XP Total Security 2011
XP Total Security 2011 Description
As another member of an expansive group of rogue security products, XP Total Security 2011 uses false positive infection errors and browser redirection strategies to get you to waste money on registering it. XP Total Security 2011 is completely lacking in worth as a security product and actually poses a significant danger to any system subjected to its presence. Be aware of potential infection routes for this rogue security product, and be ready to delete XP Total Security 2011 the very instant it raises its ugly head on your computer.
XP Total Security 2011′s Infection Methodology
XP Total Security 2011 uses a constantly shifting variation on its name and basic external appearance, attempting to look like a new program to different computers. Over a dozen different subtypes of this rogue scanner have been identified, most noticeably with name differences based on the system being infected. For example, if your computer runs Windows 7, you can expect XP Total Security 2011 to morph into Win 7 Total Security 2011 to infect you. The year in the title is also optional and may or may not occur in any given individual infection.
XP Total Security 2011 and its many cousins are spread through malicious websites, through trojans and even through legitimate but unguarded file-sharing sites. You should avoid downloads without verified trustworthiness is your best defense, along with keeping actual security scanners active and your browser settings tight.
What Happens When XP Total Security 2011 Gets In
Any computer unfortunate enough to get stuck with XP Total Security 2011 will find itself under attack from multiple directions:
- XP Total Security 2011 will use a proxy server to hijack your browser. This can alter search results or even block you from visiting websites by displaying erroneous danger alert messages. Websites you’re redirected to are practically guaranteed to install more malware or simply to exist with the intent of stealing your credit card information.
- XP Total Security 2011 will also prevent security software and other critical maintenance processes from running. The error message it uses as a cover for this may resemble the following, but isn’t limited to it:
XP Total Security 2011 Firewall Alert
XP Total Security 2011 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords. - False alerts are the defining attribute of XP Total Security 2011, and will pop up even if XP Total Security 2011 is the only infection actually on your computer. These fake errors are designed to be highly alarming, with threats of spyware, keyloggers, viruses and severe system problems. XP Total Security 2011 isn’t actually able to detect infections, and all files it points to with such alarm are quite harmless.
- The following files were created in the system:
# File Name 1 %AllUsersProfile%\t3e0ilfioi3684m2nt3ps2b6lru 2 %AppData%\Local\[3 RANDOM LETTERS].exe 3 %AppData%\Local\t3e0ilfioi3684m2nt3ps2b6lru 4 %AppData%\Roaming\Microsoft\Windows\Templates\t3e0ilfioi3684m2nt3ps2b6lru 5 %AppData%\t3e0ilfioi3684m2nt3ps2b6lru 6 %Temp%\t3e0ilfioi3684m2nt3ps2b6lru 7 %UserProfile%\AppData\Local\MSASCui.exe 8 %UserProfile%\AppData\Local\opRSK 9 %UserProfile%\AppData\Local\pw.exe 10 %UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe 11 %UserProfile%\Local Settings\Application Data\MSASCui.exe 12 %UserProfile%\Local Settings\Application Data\opRSK 13 %UserProfile%\Local Settings\Application Data\pw.exe 14 %UserProfile%\Templates\t3e0ilfioi3684m2nt3ps2b6lru - The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ‘exefile’HKEY_CURRENT_USER\Software\Classes\.exe “Content Type” = ‘application/x-msdownload’HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = ‘%1′ = ‘”%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe” /START “%1″ %*’HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “IsolatedCommand” = ‘”%1″ %*’HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “(Default)” = ‘”%1″ %*’HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’HKEY_CURRENT_USER\Software\Classes\exefile “(Default)” = ‘Application’HKEY_CURRENT_USER\Software\Classes\exefile “Content Type” = ‘application/x-msdownload’HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon “(Default)” = ‘%1′HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe” /START “%1″ %*’HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “IsolatedCommand” = ‘”%1″ %*’HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “(Default)” = ‘”%1″ %*’HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “IsolatedCommand” – ‘”%1″ %*’HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”‘HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode’HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”‘HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\.exe\DefaultIcon “(Default)” = ‘%1′HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe” /START “%1″ %*’HKEY_CLASSES_ROOT\.exe\shell\open\command “IsolatedCommand” = ‘”%1″ %*’HKEY_CLASSES_ROOT\.exe\shell\runas\command “(Default)” = ‘”%1″ %*’HKEY_CLASSES_ROOT\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’HKEY_CLASSES_ROOT\exefile “Content Type” = ‘application/x-msdownload’HKEY_CLASSES_ROOT\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[3 RANDOM LETTERS].exe” /START “%1″ %*’HKEY_CLASSES_ROOT\exefile\shell\open\command “IsolatedCommand” = ‘”%1″ %*’HKEY_CLASSES_ROOT\exefile\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’
Dealing with XP Total Security 2011 the Only Way You Can
Besides all its many threatening tactics, XP Total Security 2011 is also known to be difficult to delete, and may persist even after an anti-malware scan in Safe Mode.
XP Total Security 2011 Automatic Detection Tool (Recommended)
Is your PC infected with XP Total Security 2011? To safely & quickly detect XP Total Security 2011, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect XP Total Security 2011
What happens if XP Total Security 2011 does not let you open SpyHunter or blocks the Internet?
File System Modifications
Registry Modifications
Posted: February 19, 2011 | By SpywareRemove
MoreThreat Level: 10/10
(No Ratings Yet)
Loading ...Rate this article:
xp Total security 2011 wont let me install any windows updates, security, malware, spyware or your program either. it was tough getting on the web period, trying to open Mozilla Fire fox was not a option, nor was internet explorer, you need to track them down & remove any possible future birthdays for them
“gpe.exe”
i deleted all regs and file manualy
thanks