What is Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011)?

XP Home Security, Vista Home Security 2011, Win 7 Internet Security are new version of multi -named Rogue Anti-spyware from Braviax family is noticed in the wild. The rogues are named randomly, depending on Operating System, and have always OS version in the name. This distinguishes them from majority of legitimate software and other rogues. The names of parasites are as follows: Note: They can go with year information (2011 in the end) or without.

Win 7 names Win 7 Anti-virus (2011) Win 7 Anti-Spyware (2011) Win 7 Home Security (2011) Win 7 Total Security (2011) Win 7 Security (2011) Win 7 Internet Security (2011)

Vista names Vista Anti-virus (2011) Vista Anti-Spyware (2011) Vista Home Security (2011) Vista Total Security (2011) Vista Security (2011) Vista Internet Security (2011)

XP names XP Anti-virus (2011) XP Anti-Spyware (2011) XP Home Security (2011) XP Total Security (2011) XP Security (2011) XP Internet Security (2011)

During install, Win 7 Home security/XP Home security pretends to be a security update for appropriate windows version. It even mimics Automatic updates windows and alerts closely, to prevent early suspicious from the user. Once inside, Win 7 /Vista /XP Internet security 2011 starts its own dirty work. First, it creates its own executable (3 random letters usually) with couple of additional files. Then it modifies registry information to prevent execution of legitimate programs. Lastly, it makes itself known to force users into paying for its full version. First you might notice alerts when you try launching legitimate programs. These alerts look like this: Win 7 Home security 2011 Firewall Alert Win 7 Home security 2011 has blocked a program from accessing the internet Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen Private data can be stolen by third parties, including credit card details and passwords. Although it looks legitimate, most of antiviruses would just disable the keylogger addon from infected IE if this was the case. Thus it is obvious, that this message is false. Then it starts showing message alerts, claiming that your PC is under attack or heavily infected. System danger! Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here. System Hijack! System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan. Privacy threat! Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair. Stealth intrusion! Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now. If you press on any of the alers, a scan window will appear that will detect various threats in harmless files. These threats are fake, and should be ignored. Deletion of the listed files by Win 7 Antivirus 2011 might lead to system failure or would require repair install. This parasite will refuse to repair the detected infections without payment, which is a ruse to get your credit card details. These rogues will block legitimate webpages as well. This is done by adding a proxy server to your browser so you can visit only their webpages or get warning that the site is infected.

It is obvious, that you should remove this Win 7/Vista/XP Security, as it is fake and rogue nuisance. Removal guide bellow.

Special removal instructions for Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011)
1. You can use this key to disable majority of popups: 1147-175591-6550 or 2233-2980803424 . Enter it in its manual registration section. This will not remove all the trojans. We are thankful for Xylitolfor this key. 2. Reboot into safe mode with networking, download and run process explorer: http://www.2viruses.com/wp-content/uploads/PE/eXplorer.exe (backup location). Start it and stop all 3-letter named processes, also processes named like garbage. You might need to edit out registry first. 3. Search for malware files on hard disk and delete them, edit registry OR scan with decent antimalware programs : Spyware Doctor, Malwarebytes Anti-Malware, Hitman Pro 4. Reboot, update your antivirus programs (preferably to internet security versions) and scan again. Make sure you got all the trojans out.

UPDATE: 2012 version of Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security 2012.
In June 2011, we noticed rogue changing its year number to 2012. Although generally the same parasite, Win 7/Vista/XP Anti-Virus 2012 has a slight changes to its skin and files. Thus now the parasite names look like this :

Win 7 names Win 7 Antivirus 2012 Win 7 Antispyware 2012 Win 7 Home Security 2012 Win 7 Total Security 2012 Win 7 Security 2012 Win 7 Internet Security 2012

Vista names Vista Antivirus 2012 Vista Antispyware 2012 Vista Home Security 2012 Vista Total Security 2012 Vista Security 2012 Vista Internet Security 2012

XP names XP Antivirus 2012 XP Antispyware 2012 XP Home Security 2012 XP Total Security 2012 XP Security 2012 XP Internet Security 2012

