Vista Security 2011

Remove Vista Security 2011 virus by following the guide on this post. Download essential tools and removers to eliminate User Protection from an infected computer.

Vista Security 2011 appears to be a reputable program for Windows. This virus intentionally incorporates the name Vista to appear as useful software and part of operating system. Unknown to many users, Vista Security 2011 targets PC running under the mentioned OS. In fact, the malware is part of a large family of rogue security software with primary objective of boarding the computer without warning. It detects operating system and gathers information such as OS version, hardware and software details. Thus, it installs the version based on these data. Loading itself cleverly as XP Security 2011 on XP machine and Win 7 Security 2011 on Windows 7 system makes it a considerable software.

In general, Vista Security 2011 can enter the computer in deceptive means. Fake online virus scanner is utilized to plant the unwanted software on victims PC. Another carrier of Vista Security 2011 virus is explicit multimedia web sites that prompt visitors to download video player consisting of malicious code. Once, the harmful program enters the device, wide ranges of modifications are implemented. Internet browser homepage is hijacked and redirected to other fake security web sites. Windows registry will be altered allowing Vista Security 2011 to run by itself.

Its presence on the system can cause hassle including frequent display of forged local virus scan results and barrage of pop-up alerts and task bar warning messages. Overall, this potentially unwanted tool repeatedly appears on desktop trying to promote the acquisition of the licensed version of Vista Security 2011.

The only solution we can recommend to stop these errors is to start running an entirely valuable anti-malware product. See the complete procedures below to eradicate Vista Security 2011 at once.

Screenshot Image of Vista Security 2011:

Image of Vista Security 2011

Technical Details and Additional Information:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

How to Remove Vista Security 2011

Systematic procedures to get rid of the threat are presented on this section. Make sure to scan the computer with suggested tools and scanners.

Step 1 : Activating Vista Security 2011

The malware will block running of any programs. It also prevents access to Internet particularly anti-virus web sites. Execution of Windows tools like Task Manager, Registry Editor and Control Panel is similarly block by the rogue program. Activating the program using the registration key below will regain access to the mentioned services.

Once activated, downloading of necessary program to scan and remove Vista Security 2011 is now possible. Use the registration code below. If it prompts for email address, you can input any email address.

REGISTRATION CODE: 1147-175591-6550

Step 2 : Scan the computer with recommended removal tool

1. First thing you should do is reboot the computer in Safe Mode with Networking to avoid Vista Security 2011 from loading at start-up.

NOTE: You will need to PRINT or BOOKMARK this procedure, as we have to restart the computer during the removal process.

Remove all media such as Memory Card, cd, dvd, and USB devices. Then, restart the computer and please do the following:

Boot in Safe Mode on Windows XP, Windows Vista, and Windows 7 system
a) Before Windows begins to load, press F8 on your keyboard.
b) It will display the Advanced Boot Options menu. Select Safe Mode.

Start computer in Safe Mode using Windows 8 and Windows 10
a) Close any running programs on your computer.
b) Get ready to Start Windows. On your keyboard, Press and Hold Shift key and then, click on Restart button.
c) It will prompt you with options, please click on Troubleshoot icon.
d) Under Troubleshoot window, select Advanced Options.
e) On next window, click on Startup Settings icon.
f) Lastly, click on Restart button on subsequent window.
g) When Windows restarts, present startup options with numbers 1 - 9. Select "Enable Safe Mode with Networking" or number 5.

Startup Options

h) Windows will now boot on Safe Mode with Networking. Proceed with virus scan as the next step.

2. Download the Removal Tool and save it on your Desktop or any location on your PC.

Download Tool

3. When finished downloading, locate and double-click on the file to install the application. Windows' User Account Control will prompt at this point, please click Yes to continue installing the program.

4. Follow the prompts and install with default configuration.

5. Click Finish after successful installation. Program will run automatically and you will be prompted to download software updates. Please download needed update.

6. When finished updating, the tool will run. Click on Scan tab from Top Menu of main screen. Then, choose Threat Scan (Recommended) to check your computer thoroughly.


