XP Antispyware 2012 is a rogue antivirus application that reports false system security threats and displays fake security alerts to convince you that your computer is infected. The program is promoted through the use of Trojans and other malicious software. Once installed, Vista Antivirus will perform fake system scan and report false or exaggerated system security threats on your PC. Then you will be prompted to pay for a full license of the application in order to remove those threats. However, we strongly recommend you not to do so. Instead, uninstall XP Antispyware 2012 from your computer upon detection.
In most of the cases, XP Antispyware 2012 displays such alerts for making users think it has detected numerous viruses on your computer:
XP Antispyware 2012 Firewall Alert
XP Home Security 2012 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.
Sensitive areas of your system were found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
While running, XP Antispyware 2012 flood your computer with very annoying and of course fake security alerts. The rogue impersonates Windows Security Center and stated that your PC is not protected and that you should purchase XP Antispyware 2012 in order to ensure full system protection. No matter what you click in those fake security alerts, you will be automatically redirected to the pay page of XP Antispyware 2012. Do no purchase it! It's nothing more but a scam. Instead, please use the removal guide below to remove this infection from your computer manually for free. Also be sure to scan your PC with a reputable and reliable anti-spyware application to make sure that there are no other infections left on your computer. Also, you can use these codes 2233-298080-3424, 3425-814615-3990 or 9443-077673-5028 to register the rogue program. Once activated, it won't block web browsers and anti-spyware software.
It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
and Agreement of Use
XP Antispyware 2012 manual removal:
Delete registry values:
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation "TLDUpdates" = '1'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = '1'