There is an updated registration code for this family of rogues announced my malware researcher Siri :2233-298080-3424. An useful trick to disable These rogues like Win 7 Internet Security 2012 and others is changing PC time to 6-7 days in the future and then rebooting PC. After that you can reset the date to correct time. After this, scan your PC with Spyware Doctor or Malwarebytes Anti-Malware to remove all trojans that caused the infection. Full version of Spyware Doctor, or malwarebytes would have likely protected from infection. Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) is Extremely dangerous Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/

Security (2011) is a corrupt Anti-Spyware program Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/

Security (2011) may spread via Trojans Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/

Security (2011) may display fake security messages

Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/

Security (2011) may install additional spyware to your computer Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/

Security (2011) may repair its files, spread or update by itself Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/

Security (2011) violates your privacy and compromises your security

for Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) detectionNote: Spyware doctor trial provides detection of parasite like Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet
Security/Home Security/ Security (2011)detection and limited protection for free. You can remove detected files, processes and registry entries yourself or purchase a full version. Learn why we have choosen spyware doctor.

Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) screenshots

Manual Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) removal
Important Note: Although it is possible to manually remove Win 7/Vista/XP AntiVirus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011), such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyware Doctor or other malware and spyware removal applications found on 2viruses.com.

Spyware Doctor detects and protects from malicious processes, files and registry entries for free. It will help you to remove Win 7/Vista/XP AntiVirus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011)

Stop these Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) processes:
How to stop malicious processes

Remove these Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) Registry Entries:

Remove these Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) files:

It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) infected files and get help in Win 7/Vista/XP AntiVirus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) removal by using free Spyware Doctor scanner. It comes with free real-time protection module that helps preventing Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) and similar threats.

Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) is classified as Rogue Anti-Spyware. After infecting a users system, it proceeds to scare its victim into buying the product by displaying fake security messages, stating that your computer is infected with spyware and only Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) can help you to remove it after you download the trial version. As soon as the victim downloads Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) trial version, it pretends to scan your computer and shows a grossly exaggerated amount of non-existent errors. Then, Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) offers to buy the full version to fix these false errors. If the user agrees, Win 7/Vista/XP AntiVirus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011) does not only fix the errors, but it also takes the users money and may even install additional spyware into the victims computer. Some Rogue Anti-Spyware, such as Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011), may offer users to buy it after the victim clicks on a banner or a pop-up while surfing the internet. Usually, a Trojan is installed to a victims computer after clicking on the advertisement. It then proceeds to download or even install Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011), which is another way for Rogue Anti-Spyware to spread itself.

Most of rogue Anti-Spyware, such as Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011), is nearly impossible to remove manually.

How to tell if your PC has been infected by a Rogue Anti-Spyware such as Win 7/Vista/XP Anti-Virus/AntiSpyware/Total Security/Internet Security/Home Security/ Security (2011)? Numerous undesirable and annoying pop-ups:A typical Rogue Anti-Spyware parasite
keeps track of your internet browsing habits, sending your browsing history data to remote servers, owned by third party companies that use this information to advertise their products via numerous pop-ups, toolbars, hijacked homepages and spam letters. All these undesirable advertising methods are used on the victims of Rogue Anti-Spyware.

-------------------------------------------------------------------------------------------------------------------------------------XP Home

Security 2011
19 FEBRUARY 2011

Overall Risk Level: XP Home Security 2011 is a misleading security application that commonly spread by means of a Trojan that can penetrate the computer without being detected by anti-virus application. XP Home Security 2011 virus will be installed remotely when a prompt displayed by the Trojan is executed. Normally users may get infected when a malicious web site is visited. If installed on the computer, this rogue program will provide virus scan results that tells users to obtain the licensed version to be able to remove detected threats. In fact, there will be a dozens of threat detected. These threats does not really exists on the system and is just a fabrication of XP Home Security 2011 to deceive its victims. On some machines, this can be installed as Vista Home Security 2011 or Win7 Home Security 2011, defending on victims operating system. To be able to remove all the irregularities brought on the PC, users must remove XP Home Security 2011. As mentioned, this is just a rogue program pretending to be a useful application to scam money from computer users. It can be remove by a legitimate anti-malware application included on this page. It is also advise to protect the computer with a legitimate and full version of anti-malware program to prevent any attacks coming from rogue programs like XP Home Security 2011. Alias: Vista Home Security 2011, Win7 Home Security 2011