7. Click on Start Scan to begin. Scanning may take a while. When done, this tool will display lists of identified threats.

MBAM Scan Finish

8. Make sure that all detected threats are checked, click on Remove Selected. This will delete all files and registry entries that belongs to Vista Security 2011.

9. Finally, click Finish and restart your computer.

Note: If Vista Security 2011 prevents mbam-setup.exe from downloading. Download the software from another computer. Renaming it to something like 'anything.exe' can help elude the malware.

Step 3 : Ensure that no more files of Vista Security 2011 are left inside the computer

1. Click on the button below to download Norton Power Eraser from official web site. Save it to your desktop or any location of your choice.

NPE Download

2. After downloading, navigate its location and double-click on the NPE.exe file to launch the program.

3. Norton Power Eraser will run. If it prompts for End User License Agreement, please click on Accept to proceed.

4. On NPE main window, click on Advanced Options. We will attempt to remove "Vista Security 2011" by thoroughly scanning your current operating system.

Advance Scan

5. On next window, select System Scan and click on Scan now to perform standard scan on your computer.

Scan the System

6. NPE will proceed with the scan. It will search for Trojans, viruses, and malware like Vista Security 2011. This may take some time, depending on the number of files currently stored on the computer.

7. When scan is complete. All detected risks are listed. Click on Fix Now to remove Vista Security 2011 and other known threats. Then, restart Windows if necessary.

Step 4 : Remove the Rootkit Trojan that installs Vista Security 2011

Rootkit Remover is a stand-alone utility developed by McAfee. It can be used to detect and remove rootkit Trojan that is associated with Vista Security 2011. This tool can detect rootkit that is part of ZeroAccess, Necurs, and TDSS family.

1. Download Rootkit Remover and save it to your desktop or any accessible location. Click the button below to begin the download.

click to download

2. Locate the file rootkitremover.exe and double-click to run the program.

3. When User Account Control prompts if you want to allow the program to make changes on the computer, please click Yes.

Rootkit Remover Scan

4. Rootkit Remover instantly scans the computer and look for presence of Trojans, viruses, and rootkit that is related to Vista Security 2011 .

5. Once it finishes scanning the computer, the tool will require you to restart Windows.

Alternative Removal Procedures for Vista Security 2011

Use Windows System Restore to return Windows to previous state

During an infection, Vista Security 2011 drops various files and registry entries. The threat intentionally hides system files by setting options in the registry. With these rigid changes, the best solution is to return Windows to previous working state is through System Restore.

To verify if System Restore is active on your computer, please follow the instructions below to access this feature.

Access System Restore on Windows XP, Windows Vista, and Windows 7

a) Go to Start Menu, then under 'Run' or 'Search Program and Files field, type rstrui.
b) Then, press Enter on the keyboard to open System Restore Settings.


c) Windows will display list of saved restore points. Select the most recent one to restore Windows to previous working and clean state.
d) It may take some time to fully restore back-up files. Restart Windows when done.

Open System Restore on Windows 8 and Windows 10

a) For Windows 8 user, go to Start Search, while on Windows 10, use the Start Menu Search and type rstrui.
b) Click on the located program to open System Restore window.


c) Windows will display list of saved restore points if it is active. Select the most recent one to restore Windows to previous working and clean state.
d) It may take a while to fully restore back-up files. Restart Windows when done.

If previous restore point is saved, you may proceed with Windows System Restore.

Option 2 : Vista Security 2011 manual uninstall guide

IMPORTANT! Manual removal of Vista Security 2011 requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to Vista Security 2011.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for Vista Security 2011 files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section.
- Close registry editor. Changes made will be saved automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
- Thoroughly scan the computer with your updated antivirus software.

