<< Click here to Goto HomePage


Wednesday, October 01, 2008

How to easily Remove the Virus / Spyware - Anti-virus XP 2008 from your system without using any Anti-Virus Softwares

Recently, one of our systems got attacked by a rather nasty Virus / Spyware called by a rather unusual name "Anti-virus XP 2008" sometimes also comes with the other names as XP Antivirus 2009 and variations of those names like WinFixer, WinIFixer, and Zlob. Below are simple steps on how you can remove this without installing an Anti-Virus.

First you need to stop the program from loading on startup. This is how you can stop it:
  • Goto Start > run 
  • Then Type msconfig and hit enter
  • In the resulting screen, goto Startup tab
  • Uncheck lphc35dj0e1an
  • Uncheck rhc75dj0e1an
  • Click apply, then ok
  • Finally, Restart the computer

Then you need to delete the main files that this Malware program uses. 
So, go ahead and Delete the following files:
  • C:\windows\system32\lphc35dj0e1an.exe
Also, Delete the following folder and all contents:
  • C:\program files\rhc75dj0e1an

This should remove the program from your system but you probably still have a warning message displayed as your wallpaper in Windows and the virus removed the ability to change the wallpaper or your desktop settings.

To restore the ability to change your desktop settings and select a different wallpaper and screen saver do the following:
  • Click Start then run 
  • Then type Gpedit.msc
  • Now navigate to User configuration > Administrative Templates > Control Panel > Display
  • Finally, Right click on Remove Display in Control Panel
  • Click on Properties and then select as Disabled

Do the same steps to change the following attributes to disabled too:
  • Hide Desktop Tab
  • Prevent changing wallpaper
  • Hide Apperance and Themes tab
  • Hide Settings tab
  • Hide Screen Saver tab

You should now be able to use your computer normally and change the wallpaper to something other than the warning message Antivirus XP 2008 had actually set it to.