XP Antivirus 2012

windwind Posts: 2
in F-Secure SAFE

F Secure does not seem to stop this spyware from infecting your computer its called XP Antivirus 2012

Like

Accepted Answer

Comments

  • windwind Posts: 2

    Sorry i deleted following the following instructions

     

    XP Antivirus 2012 can be removed manually by following the steps below.

    1. With all programs closed, click the Start Menu and go to the Control Panel.
    2. Locate the Add/Remove Programs icon and double click it.
    3. Locate XP Antivirus 2012 in the list of programs. If you find it, select it and remove it. If you cannot find XP Antivirus 2012, you can continue to step 5.
    4. Restart your computer.
    5. Close all open programs and windows on your desktop.
    6. Open your registry editor (regedit) program by going to Start Menu, type in regedit, and click OK.
    7. Find all of the following registry entries and delete them. If you do not know how to do this, then you can read how to edit the registry in Windows.

      HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”‘
      HKEY_CLASSES_ROOT\exefile\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
      HKEY_CLASSES_ROOT\.exe\shell\runas\command “(Default)” = ‘”%1″ %*’
      HKEY_CLASSES_ROOT\.exe\DefaultIcon “(Default)” = ‘%1′
      HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
      HKEY_CURRENT_USER\Software\Classes\exefile “Content Type” = ‘application/x-msdownload’
      HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “(Default)” = ‘”%1″ %*’
      HKEY_CURRENT_USER\Software\Classes\.exe “Content Type” = ‘application/x-msdownload’
      HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
      HKEY_CLASSES_ROOT\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “%1″ %*’
      HKEY_CLASSES_ROOT\exefile “Content Type” = ‘application/x-msdownload’
      HKEY_CLASSES_ROOT\.exe\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
      HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “IsolatedCommand” – ‘”%1″ %*’
      HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “%1″ %*’
      HKEY_CURRENT_USER\Software\Classes\exefile “(Default)” = ‘Application’
      HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
      HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ‘exefile’
      HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode’
      HKEY_CLASSES_ROOT\exefile\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’
      HKEY_CLASSES_ROOT\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’
      HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “%1″ %*’
      HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “(Default)” = ‘”%1″ %*’
      HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon “(Default)” = ‘%1′
      HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’
      HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = ‘%1′ = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “%1″ %*’

    8. Delete all of the following files that are associated with XP Antivirus 2012 from your computer.

      %AppData%\Local\random.exe
      %UserProfile%Local SettingsApplication DataopRSK
      %Temp%\random.exe
      %AppData%\Local\.exe
      %AppData%\Roaming\Microsoft\Windows\Templates\random.exe
      %AllUsersProfile%\random.exe

    Like
This discussion has been closed.