine).

    Then allow it to run all of the time, and you will be completely protected. It will "automatically" update itself, also for free.

    You only need to renew your registration once a year, also free.

    Note: I KNOW of several people who have used AVG and Norton and have gotten a virus anyway.

    Don't go with Zone Alarm as it is hoggy and conflicting.

    I've tried them all, and have had wonderful results with DEPENDABLE AVAST for the last 5 years.

    The corporation I work for uses the Pro version, and has never has an incident. Avast is your answer.

    B.

    Get free Ad-AWARE spy-removal tool from Lavasoft

    http://www.lavasoftusa.com/products/ad-a...

    1. Download, install and run this program weekly or more.

    Then you can be really confident that you are protected at all times.

    C.

    Perform a system restore to a time BEFORE the infection. Got to START > Programs > Accessories > Systems Tools > System Resore >

    follow the prompts and select a date and time before the infection >

    Restart your computer

    ^j^♥

    It takes time to answer your question properly

    Take time to rate


  4. I hated that stupid little adware.  The link I'm providing took care of it.  Windows Defender and Symantec Endpoint Protection both noticed and said they deleted, but it kept coming back.

    The Malwarebytes program worked perfect.  It took a while for the scan to complete, but the spyware went away and no longer showed in either Defender or SEP.

  5. AntiVirXP08, or Anti Vir XP 08,AntivirusXP2008, Antivirus XP 2008 is the latest rogue antispyware program. AntiVirXP08 is a clone of XP Antivirus or WinAntivirusPro. Usually AntiVirXP08 infection can come after fake video codec installation that can come with Trojan, malware or virus inside. AntiVirXP08 will generate misleading system popup, error messages and scan reports to trick user into buying AntiVirXP08 "full" version.

    It is very important to delete all AntiVirXP08 components to prevent damage to hardware. Do not trust any fake messages that AntiVirXP08 shows and remove it as soon as possible! To effectively delete AntiVirXP08 files www.Pcthreat.com have listed files for manual removal.

    http://www.pcthreat.com/parasitebyid-695...

  6. Have you tried these sites below?

  7. Remove Restrictions Tool:

    http://www.softpedia.com/progDownload/RR...

    Download from Softpedia Secure Download (RO), install, run and check all boxes then click Apply and then reboot. This tool re-enables what codecs/viruses have disabled.

    Wallpaper Hijacker Removal Tool:

    http://www.majorgeeks.com/Wallpaper_Hija...

    Note: You should hit all "Repair" buttons even though it may not say "Found!" This will fix a wallpaper hijack everytime if all repair buttons are pressed.

    Malwarebytes Anti-Malware:

    http://www.download.com/Malwarebytes-Ant...

    Download, install, update and select Full Scan.

    Remove all infections that it finds after scan.

    SmitFraud Removal

    Firstly, download the removal tool from here:

    http://siri.urz.free.fr/Fix/SmitfraudFix...

    How to use:

    http://cotojo.wordpress.com/2007/08/24

    Spybot S&D:

    http://www.safer-networking.org/en/downl...

    Download, install, update and Immunize, turn off Tea Timer then click 'Check for problems' then when complete select all and then 'Fix Checked'

    Spyware Doctor Free Basic Edition - Realtime monitoring:

    http://pack.google.com/intl/en/pack_inst...

    Its free with Google pack, untick all boxes except Spyware Doctor. Download install, update and run.

    SUPERAntiSpyware Free Edition:

    http://www.download.com/SUPERAntiSpyware...

    Download, install, check for updates, then select Scan your Computer, select your drive and select Perform Complete Scan

    VundoFix:

    http://www.symantec.com/content/en/us/gl...

    Disconnect your computer from the internet

    Run vundo

    Restart your computer

    Run the tool again to ensure no traces are left.

    If there are the reboot into Safe Mode and run FixVundo again.

    A-Squared Free:

    http://www.download.com/A-squared-Free/3...

    This is not a limited version but a full tool to clean your computer from Malware, Spyware, Trojans, Backdoors, Worms, Dialers and Keyloggers.

    How to use:

    http://cotojo.wordpress.com/2008/07/07

    Comodo BO Clean:

    http://www.comodo.com/boclean/CBO_downlo...

    Simply download and install, follow instructions on screen.

    Go here to see what it protects you against:

    http://www.comodo.com/boclean/trolist.ht...

    If the problem persists, turn OFF System Restore, Right click My computer > select Properties > System Restore Tab > Tick Turn Off System restore on all drives and scan with the above programs in Safe Mode - tap F8 during boot before Windows splash screen and select Safe Mode.

    After scans are complete and machine is clean remember to turn system restore back ON and create a new restore point.

    Once your scans are complete and your machine is clean, uninstall some of the programs, I suggest that you keep Malwarebytes for manual scanning, Spyware Doctor for realtime monitoring and Spybot. The remainder can be removed to save drive space, but you may want to keep the installers for future use.
You're reading: AntivirusXP08 - How do you get rid of it ?

Question Stats

Latest activity: earlier.
This question has 7 answers.

BECOME A GUIDE

Share your knowledge and help people by answering questions.
Register Now