Windows Update is automatically downloading and installing an antivirus named ‘Antivirus XP 2008 or 2009’. Programs named ‘XP Antivirus 2009′, ‘XP Virus 2008’, ‘’Vista Antivirus 2009’, or ‘Antivirus XP 2009’ are malicious programs disguised as antispyware utilities that are spreading through the Internet. ‘XP Antivirus 2008’ usually comes up after you install a video codec (especially from a pirate or warez site) and can include trojans, malware and viruses.
‘XP Antivirus 2008, 2009’ normally generates fake and misleading system popup error messages so end users are actually tricked into paying money for it. It is very important to remove all the components of ‘XP Antivirus 2009’ and the malware and trojans that might have been installed with it. These could have names such as zlob.trojan, trojan.vundo and trojan.downloader. Try the following steps.
-
Unregister the following XP Antivirus 2009 DLL files
‘shlwapi.dll’
‘wininet.dll’
To do this, run the following command at the command prompt for each file in turn:
‘regsvr32 /u <filename.dll>’
-
Stop the following processes:
‘vav.exe’
‘XPAntivirus.exe’
‘XPAntivirusUpdate.exe’
‘Xpa.exe’
‘Xpa2009.exe’
‘Xpa2009.exe’
To do this, launch the task manager instantly by pressing the [Ctrl] + [Shift] + [ESC] keys simultaneously. Select the process that you want to stop and then click on ‘End Process’.
-
Find and delete these flies, if they exist
‘xpa.exe’
‘vav.exe’ ‘xpa2008.exe’
‘xpa2009.exe’
‘XPAntivirus.exe’
‘XPAntivirusUpdate.exe’
‘Shlwapi.dll’
‘wininet.dll’
‘XP antivirus’
‘XPAntivirus.lnk’
‘Uninstall XPAntivirus.lnk’
‘XPAntivirus on the Web.lnk’
‘XPAntivirus.url’
‘XP Antivirus 2009.lnk’
‘Uninstall XP Antivirus 2008.lnk’
Just search for these files using the ‘Start > Search’ tool and delete them. Also empty the Recycle Bin.
Finally, manually remove this XP Antivirus 2008 or 2009 registry value ‘HKEY_USERS\Software\XP antivirus’ To do this,
-
Start ‘Regedit’ from the ‘Start > Run…’ prompt. Search for the line and delete the entry.
-
Now restart the computer and the software should be gone.
Note : Follow these steps at your own risk. Do take backups in case anything goes wrong. If these steps work, disable and re-enable System Restore at least once to clear any backups which might have the virus backed up inside them.
Its very nice to read it. thanks for updating . . . try ahead
I find that kaspersky internet security took car of all these problems. Do you agree? Also i used this virus to test Kasperskys firewall and it didnt get through the best way to not to get it to grab Kaspersky.