Sunday, October 05, 2008

That Damned AntiVirus/Antispyware.

Tis the season again for frauds. While browsing the web, a message suddenly popped up on my screen; "Your System has been infected. Press Yes to clean it up." Knowing my malware protection kit doesn't give any messages like that, I ignored it. Good for me, unfortunately, my sister-in-law called up saying her system has full of viruses. Being the good samaritan, I checked her system, and lo and behold, it is the new variant, AntiSpyware XP 2009.

What is AntiSpyware XP 2009?

Antispyware XP 2009 Descriptions:

Antispyware XP 2009, also known as AntispywareXP 2009, is one of the latest and hottest counterfeit antispyware that devastates the Internet community. It is believed that Antispyware 2008 is simply a clone of Antispyware 2008 XP. Antispyware XP 2009 is not a real Antispyware application. Confused? That’s exactly what their intension is, which is to confuse and distract us. Don’t trust it. Antispyware XP 2009 usually come up after you installed a video codec that come with Trojan, malware and virus. Antispyware XP 2009 normally generates fake and misleading system popup error messages so end-users will be tricked into purchase Antispyware XP 2009.

(source website,

How to remove ASWXP 2009

although this may be a bit confusing, believe me it's not. There's a catch though. Be careful not to miss out any of these instructions.

1. Stopping the process. First thing first, you would have to stop the Antispyware XP 2009 process. To do that, whip up your Task Manager, press the Ctrl-Alt-Delete buttons simultaneously, select the process tab once the Task Manager windows come up.
Look for this process, AntispywareXP2009.exe, Click on it, then press the End Process Button. voila, you just killed it. Still, it isn't the end, you're merely a step away from removing it. The next step is to:

2. Find all the associated files. To do that, you must: # From Start –> Search, then click on “For Files and Folders…“
# From “What do you want to search for?” list on the left, click on “All files and folders”

Look for these files and delete them all. Press Shift-Delete simultaneously to fully delete these files.

%profile%\application data\secure solutions\AntispywareXP2009\as2008xp.exe
%profile%\application data\secure solutions\AntispywareXP2009\as2008xp.exe
%profile%\application data\microsoft\internet explorer\quick launch\antispywarexp2009.lnk
%programs%\antispyware 2008\antispywarexp2009.lnk

3. Remove the Registry Entries. Now this is the hard part. Trust me, don't mess things up this time. The Best bet is to download ccleaner from and install it. It can easily clean up your registry after removing the effing ASWXP 2009. But if you aren't sissy enough, here is how you should to this.

# In Windows XP, from Start, and then click on Run.
# Type “regedit“, then click on OK

look for these subkeys and remove them manually.

KEY_CURRENT_USER\software\microsoft\windows\currentversion\run ieupdate
HKEY_CURRENT_USER\software\secure solutions\AntispywareXP2009 lgid
HKEY_CURRENT_USER\software\secure solutions\AntispywareXP2009 lid
HKEY_CURRENT_USER\software\secure solutions\AntispywareXP2009 pid
HKEY_CURRENT_USER\software\secure solutions\AntispywareXP2009\2.1 installtime
HKEY_CURRENT_USER\software\secure solutions\AntispywareXP2009\2.1 start counter
HKEY_CURRENT_USER\software\secure solutions\AntispywareXP2009\2.1\config

4. Restart your computer and You're done. Oh yeah, I forgot to tell you this. Do this in Safe Mode.