Question:

I have a problem with the worm "Antivirus Xp 2008"?

by  |  earlier

0 LIKES UnLike

I have a problem with the worm "Antivirus Xp 2008" despite removing it completely. I followed all the instructions- http://www.2-spyware.com/remove-antivirus-xp.html. I even removed the spurious items from startup using "msconfig".

Also, I used the tool "Malwarebytes' Anti-Malware" to clean up the system. This is what I got at the end of scan - http://img301.imageshack.us/img301/9229/resultry0.jpg

So I restart the PC assuming everything's gone. But a CMD.exe suddenly opens & closes in a flash. So I check in my startup using "msconfig" & I suddenly see an "xhrpfqbr" file ticked apart from the previous incarnations of it in the list. Only the "xhrp.." thing was selected & I deselected it - http://img205.imageshack.us/img205/2023/startupkn3.jpg

So I run a scan again and malwarebytes, spybot & kaspersky say my computer has 0 virus/trojan/malware. I & Malwarebytes have removed every friggin instance of this program but still it somehow runs "CMD.exe" whenever I start the PC.What is wrong?

 Tags:

   Report
Answer The Question I've Same Question Too

10 ANSWERS

Sort By: Date  |  Rating

  1. Hi

    U Can Try THIS...............

    XP (Vista) Antivirus 2008 Removal Instructions (Antivirus XP 2008) .

    XP or Vista Antivirus 2008 Descriptions:

    XP Antivirus 2008, or Vista Antivirus 2008, or Antivirus XP 2008,  is one of the latest counterfeit antispyware that devastates the wolrd wide web. XP Antivirus 2008 usually come up after you installed a video codec or software patch that come with Trojan, malware and virus. XP Antivirus 2008 normally generates fake and misleading system popup error messages so end-users will be tricked into purchase XP Antivirus 2008, Antivirus 2008 or Vista Antivirus 2008.

    Antivirus XP 2008 image:

    Antivirus 2008 image:

    Vista Antivirus 2008 image:

    It is very important to remove all the components of of the XP Antivirus 2008 and all the malware and trojans that it might have come bundle with (such as zlob.trojan, trojan.vundo and Trojan.Downloader). To effectively remove XP Antivirus 2008, we have created a manual removal instructions which is easy to understand. As always, make sure you back up the data before proceeding. Good luck!

    Download SpyHunter* Spyware Detection Utility

    Manual XP Antivirus 2008 Removal Instructions:

    Unregister XP Antivirus 2008 DLL Files:

    (Learn how to do this)

    %ProgramFiles%\[RANDOM NAME]\MFC71.dll

    %ProgramFiles%\[RANDOM NAME]\MFC71ENU.DLL

    %ProgramFiles%\[RANDOM NAME]\msvcp71.dll

    %ProgramFiles%\[RANDOM NAME]\msvcr71.dll

    %ProgramFiles%\[RANDOM NAME]\shlwapi.dll

    %ProgramFiles%\[RANDOM NAME]\wininet.dll

    Stop XP Antivirus 2008 Processes:

    (Learn how to do this)

    vav.exe

    XPAntivirus.exe

    XPAntivirusUpdate.exe

    xpa.exe

    xpa2008.exe

    Find and Delete these XP Antivirus 2008:

    (Learn how to do this)

    xpa.exe

    vav.exe

    xpa2008.exe

    XPAntivirus.exe

    XPAntivirusUpdate.exe

    XPAntivirus.lnk

    Uninstall XPAntivirus.lnk

    XPAntivirus on the Web.lnk

    XP Antivirus 2008.lnk

    Uninstall XP Antivirus 2008.lnk

    %ProgramFiles%\[RANDOM NAME]\MFC71.dll

    %ProgramFiles%\[RANDOM NAME]\MFC71ENU.DLL

    %ProgramFiles%\[RANDOM NAME]\msvcp71.dll

    %ProgramFiles%\[RANDOM NAME]\msvcr71.dll

    %ProgramFiles%\[RANDOM NAME]\shlwapi.dll

    %ProgramFiles%\[RANDOM NAME]\wininet.dll

    %program_files%\rhc7nsj0e57c\mfc71.dll

    %program_files%\rhc7nsj0e57c\mfc71enu....

    %program_files%\rhc7nsj0e57c\msvcp71.d...

    antivirusxp2008installer.exe

    rhc7nsj0e57c.exe

    %common_desktopdirectory%\antivirus xp 2008.lnk

    %common_programs%\antivirus xp 2008.lnk

    %common_programs%\antivirus xp 2008\antivirus xp 2008.lnk

    %common_programs%\antivirus xp 2008\how to register antivirus xp 2008.lnk

    %common_programs%\antivirus xp 2008\license agreement.lnk

    %common_programs%\antivirus xp 2008\register antivirus xp 2008.lnk

    %common_programs%\antivirus xp 2008\uninstall.lnk

    %profile%\application data\microsoft\internet explorer\quick launch\antivirus xp 2008.lnk

    %program_files%\rhc7nsj0e57c\database....

