Wednesday, June 22, 2011

Get Rid of XP Antivirus 2012 false security

Did you know that number of programs that detect viruses in a misleading way in times outnumbers that of genuine software products classified as system security, optimization and privacy solutions?
Therefore, if you have a protection against viruses, privacy violation and a tool for performance optimization on your PC, then, according to the statistics which takes into account, apart from number of names of actual and fake software products, their spreading, in particular, number of machines they are installed on, you are more likely to deal with a foxy imitation of security software than with any other kind of program. The chances are doubled in case the software has been installed without your permit, because it is only the bad antispyware and other tricky system utilities, which are distributed by viruses that introduce them without user’s content.
Get rid of XP Antivirus 2012 whether you have been surprised to find that the program became your security solution or it were you who allowed the rascals to entice you into manual installation of the     annoying program.
Click here to get help of strong antivirus that belongs to less numbered group of  security tools, i.e. genuine security software, in order to terminate the activities and perform ultimate disposal of XP Antivirus 2012 and other viruses.





XP Antivirus 2012 snapshot:


Removal Tool:

Manual removal guide:
Delete infected files:
%AllUsersProfile%\Application Data\u3f7pnvfncsjk2e86abfbj5h
%LocalAppData%\kdn.exe
%LocalAppData%\u3f7pnvfncsjk2e86abfbj5h
%Temp%\u3f7pnvfncsjk2e86abfbj5h
%UserProfile%\Templates\u3f7pnvfncsjk2e86abfbj5h
Delete infected registry entries:
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation “TLDUpdates” = ‘1′
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = ‘”%LocalAppData%\kdn.exe” -a “%1″ %*’
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%LocalAppData%\kdn.exe” -a “%1″ %*’
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%LocalAppData%\kdn.exe” -a “%1″ %*’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%LocalAppData%\kdn.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe”‘
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%LocalAppData%\kdn.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = ‘”%LocalAppData%\kdn.exe” -a “C:\Program Files\Internet Explorer\iexplore.exe”‘
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = ‘1′
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = ‘1′

2 comments:

Anonymous said...

It won't let me download! If I try to download something or go into any other program besides Google Chrome, it blocks every program!!! Please, someone, please please please tell me how to fix this!!

Anonymous said...

Hi, NERD HURD here it hooks the .exe and stops you running the exe so just rename the file from the .exe to a cmd or com and it will help you get around the problem.. its only a temp fix...

or go on a guesst account that is not effected