Screen Shot Image:

Damage Level: Medium Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

XP Home Security 2011 Removal Procedures

Manual Removal: 1. Press Ctrl+Alt+Del on keyboard to stop process associated to XP Home Security 2011. When Windows Task Manager opens, go to Processes Tab and find and end the following process: (random characters).exe 2. You need to update your installed antivirus application to have the latest database. 3. Thoroughly scan the computer and any detected threats must be removed. If removal is prohibited, it is best to quarantine the infected item. Manually locating and deleting of malicious files should also be performed. Please see files below that are related to XP Home Security 2011 Virus. 4. Registry entries created by XP Home Security 2011 must also be remove from the Windows system. Please refer below for entries associated to the rogue program. [how to edit registry] 5. Exit registry editor. 6. Get rid of XP Home Security 2011 start-up entry by going to Start > Run, type msconfig on the Open dialog box. A windows containing System Configuration Utility will be launched. Go to Startup tab and uncheck the following Start-up item(s): (random characters).exe 7. Click Apply and restart the computer.

XP Home Security 2011 Removal Tool: In order to completely remove the threat from a computer, it is best to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected computer. Using Portable SuperAntiSpyware: To thoroughly clean a computer, it is best to do a separate scan of another security program so that other infected files not detected by anti-virus application can be remove as well. Download and runSuperAntiSpyware Portable Scanner.

Technical Details and Additional Information:

Malicious Files Added by XP Home Security 2011: c:\[random].exe c:\Program Files\XP Home Security 2011 c:\Program Files\XP Home Security 2011\HS2011.exe c:\WINDOWS\system32\[random].exe c:\WINDOWS\system32\winhelper86.dll c:\WINDOWS\system32\winlogon86.exe c:\WINDOWS\system32\winupdate86.exe XP Home Security 2011 Registry Entries: Vista Security 2011 Registry Entries: HKEY_CURRENT_USER\Software\HS2011 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run XP Home Security 2011 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run winupdate86.exe

Change Log and Updates:

How to Remove XP Home Security 2011 - Discussion

On this page is our suggested (by precisesecurity) removal procedure and Visitor's own suggestion. We cannot control and evaluate each suggested procedure so please use it at your own risks. If no suggestion is present to remove virus, spyware, adware and malware, you may try the following: - Scan XP Home Security 2011 with MalwareByte's Anti-Malware - Remove XP Home Security 2011 with Standard Virus Scan

Email

Print This Post

Related posts:
1. Vista Security 2011 Vista Security 2011 will pretend to be... 2. PC Security 2011 PC Security 2011 is a misleading computer... 3. Win 7 Internet Security 2011 Win 7 Internet Security 2011 is considered... 4. Personal Internet Security 2011 Personal Internet Security 2011 is categorized as... 134 Comments 1}
tinpin2010 said:
I was able to remove this virus by entering the code 1147-175591-6550 using manual registration. Then I remove it from the system. Also I run a anti-virus and anti-malware that detected a number of infected files. I removed them all. Hope this helps.

lick Start->Run or press WinKey+R. Type in "command" and press Enter key. 2. In the command prompt window type "notepad" and press Enter key. Notepad will come up. 3. Copy all the text given on this page http://justpaste.it/9x2 and paste to Notepad. 4. Save file as fix.reg to your Desktop. NOTE: (Save as type: All files) 5. Double-click on the fix.reg file to run it. Click "Yes" for Registry Editor prompt window. Then click OK. 6. Download free anti-malware software from the list below and run a full system scan. * MalwareBytes Anti-malware * SUPERAntispyware * Spybot S&D * Hitman Pro 3.5 Don't forget to update the installed program before scanning. Detailed removal guide: http://deletemalware.blogspot.com/2010/1 Alternate removal guide: http://www.bleepingcomputer.com/virus-re

180030008282