XP Home Security 2011
Known by many different names, XP Home Security 2011 is a rogue scanner that shows you deceitful infection alert and unsafe website error messages to con you out of your money. XP Home Security 2011 is a confirmed browser hijacker and has the ability to shut down necessary applications and remain active while in Safe Mode. Any infection warnings your computer displays while the XP Home Security 2011 malware is present should be viewed with heavy suspicion, and every effort should be made to delete XP Home Security 2011 before it can do lasting harm.
Immediate Threats Under a Friendly Face
As rogue security software, XP Home Security 2011 fakes the look and feel of real security programs while not actually performing any useful functions. While XP Home Security 2011 does create error messages and scan results that alert you to infections, all of these alerts are false. If you see any of the following messages or ones similar to them, consider your system infected and act appropriately.
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or trojans may be working the background right now. Perform an in-depth scan and removal now, click here.
Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
Attention: DANGER!
ALERT! System scan for spyware, adware, trojans and viruses is complete.
XP Home Security 2011 detected 35 critical system objects.
Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
A Rogue Scanner with a Multi-Pronged Attack Strategy
If these error pop-ups were the extent of XP Home Security 2011's damage, it would be a minor threat as far as rogue security products go. Sadly, XP Home Security 2011 is capable of much more:
- XP Home Security 2011 can disable programs under its own power, usually announcing it with the excuse of another fake infection alert:
XP Home Security 2011 Firewall Alert
XP Home Security 2011 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.This can disable all your actual security software, making the deletion of XP Home Security 2011 that much more difficult.
- XP Home Security 2011 can hijack your Internet Explorer, Firefox, or Chrome browser and force it towards malicious sites. XP Home Security 2011 may do this by redirecting your search results in search engines like Google, or XP Home Security 2011 may simply display another warning message on any site you're trying to navigate towards.
- This canny rogue security product may even run in Safe Mode, preventing you from having an easy way to shut down its process and delete XP Home Security 2011 permanently.
Because it takes over or disables central aspects of your computer and is a criminal tool for theft of money and identity information, XP Home Security 2011 should be considered a serious threat to remove through any methods available. XP Home Security 2011 also goes under many other names, distinguishable by the always-present inclusion of a Windows operating system preceding the main product name, and often but not always by the year 2011 as a suffix. Some variants of XP Home Security 2011 are also propagated through file-sharing sites as well as via trojans, so keep your eyes peeled for this threat! The key '1147-175591-6550' may make it less troublesome to delete XP Home Security 2011 or its variants in some cases.
File System Modifications
- The following files were created in the system:
# File Name 1 c:\[RANDOM CHARACTERS].exe 2 c:\Program Files\XP Home Security 2011 3 c:\Program Files\XP Home Security 2011\HS2011.exe 4 c:\WINDOWS\system32\[RANDOM CHARACTERS].exe 5 c:\WINDOWS\system32\winhelper86.dll 6 c:\WINDOWS\system32\winlogon86.exe 7 c:\WINDOWS\system32\winupdate86.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\HS2011HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "XP Home Security 2011"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "winupdate86.exe"
I was unable to stop winlogon.exe in the tak manager
I was unable to delete winlogon.exe running windows, windows safe mode, and windows command/safe mode.
My only alternative is to start up with a linux disk and delete it from there.
Any ideas?
HELP!!! My friends laptop got this and ive searched everything and it wont come up....i know its there beacuse it still had pop ups come up...what do i do?!
Help its happeneing too me and i dont know how too use this and gt rid of it all xxx