Anti Vir XP 08

AntiVirXP08 is a nasty trojan that is commonly downloaded as trojan included as part of a video codec.  An unsuspecting user downloads the codec, such as DivX, from what appears to be a dependable site, and AntiVir XP 08 installs itself as part of the codec installation. It then hijacks your computer, duplicates itself throughout the system, and things start to go wild.  First, a window pops up, informing you that you system appears to be infected, and the window appears to be a Vista or XP antivirus program.  It then informs you that in order to remove the program, you must register the software.  All the while, windows are popping up all over your screen, your wallpaper turns into a glaring rendition of the symbol for radiation, and access to the control panel and administrative services are cut off.  All the while, the anti virus window is calmly telling you what you’ve contracted, and offering to remove the problem if only you’ll register the program.  As fast as you can close popup windows, more open, filling your screen with virus notices and warnings that (duh) your system is infected.

Real antivirus software  can prevent this trojan from gaining complete control of your system if it is installed prior to the infection, in most cases.  If you happen to get caught without your antivirus software running, you can still fight back, but it requires a relatively lengthy process.  You’ll have to remove some registry entries, and delete a number of files, but it’s possible, and may be your only realistic option.  We know of one person caught unprepared who resorted to reformatting their hard drive to remove this baby, but a solution such as that should really be considered only as a last resort.  In the end, having a reputable antivirus program already installed is the best solution, as this program relies on people being unwary and unprepared.

If you are determined to do it yourself, there is a complete list of instructions for the various tasks to be found at the following URL:

http://www.xp-vista.com/spyware-removal/antivirxp08-anti-vir-xp-08-removal-instructions

In all, there may be upwards of 50 different files to delete, although once the registry entries have been removed, you should be able to install or enable an anti virus program, which can more quickly and efficiently solve your problem.  We haven’t tested all of the antivirus applications on the market, but have seen excellent results using AVG antivirus, once the infection had been deactivated through removal from the system registry.  Since the task manager is disabled during the infection process, the do-it-yourselfers will have to begin things by running TASKMGR.EXE from the START >> RUN command.

Unregister AntiVirXP08 DLL Files:
%ProgramFiles%[RANDOM NAME]MFC71.dll
%ProgramFiles%[RANDOM NAME]MFC71ENU.DLL
%ProgramFiles%[RANDOM NAME]msvcp71.dll
%ProgramFiles%[RANDOM NAME]msvcr71.dll
%ProgramFiles%[RANDOM NAME]shlwapi.dll
%ProgramFiles%[RANDOM NAME]wininet.dll

Stop AntiVirXP08 Processes:
Antvrs.exe
AntiVirXP08.exe

Find and Delete these AntiVirXP08:
AntiVirXP08.exe
Uninstall AntiVirXP08.lnk
%ProgramFiles%[RANDOM NAME]MFC71.dll
%ProgramFiles%[RANDOM NAME]MFC71ENU.DLL
%ProgramFiles%[RANDOM NAME]msvcp71.dll
%ProgramFiles%[RANDOM NAME]msvcr71.dll
%ProgramFiles%[RANDOM NAME]shlwapi.dll
%ProgramFiles%[RANDOM NAME]wininet.dll
%UserProfile%Application DataMicrosoftInternet ExplorerQuick LaunchAntivirus XP 2008.lnk
C:Documents and SettingsAll UsersDesktopAntivirus XP 2008.lnk
C:Documents and SettingsAll UsersStart MenuProgramsAntivirus XP 2008Antivirus XP 2008.lnk
C:Documents and SettingsAll UsersStart MenuProgramsAntivirus XP 2008How to Register Antivirus XP 2008.lnk
C:Documents and SettingsAll UsersStart MenuProgramsAntivirus XP 2008License Agreement.lnk
C:Documents and SettingsAll UsersStart MenuProgramsAntivirus XP 2008Register Antivirus XP 2008.lnk
C:Documents and SettingsAll UsersStart MenuProgramsAntivirus XP 2008Uninstall.lnk
C:Documents and SettingsAll UsersStart MenuProgramsAntivirus XP 2008.lnk %ProgramFiles%[RANDOM NAME]database.dat

Remove AntiVirXP08 Registry Values:
HKEY_CURRENT_USERSoftwareAntivirus
HKEY_LOCAL_MACHINESOFTWAREAntivirus
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun”Antivirus” = “%ProgramFiles%AntiVirXP08Antvrs.exe”

Removal instructions additional if above doesnt work

Find folder C:windowssystem32wbem, inside this folder identify the repository folder and delete only this folder (the repository folder) from your computer.  Use msconfig to remove any weird startup items such as burrito.

In Administrative Tools find Windows Management Instrumentation service again, and re-start the service by right clicking mouse and pressing start from dropdown list. Restarting this service re-builds the repository folder database on your computer, which should now only contain information about your currently installed antivirus & firewall programs. ')}

Article written by MyComputerAid.com