1 of 3
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:
XP Internet Security
Infection Video XP Internet Security 2012

XP Internet Security 2012

There are a lot of rogues which are identical and the only difference among them is their name. XP Internet Security 2012 is one of those rogue antispyware application, and it works exactly the same as Vista Internet Security 2012 and Win 7 Internet Security 2012. The different name is generated according to which operating system the affected computer is running on. The previous group of similar rogues consisted of XP Internet Security 2011, XP Internet Security 2012, Vista Internet Security 2011 and many more.

Download Spyware Removal Tool to Remove* XP Internet Security 2012
  • Quick & tested solution for XP Internet Security 2012 removal.
  • 100% Free Scan for Windows

When this rogue is installed into the system, it loads automatically every time the user boots his Windows. XP Internet Security 2012 does not allow the user to load all of his programs, claiming that some of them are infected with malware and the “security program” has to close it in order to protect the overall computer safety. XP Internet Security 2012 does so, because it pretends to be a legitimate computer safeguard program. It tries to gain the user’s trust at the same time causing him to panic that his computer is being attacked with dangerous viruses. However, all negative effects that the system is experiencing are created by none the other but XP Internet Security 2012 itself.

On top of that XP Internet Security 2012 takes over the internet browser and does not allow the user to visit certain websites. The rogue exhibits such behavior, because it tries to stay in the computer for as long as possible, and it tries to achieve it, by disallowing the user to search for rogue removal information on the internet. Instead of opening the website XP Internet Security 2012 blocks it by sending this message:

XP Internet Security 2012 Alert
Internet Explorer alert. Visiting this site may pose a security threat to your system!
Possible reasons include:
- Dangerous code found in this site's pages which installed unwanted software into your system.
- Suspicious and potentially unsafe network activity detected.
- Spyware infections in your system
- Complaints from other users about this site.
- Port and system scans performed by the site being visited.

Things you can do:
- Get a copy of XP Internet Security 2012 to safeguard your PC while surfing the web (RECOMMENDED)
- Run a spyware, virus and malware scan
- Continue surfing without any security measures (DANGEROUS)

XP Internet Security 2012 also performs a fake system scan, and as a result it “detects” a lot of infections. The malware in its detection list includes: Email-Worm.JS.Gigger, BWME.Twelve.1378, Devices.2000 and others. Most of the viruses in the list are real and have been detected 10 or 13 years ago. It almost seems as if the creators of XP Internet Security 2012 went through an encyclopedic list of viruses in order to include them in the scan results. Either, these pieces of malware do not exist in the affected computer and the user should not attempt to delete any of the files indicated in the fake scan results.

The user should remove XP Internet Security 2012 from his computer without any hesitation, because the rogue will continue to plague the system in attempts to make easy money. The rogue can be removed either manually or automatically; it depends on the user’s preference. Automatic removal is recommended when the user is not exactly sure how his system works. If one acquires a good antimalware program it can intercept and terminate XP Internet Security 2012 without any difficulties.

Update:

The rogue removal will be easier if you used these activation codes to “register” the rogue:

2233-298080-3424
3425-814615-3990
9443-077673-5028

This rogue is particularly annoying because right after the installation it blocks every single exe file and you can no longer run your computer. Then there is nothing else left to but to restart your computer. When you do, while it boots press F8 and select to load the Safe Mode with Networking, so that you could download SpyHunter from our website. Then restart again, and load your computer in Normal mode to install SpyHunter. Another way to install the program is to download it on another computer, rename the installer file from installer.exe to installer.com and then transfer the file into a USB flash drive. Plug the drive into the infected computer and use it to install the program.

Once SpyHunter is installed, it will scan your computer and detect the rogue, and kill it.

NOTE: Just because you can no longer see the rogue it does not mean that it doesn’t exist. Perform a full system scan to locate and terminate all of its components, because any file associated with the rogue can leave your computer’s door open for other malware.

Download Spyware Removal Tool to Remove* XP Internet Security 2012
  • Quick & tested solution for XP Internet Security 2012 removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove XP Internet Security 2012

Files associated with XP Internet Security 2012 infection:

av.exe
%AppData%\[random].exe

XP Internet Security 2012 processes to kill:

av.exe
%AppData%\[random].exe

Remove XP Internet Security 2012 registry entries:

HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%1″ %*’
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%1″ %*’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%Program Files%\Mozilla Firefox\firefox.exe”‘
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%Program Files%\Mozilla Firefox\firefox.exe” -safe-mode’
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation “TLDUpdates” = ’1′
Disclaimer

Comments

  1. AintbuyingYOURSHIT Jun 23, 2011

    This scanner is 100% worthless. All it does is scan, it wont remove the program unless you pay 40$ ***** GUYS AND YOUR ***** LIEING *****

  2. Pcthreat Jun 27, 2011

    The scanner scans and finds any infections. It will show all file paths and registry entries that must be removed.You can do it manually, by searching through Your conmputer and deleting, or You can buy the "remover" part and spyhunter will remove everything for you.
    In other words scanner does hell lot of a job.

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.