Home / Parasites / Malware / AntivirusXP
Click on screenshot to zoom
Danger level 8
Type: Malware
Common infection symptoms:
  • Shows commercial adverts
  • Normal system programs crash immediatelly
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

AntivirusXP

AntivirusXP is the latest malware to be affecting computer systems globally. Further classified as a form of Trojan infection, any computer system it has infiltrated may be at risk.

As soon as AntivirusXP enters into a computer system, it may attempt to adjust the Windows registry keys, and could generate additional malware onto the infiltrated system.

A computer system infected with as AntivirusXP may tend to display the following warning signs:

* The Process is packed and/or encrypted using a software packing process
* Executes a Process
* Registers a Dynamic Link Library File
* Writes to another Process's Virtual Memory (Process Hijacking)
* Terminates Processes
* Makes outbound connections to other computers using NETBIOSOUT protocols * Creates a new Background Service on the machine
* This Process Deletes Other Processes From Disk
* Loads and Executes a System Driver File
* Adds a Registry Key (RUN) to auto start Programs on system start up
* This process creates other processes on disk
* The Process is polymorphic and can change its structure
* This Process Contains User Mode Rootkit Functionality and can hide itself from the running process list.

Should your system be experiencing any of the above mentioned symptoms, chances are there is malware present.

So, how would AntivirusXP be able to infect a system?

Well, as with many of these type malware applications, there are a few vulnerabilities these type applications target:

1. P2P (Peer-to-Peer) Networks
2. Freeware and Shareware
3. Malicious Websites

In order to prevent malware from infiltrating your system, there are a number of steps one can take, which include the following:

1. Install a comprehensive anti-spyware product
2. Update your anti-spyware software definitions
3. Perform Windows security updates
4. Scan your system regularly for spyware

To avoid unnecessary risk of further damaging your computer system, you should make use of a good legitimate and reliable spyware remover, which will come equip with all the necessary tools needed to rid your system of all nefarious activity allowed to enter into the system by AntivirusXP.

Download Spyware Removal Tool to Remove* AntivirusXP
  • Quick & tested solution for AntivirusXP removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove AntivirusXP

Files associated with AntivirusXP infection:

rhc13bj0e73j.exe
vma.exe
MSASCui.exe
ave.exe
av.exe
yayxuRJc.dll
scan16085[1].exe
rhcpwqj0ej27.exe, rhce80j0e11g.exe
rhcn7cj0ea59Skin.dll
rhcg2sj0ep0c.exe
rhca9fj0e7jr.exe
pphcj7cj0ea59.exe
pphcahoj0ercl.exe
lphcrw3j0e5e5.exe
lphcrkkj0erbr.exe
lphcjosj0e9e5.exe
lphcjc8j0ec35.exe
lphcj7cj0ea59.exe,26scan[1].exe,642292000.exe
lphcj7cj0ea59.exe,04scan[1].exe,584289103.exe
lphcj7cj0ea59.exe
lphcgl5j0en59.exe
lphcg1gj0er7r.exe
lphcef9j0e15r.exe
lphccn4j0eadc.exe
lphcc65j0e909.exe
lphcc3qj0eacl.exe, lphce9fj0e7jr.exe
lphca80j0e11g.exe
lphc748j0elfp.exe
lphc395j0ee2a.exe
lphc1tgj0e5e9.exe
lphc110j0e78a.exe
bpphcj7cj0ea59.exe
AntivirusXP2008.exe
3.exe
rhctp3j0en6c.exe
.tt5E.tmp.exe
rhcgedj0ep8l.exe
rhcn7cj0ea59.exe
.tt7.tmp.exe
rhcg4kj0e98e.exe
pphc1kdj0elbj.exe
pphc1q9j0e5vc.exe
pphcr66j0e11c.exe
pphclpmj0e73r.exe
pphc31wj0e9ea.exe
pphcjuej0en4o.exe
pphcruaj0e355.exe
.tt89.tmp
pphcn3jj0epf7.exe
pphc38wj0e7er.exe
pphcn4nj0e58t.exe
pphcvmfj0e5a1.exe

AntivirusXP DLL's to remove:

yayxuRJc.dll
rhcn7cj0ea59Skin.dll

AntivirusXP processes to kill:

rhc13bj0e73j.exe
vma.exe
MSASCui.exe
ave.exe
av.exe
scan16085[1].exe
rhcpwqj0ej27.exe, rhce80j0e11g.exe
rhcg2sj0ep0c.exe
rhca9fj0e7jr.exe
pphcj7cj0ea59.exe
pphcahoj0ercl.exe
lphcrw3j0e5e5.exe
lphcrkkj0erbr.exe
lphcjosj0e9e5.exe
lphcjc8j0ec35.exe
lphcj7cj0ea59.exe,26scan[1].exe,642292000.exe
lphcj7cj0ea59.exe,04scan[1].exe,584289103.exe
lphcj7cj0ea59.exe
lphcgl5j0en59.exe
lphcg1gj0er7r.exe
lphcef9j0e15r.exe
lphccn4j0eadc.exe
lphcc65j0e909.exe
lphcc3qj0eacl.exe, lphce9fj0e7jr.exe
lphca80j0e11g.exe
lphc748j0elfp.exe
lphc395j0ee2a.exe
lphc1tgj0e5e9.exe
lphc110j0e78a.exe
bpphcj7cj0ea59.exe
AntivirusXP2008.exe
3.exe
rhctp3j0en6c.exe
.tt5E.tmp.exe
rhcgedj0ep8l.exe
rhcn7cj0ea59.exe
.tt7.tmp.exe
rhcg4kj0e98e.exe
pphc1kdj0elbj.exe
pphc1q9j0e5vc.exe
pphcr66j0e11c.exe
pphclpmj0e73r.exe
pphc31wj0e9ea.exe
pphcjuej0en4o.exe
pphcruaj0e355.exe
pphcn3jj0epf7.exe
pphc38wj0e7er.exe
pphcn4nj0e58t.exe
pphcvmfj0e5a1.exe

Remove AntivirusXP registry entries:

HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN inrhc11wj0e13t
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN inrhcnvjj0epd5
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN SMrhcg4kj0e98e
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN SMrhcgedj0ep8l
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN SMrhcn7cj0ea59
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN SMrhctp3j0en6c
RUNNING PROGRAM.tt89.tmp
RUNNING PROGRAMpphc1kdj0elbj.exe
RUNNING PROGRAMpphc1q9j0e5vc.exe
RUNNING PROGRAMpphc31wj0e9ea.exe
RUNNING PROGRAMpphc38wj0e7er.exe
RUNNING PROGRAMpphcjuej0en4o.exe
RUNNING PROGRAMpphclpmj0e73r.exe
RUNNING PROGRAMpphcn3jj0epf7.exe
RUNNING PROGRAMpphcn4nj0e58t.exe
RUNNING PROGRAMpphcr66j0e11c.exe
RUNNING PROGRAMpphcruaj0e355.exe
RUNNING PROGRAMpphcvmfj0e5a1.exe
SOFTWARE\Microsoft\Windows\CurrentVersion "rhcn7cj0ea59"
Disclaimer

Comments

  1. ZACARIAS Mar 30, 2013

    i wat delete the mixi dj

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
 This is a captcha-picture. It is used to prevent mass-access by robots.

 
© 2006-2024 pcthreat.com  |  Terms of use |  Privacy policy |  About us |  Link to US