Vista Home Security 2011
Vista Home Security 2011 looks just like a real anti-virus scanner, but actually it's a rogue anti-spyware program that delivers inaccurate messages while blocking significant computer processes. The Vista Home Security 2011 rogue product infects most systems through Trojans, and will limit your system security and web browsing ability until you get rid of it. Vista Home Security 2011 also uses a wide range of aliases to avoid detection; be ready to delete Vista Home Security 2011 even if you catch it under a slightly different name.
An Old Rogue Scanner that Tries Hard to Look New
You may download Vista Home Security 2011 by mistake, being unaware of its true rogue product nature, or you may catch it from the Braviax trojan or a similar infection. This malware infection is just one spin of many different possible varieties of what amounts to the same program! Other possible titles for Vista Home Security 2011 include XP Home Security 2011, Win 7 Anti-Spyware 2011, Vista Total Security 2011, and many, many more.
The common naming theme you can use to detect all these rogue anti-spyware products is through the initial system-appropriate tag, followed by a generic security title, and then optionally ending with the '2011' year. All these rogue programs act more or less identically, even though they may look a little different.
A Fresh Coat of Paint on Typical Malware Attacks
Vista Home Security 2011 will use different attack methods to make the user think his system is under threat - which it is, but from Vista Home Security 2011 itself! Error messages will frequently pop up spontaneously, or when you try to run a program to try to rid yourself of the Vista Home Security 2011 infection. Here's just a sampling of the huge variety available:
System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or trojans may be working the background right now. Perform an in-depth scan and removal now, click here.
Security breach!
Beware! Spyware infection was found. Your system security is at risk. Private information may get stolen, and your PC activity may get monitored. Click for an anti-spyware scan.
These error messages don't have any true substance, since Vista Home Security 2011 doesn't even possess the code to detect and remove infections. Instead, Vista Home Security 2011's aim is to get you to fork over your money for a rogue security product that actually hurts your system. Vista Home Security 2011 will also use proxy server exploits to redirect you away from safe websites towards its own malicious ones, with a message similar to this:
Internet Explorer alert. Visiting this site may pose a security threat to your system!
Possible reasons include:
- Dangerous code found in this site's pages which installed unwanted software into your system.
- Suspicious and potentially unsafe network activity detected.
- Spyware infections in your system
- Complaints from other users about this site.
- Port and system scans performed by the site being visited.
Things you can do:
- Get a copy of Vista Antispyware 2011 to safeguard your PC while surfing the web (RECOMMENDED)
- Run a spyware, virus and malware scan
- Continue surfing without any security measures (DANGEROUS)
Deleting Vista Home Security 2011 is the only solution that will make all the errors stop and allow you to get back to enjoying your computer with safety and security. If Vista Home Security 2011 is making the removal process difficult, you can try registering it with the code 1147-175591-6550, which may settle the rogue scanner down long enough for you to give it the boot.
File System Modifications
- The following files were created in the system:
# File Name 1 %AllUsersProfile%\t3e0ilfioi3684m2nt3ps2b6lru 2 %AppData%\Local\[3 RANDOM LETTERS].exe 3 %AppData%\Local\t3e0ilfioi3684m2nt3ps2b6lru 4 %AppData%\Roaming\Microsoft\Windows\Templates\t3e0ilfioi3684m2nt3ps2b6lru 5 %AppData%\t3e0ilfioi3684m2nt3ps2b6lru 6 %Temp%\t3e0ilfioi3684m2nt3ps2b6lru 7 %UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe 8 %UserProfile%\Templates\t3e0ilfioi3684m2nt3ps2b6lru
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1' = '"%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" - '"%1" %*'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"'HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\.exe\DefaultIcon "(Default)" = '%1'HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe" /START "%1" %*'HKEY_CLASSES_ROOT\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\.exe\shell\runas\command "(Default)" = '"%1" %*'HKEY_CLASSES_ROOT\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\exefile "Content Type" = 'application/x-msdownload'HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe" /START "%1" %*'HKEY_CLASSES_ROOT\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\exefile\shell\runas\command "IsolatedCommand" = '"%1" %*'
Thanks for the help I did the manual version, and it was quite painstaking, yet effective:)
anyway to get vista type directory? been able to remove yes, but pain to find the similar directory you shown since most of them was just not existing 🙁 would be help full to have many kind of directory code 🙂
I downloaded the SpyHunter program but ti will not let me use it at ll and I can not open Internet Explorer either. Now what I need my computer!!
Downloaded the spyhunter after restoring my comp because vista home security would not let me go on the internet, once restored i could, scaning in process and spy hunter seems to bedoig a good, job their is some good on the internet.
shame the program needs to be paid.
Thx