Vista Total Security 2011

Vista Total Security 2011 is a rogue security product that uses random name and install itself on the computer without user’s permission. Vista Total Security 2011 is deliberately installed only on machines running given operating system. While Windows 7 and Windows XP is intended to acquire Win 7 Total Security 2011 and XP Total Security 2011 respectively. If any of these fake AV is installed on system, users will be bombarded with fake alerts and warning messages showing various threats detected. An advise to remove them is offered but only with the registered version of Vista Total Security 2011. This program is not for free, victims must shell-out a sum of money to upgrade it to a full version. Even with the paid version, viruses still remain on the computer because user is put on situation where rogue programs are marketed in deceitful way. No positive outcome will be obtained when buying rogue program such as Vista Total Security 2011.

As a matter of fact, Vista Total Security 2011 virus must be removed immediately from a computer before any further harm can be achieved. Heavily infected computer may experience browser redirection and Internet access blocking. All installed applications are also prevented from running. Security settings will be reduced by ending security-related process.
Taking out Vista Total Security 2011 from a compromised computer will not be an easy task. It did not provide any uninstall information for automatic removal. This rogue product can only be removed by using a trusted security application made available below. Make sure that database is updated before running a full scan on the compromised computer.

Vista Total Security 2011 Screen Shot:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Vista Total Security 2011 Removal Procedures

Manual Removal:
1. Stop Vista Total Security 2011 process by pressing Ctrl+Alt+Del. Windows Task Manager will open. Look for the following process:
(random characters).exe

2. Update your installed anti-virus program.

3. Run a full system scan and clean/delete all detected infected file(s). A manual removal of virus-related files should also be performed.

4. Edit Windows registry and delete Vista Total Security 2011 entries.
- For Windows 2000/XP: Go to Start > Run, type “regedit” on dialog box then press Enter on keyboard.
- For Windows Vista/7: Go to Start > Search Program and Files, type “regedit” and press Enter.

5. Exit registry editor.

6. Remove Vista Total Security 2011 start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. System Configuration Utility will open. Go to Startup tab and uncheck the following Startup item(s):
(random characters).exe

7. Click Apply and restart Windows.

Vista Total Security 2011 Removal Tool:
In order to completely remove the threat, click here to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected machine.

Scan with Portable Antivirus:
Most of the time, Trojan associated with a rogue program will disable Windows functionalities and prevent execution of any application including antivirus program locally installed. If this happens, you can try using a McAfee Portable Antivirus called Stinger. You can download it for free.

Technical Details and Additional Information:

Vista Total Security 2011 Files:
%AllUsersProfile%\[random] %AppData%\[random] %UserProfile%\Local Settings\Application Data\[random] %UserProfile%\Templates\[random] %Temp%\[random]

File Location for Windows Versions:

  • %AllUserProfile% for Vista/7 user is C:\ProgramData while for Windows XP/2000 this is C:\Documents and Settings\All Users\
  • %UserProfile% is C:\Users\<Current User> for Windows Vista/7, for Windows XP/2000 this is C:\Documents and Settings\<Current User>.
  • %AppData% for Vista/7 refers to C:\Users\<Current User>\AppData\Roaming, while for Windows XP/2000 user it is C:\Documents and Settings\<Current User>\Application Data.
  • %Temp% refers to C:\Windows\Temp\.

Vista Total Security 2011 Registry Entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”‘
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”‘
HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ‘exefile’
HKEY_CURRENT_USER\Software\Classes\.exe “Content Type” = ‘application/x-msdownload’
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = ‘%1′ = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “%1″ %*’
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “(Default)” = ‘”%1″ %*’
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’
HKEY_CURRENT_USER\Software\Classes\exefile “(Default)” = ‘Application’
HKEY_CURRENT_USER\Software\Classes\exefile “Content Type” = ‘application/x-msdownload’
HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon “(Default)” = ‘%1′
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “%1″ %*’
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “(Default)” = ‘”%1″ %*’
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “IsolatedCommand” – ‘”%1″ %*’
HKEY_CLASSES_ROOT\.exe\DefaultIcon “(Default)” = ‘%1′
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “%1″ %*’
HKEY_CLASSES_ROOT\.exe\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
HKEY_CLASSES_ROOT\.exe\shell\runas\command “(Default)” = ‘”%1″ %*’
HKEY_CLASSES_ROOT\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’
HKEY_CLASSES_ROOT\exefile “Content Type” = ‘application/x-msdownload’
HKEY_CLASSES_ROOT\exefile\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
HKEY_CLASSES_ROOT\exefile\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’
HKEY_CLASSES_ROOT\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\.exe” /START “%1″ %*’

Alternative Removal Method for Vista Total Security 2011

Option 1 : Use Windows System Restore to return Windows to previous state

If Vista Total Security 2011 enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Vista Total Security 2011 infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.