    %program_files%\rhc7nsj0e57c\license.t...

    %program_files%\rhc7nsj0e57c\uninstall...

    %program_files%\rhc7nsj0e57c\msvcr71.d...

    %program_files%\rhc7nsj0e57c\rhc7nsj0e...

    %program_files%\rhc7nsj0e57c\rhc7nsj0e...

    antivirusxp2008installer.exe

    %program_files%\rhc7nsj0e57c\uninstall...

    %program_files%\rhc7nsj0e57c\rhc7nsj0e...

    %program_files%\rhc7nsj0e57c\mfc71.dll

    %program_files%\rhc7nsj0e57c\msvcr71.d...

    %program_files%\rhc7nsj0e57c\msvcp71.d...

    %program_files%\rhc7nsj0e57c\mfc71enu....

    Remove XP Antivirus 2008 Registry Values:

    (Learn how to do this)

    HKEY_USERS\Software\XP antivirus

    HKEY_LOCAL_MACHINE\software\microsoft\... smrhc7nsj0e57c

    HKEY_LOCAL_MACHINE\software\microsoft\...

    HKEY_LOCAL_MACHINE\software\microsoft\... displayname

    HKEY_LOCAL_MACHINE\software\microsoft\... uninstallstring

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5...

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... advid

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... automaticallyupdates

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... backgroundscan

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... backgroundscantimeout

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... databaseversion

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... daysinterval

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... domain

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... engineversion

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... guiversion

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... installdir

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... minimizeonstart

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... programversion

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... proxyname

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... proxyport

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... registrationdiscurl

    HKEY_LOCAL_MACHINE\software\microsoft\... smrhc7nsj0e57c

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... registrationurl

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... scandepth

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... scanpriority

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... scansystemonstartup

    HKEY_LOCAL_MACHINE\software\rhc7nsj0e5... softid


  2. The problem is that the B@$^@rd$ that code these phony anti-virus scams are constantly changing small bits of the code to avoid detection and removal. Somes they release a dozen or more variants of the same malware in one day.

    The anti-malware products (MBAM, KAV, Spybot etc) are always playing "catch-up" and are always behind a few days in being able to deal with these new variants.

    In a few days, at least one of you programs should be able to remove your Smitfraud infection.

    In the meantime you could try...

    SUPERAntiSpyware:

    http://www.superantispyware.com/

    SmitfraudFix:

    http://siri.urz.free.fr/Fix/SmitfraudFix...

    EDIT: DO NOT USE SYSTEM RESTORE...YOU ARE LIKELY TO RESTORE WHAT YOU JUST REMOVED!

  3. Just go to my profile and click the link for btexpress.(located under my pic of the dog) They will help with almost any computer problems. They are a company that I trusted to fix my computer. They did I happy I went with them. I just you have great service like I did so go to them.

  4. Check previous answer....

    http://uk.answers.yahoo.com/question/ind...

  5. here is a removal video of antivirus xp 2008

  6. I can't promise it will work but System Restore has gotten rid of viruses for me. You go back to a day and all of the settings and software will be just as it was then. Go back in time to before you got the virus.

    All Programs / Accessories / System Tools / System Restore

    OR

    System Recovery on startup I think its F10. This will definitly work but you might lose some saved material, but it asks you if you want to keep everything. There are many instructions to follow, and I would get some help if you need it. It re-installs your operating system from scratch. Ta Da - no virus. Try the system restore first, its much easier.

  7. Woody has it right, you must disable system restore as it will more than likely use your restore points and then bounce straight back in from there.

    Jibbar mentioned two programs to run, SUPERantipyware will do it but you can run both to be sure. I'd reboot and run them again to be sure it's gone and then you can re-enable system restore if you choose to when you've confirmed that your computer is clear of infections.

    Please ensure that you have decent anti-virus software and a firewall enabled and scan all downloads before opening them.

  8. Hello

    You can use NOD to solve your problem

    NOD killing viruses and Trojan great

    You need to go to repair your registry files

    You can visit http://www.Fix-pc-Master.com

    Can help you

  9. try to download Malwarebytes Anti-Malware and do a full scan. it's free

  10. Disable system restore and try running Malwarebytes in safe mode. Enter safe mode by tapping the F8 key during boot.

    When you are sure the virus is gone, re-enable system restore.
You're reading: I have a problem with the worm "Antivirus Xp 2008"?

Question Stats

Latest activity: earlier.
This question has 10 answers.

BECOME A GUIDE

Share your knowledge and help people by answering questions.
Register Now
Unanswered Questions