Click on screenshot to zoom
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer

Xp Total security 2012

XP Total Security 2012 is a rogue antispyware which pretends to be reliable security program in hopes of stealing the user’s hard-earned money. On its way to achieving this goal, the fake security program also hinders various computer processes, virtually making it inoperable. XP Total Security 2012 is a clone of XP Total Security 2011, and it comes from a big cluster of rogues which are exactly the same and their names only differ according to what kind of computer they infect – that is, they change their names to match the operating system of the affected computer.

Download Spyware Removal Tool to Remove* Xp Total security 2012
  • Quick & tested solution for Xp Total security 2012 removal.
  • 100% Free Scan for Windows

This rogue can enter the system via fake online malware scanner. Sometimes a user encounters flashing tabs on the websites he visits, indicating that a threat has been found in his computer and he should click on the tab in order to perform a quick system scan and see what is wrong. Once the user clicks on it, a Trojan infection or the XP Total Security 2012 installer file might be downloaded onto the computer, and starting from that moment, the user is up for a war against a dangerous threat.

The first thing that XP Total Security 2012 does when it enters the system is performing a fake system scan. During the scan if “detects” a whole list of infections in the computer, and in its well-designed interface XP Total Security 2012 displays file locations and the name of the malware. The list of malware consists of real viruses which have been detected ages ago, and normally do not plague computers too much these days. However, XP Total Security 2012 wants to user to activate the full version of the program in order to delete those viruses.

Activating the full version of XP Total Security 2012 includes providing the rogue with the user’s personal and credit card information. Needless to say, that with this information exposed the hackers will be able to access the bank account anytime, and the user will soon be left penniless. If one wants to avoid such consequences, one must ignore the scan results and the fake security notifications received from XP Total Security 2012, such as:

Malware Intrusion
Sensitive areas of your system were found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.

System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.

Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.

Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.

XP Total Security 2012 Firewall Alert
XP Total Security 2012 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.

The name of a Trojan in the security messages belongs to a real threat, but it does not reside in the affected computer. The only thing that the user must get rid of is the rogue itself. One can remove XP Total Security 2012 manually, but automatic removal is more efficient if the user is not very confident about his computing skills. As long as XP Total Security 2012 disappears from the system for good, all removal methods are acceptable.


The rogue removal will be easier if you used these activation codes to “register” the rogue:


This rogue is particularly annoying because right after the installation it blocks every single exe file and you can no longer run your computer. Then there is nothing else left to but to restart your computer. When you do, while it boots press F8 and select to load the Safe Mode with Networking, so that you could download SpyHunter from our website. Then restart again, and load your computer in Normal mode to install SpyHunter. Another way to install the program is to download it on another computer, rename the installer file from installer.exe to and then transfer the file into a USB flash drive. Plug the drive into the infected computer and use it to install the program.

Once SpyHunter is installed, it will scan your computer and detect the rogue, and kill it.

NOTE: Just because you can no longer see the rogue it does not mean that it doesn’t exist. Perform a full system scan to locate and terminate all of its components, because any file associated with the rogue can leave your computer’s door open for other malware.

Download Spyware Removal Tool to Remove* Xp Total security 2012
  • Quick & tested solution for Xp Total security 2012 removal.
  • 100% Free Scan for Windows

How to manually remove Xp Total security 2012

Files associated with Xp Total security 2012 infection:


Xp Total security 2012 processes to kill:


Remove Xp Total security 2012 registry entries:

HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%1″ %*’
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%1″ %*’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%Program Files%\Mozilla Firefox\firefox.exe”‘
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%Program Files%\Mozilla Firefox\firefox.exe” -safe-mode’
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation “TLDUpdates” = ’1′

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.