Remove XP Antivirus 2012
Removal instructions

Severity scale:  
XP Antivirus 2012 is also known as XPAntivirus2012, XPAntivirus 2012 | Type: Rogue Antispyware | Tags: Braviax

XP Antivirus 2012 is a deceptive and quite sophisticated rogue anti-spyware program which applies the basic tricks of scams from this category. Though it declares to be a powerful virus remover, keep in mind that this program is the only one that needs to be eliminated because it reports invented viruses. To be more precise, XP Antivirus 2012 firstly will create numerous harmless files that it will drop in the infected computer’s system. Then this scam will pretend to scan your computer and immediately will report numerous viruses that in reality are nothing else but these earlier created files. Some of its alerts may state about Trojan-BNK.Win32.Keylogger.gen threat for making you scared to death and push into purchasing its license which will be offered additionally:

XP Antivrus 2012 Firewall Alert
XP Antivirus 2012 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.

Malware Intrusion
Sensitive areas of your system were found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.

System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.

Pay attention to the fact, that XP Antivirus 2012 is dangerous and has nothing to do with computer’s protection!

XP Antivirus 2012 program has been manipulating people into believing it is useful software. However, this rogue anti-spyware mostly penetrates into a random computer system without the user’s knowledge and approval and opens the backdoor of the system to let more threats or allow the scammers to reach your personal information. All this is done with a help of Trojans that infect vulnerable systems through fake video codecs and flash updates. As you can see, you should not believe XP Antivirus 2012 and its spyware detection reports as they are fabricated and have in fact nothing to do with the true condition of machine. Don’t buy this software though it will definitely promise to fix your computer, but remove XP Antivirus 2012.  Also, you can use one of these codes to register the rogue program: 2233-298080-3424, 1147-175591-6550, 3425-814615-3990 or 9443-077673-5028. Once activated, it won't block web browsers and anti-spyware software.

Automatic XP Antivirus 2012 removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove XP Antivirus 2012 you agree with our Privacy Policy and Agreement of Use.
Do it now!
remover for XP Antivirus 2012 Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall XP Antivirus 2012. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove XP Antivirus 2012 using SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes XP Antivirus 2012 (2011-06-08 14:20:49)
We are testing STOPzilla's efficiency at removing XP Antivirus 2012 (2011-11-28 14:18:22)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing XP Antivirus 2012 (2011-11-28 14:18:22)
Defender Pro Ultimate
We are testing Defender Pro Ultimate's efficiency at removing XP Antivirus 2012 (2011-11-28 14:18:22)
Virus Removal Phone Support
Help Line to remove XP Antivirus 2012

XP Antivirus 2012 manual removal

Kill processes:
[random characters].exe, like kdn.exe, ppn.exe or similar
Delete registry values:
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation "TLDUpdates" = '1'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = '1'
Delete files:
%AllUsersProfile%\Application Data\u3f7pnvfncsjk2e86abfbj5h

Geolocation of XP Antivirus 2012

Map reveals the prevalence of XP Antivirus 2012. Countries and regions that have been affected the most are: Pakistan, India, Philippines, Indonesia and Argentina.

Information added: 06/08/11 14:20; information updated: 05/27/12 18:47

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Comments on XP Antivirus 2012

Thanks for this post, i will try that.
quisiera utilizar el antivirus
IF your really savy, then you would have a backup of your files, and then you could just re install windows, its far easier than going through this process
Art Vanderbie
Tried to do a manual removal, but couldnt figure it out. Just installed Webroot Antivirus 2012 and its gone!
Matt M
I have seen and removed various incarnations of this malware on a multitude of machines. It seems to be a bit harder to track and remove it each time I encounter it. The thing I have noticed is that it seems to be auto downloaded to your machine from various sites that fool the user into thinking there is a picture of something they were looking for. As an example, one of my sons was looking for a picture to go into a school report when he got this nasty bug. I thought he was up to no good on the internet, looking at things he was not supposed to be looking at. Well two days later I got the same malware while looking up random car photos using the image search in google.. Serves me right for doubting his word. I have helped others remove this thing off of their machines as well and they all seemed to get it from clicking on links from random websites. The other thing is, no matter what AV people are using, this one gets right past it. Is there any anti-virus that catches this as it tries to download to your machine?
Shannon Alexander
My mum just went to bed and I got on the computer... only to have this crap pop up... I worry about her sometimes...
Shannon Alexander
Thank god for Malware Bytes anti malware... I havent rebooted the system yet but it looked like it got it all
I think I ended up getting this from a fake adobe update. I wasnt paying much attention and clicked update and it ended up saying an error or something so I just closed it and ignored it. Then later the antivirus 2012 popped out. Easy to remove,just try following this guide,system restore,try running malware bytes in safe mode. Make sure u get rid of the whole thing otherwise it wil install itself again.
i cant shake this thing ive tried several diffrent things nothing works. it wont let me load any web pages to reinstall malwarebytes system restore dosent work i get system restore is not able to protect your computer everytime i try to run it.any ideas please
Hope it works Derrick, Im at my wits end
Got it while @ Fallout Wiki
For all peeps deleting files and registry entries....TRY DERRICKs METHOD USING SYSTEM RESTORE FROM SAFE MODE FIRST ! It worked perfectly for me (WinXP SP3) in less than 5 minutes. If this doesnt work you can still try the manual procedure.

" 1. Shut down your computer
2. Turn computer back on and press F8 repeatedly until boot menu appears.
3. Select start windows in safe mode option
4. When windows finished loading, select Start, All Programs, Accessories,
System Tools, System Restore.
5. System restore will give you a bunch of dates you can restore to. Choose a date just before the virus infected your computer.
6. System restore will reset your computer to the settings it remembers for that date and will reboot when done.
7. Place middle finger up at the creators and distributors of this virus."

Thank you Derrick for your post !
I deleted those said files from my registery which worked and got rid of the anti virus 2012 but i could no longer open any icons or exes which means i had a new problem from removing the anti virus if this happens to you use this link and scroll down a quarter of the way down the page where there is a link that resets your registery settings.
I manually removed this as it continued to close mozilla. Instructions worked a treat. Also mine was referred to as utt.exe
this totally worked!
thank you so much!
I wasnt on ANY site that I am not normally on. It seems to have came out of nowhere really. I had a PDF popup and I noticed my browser was downloading from PL-????????.com site. As SOON as I saw it was a Rogue application (Which I recognized from 2-3 years on a websites article)
I KNEW my antivirus would be removed. I figured since I didnt actually DL (In past you can close the browsers) I would be OKAY- and restarted it. Thats when I seen the AV was gone. I was so mad- that I would get a GUN and shoot the person who MADE this! LUCKILY I keep a SECOND Partition for emergency cases which is how im here now. I heard the MAKER if these are from GREECE.
Where is this thing HIDING?? I have looked and scanned my System and Windows folder? I CANT get rid of it-if I cant find it? What I learn I will post on the XP Support Site too
Again- whoever made thsi should NEVER be let out of JAIL-EVER!

Post a comment

Attention: Use this form only if you have additional information about XP Antivirus 2012 parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Recent Malware
Read on mobile
Press Mentions
I failed to remove XP Antivirus 2012 using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!