4. Delete all files dropped by Vista Security 2011.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Associated Files and Folders:
File Location for Windows Versions:
  • %AllUserProfile% for Vista/7 user is C:\ProgramData while for Windows XP/2000 this is C:\Documents and Settings\All Users\
  • %AppData% for Vista/7 refers to C:\Users\<Current User>\AppData\Roaming, while for Windows XP/2000 user it is C:\Documents and Settings\<Current User>\Application Data.
  • %Temp% refers to C:\Windows\Temp\.
Added Registry Entries:

Troubleshooting Guides

Did Vista Security 2011 blocks your Internet access?

It is usual that rogue program prevents user from downloading removal tools from the Internet. Thus, infected computer may be denied to access the Internet by making changes to computer's proxy, DNS, and Hosts file. To solve Internet connection problem, please see our guide in fixing a virus-blocked Internet access. Also, make sure that your Windows Host File is free from any malicious entries. View steps in cleaning Windows host file.

70 Responses

  1. barore says:

    I tried a ton of programs that claim to remove it but malwarebytes was the only one working! Scan takes almost 2 hours but is successful.

  2. Pierre Cyr says:

    Tried regedit after booting into safemode route but there’s nothing listed in any of the places we’re told to look. Virus prevents any website opening up or exe starting from disk or usb stick.

    The only thing that still works is email but no attachments allowed to open.

    This virus is much worse than it seems. Looks like Ill have to format buds puter.

  3. Bob duer says:

    I purchased vista security last week for my computer and it is no where to be found and my computer now cannot be used as viruses have attacked and I can not bring up.
    Bob Duer

  4. Scoob says:

    This nasty thing just hijacked my sons vista pc, thankfully I have a Windows 7 laptop and found this page. Its now looking like the pc wont boot up but if it takes me all year im killing this virus!!! I cant afford a new pc for the boy just because someone decided to be nasty and invent this thing.

  5. Scoob says:

    ran a system restore before finding this page and it seems to have solved the problem but still following steps listed to make sure its not there hidden

  6. adams says:

    once i go to teh regedit search and get inside it, theres no way i can delete the file the delete option is greyed out, any ideas?

  7. mohan says:

    hello adams vista security 2011 will be located in the temp,app,appilication data,or under program data folder u can check ur computer there will be 3 letters(random alphabets) files which will be having extension .exe trying searching that and remove that sice this virus will edit registry settings completly (you can check none of the virus removal tool will run they just crash)try a system restore to earlier point when ur system was working fine and again update ur antivirus and try scaning your system the best antivirus wat i recommend is kaspersky for any doudts try mailing ivapmohan at gmail com

  8. charles miller says:

    To remove vista security 2011 from your system do a system restore.
    it worked for me..

  9. JJ says:

    Use… It’s free and it works :D

  10. william says:

    Don’t go to JJ’s spam site, will probably just be more of this stuff.

  11. Joseph says:

    This thing just hijacked my comp out of nowhere tried system restore so far nothing, will try again and tha t doesnt work ill just have to buy anti virus software..

  12. majdave says:

    Bob Duer – Do NOT buy the Vista Security. The whole thing is a scam. My daughter got it on her computer, probably through a “download update to movieviewer now” pop-up. Luckily, we recognized it as a virus and did not buy anything. Could not open firefox, could not open regedit. Finally located it by using task manager and right-clicking on the program (came up as voc.exe). Downloaded MBAM onto an external drive using my computer and then hooked it up to her computer and ran the program. Took 3 hours, but it found all 25 infected areas and cleaned this nasty bug out of the system.

  13. majdave says:

    I would advise against trying the DIY modifications to your registry as it seems this virus takes on many different names. Just run a free anti-virus program like MBAM. Dave 256-313-4196 (work hours) if I can help.

  14. Shelbell says:

    This virus is trying to scare you into buying protection against viruses, identity theft, etc. DON’T DO IT. It only wants your credit card information and will offer no protection and only makes matters worse. What was suggested to me is to start your computer in safe mode and download Malwarebytes Anti-Malware. Once you download it, you will want to perform a full scan. This will take a while. Watch a movie. Once it’s done, go ahead and get rid of those bad files.
    Now I had a problem accessing the internet while the virus was on there, even in safe mode. On a separate computer, I downloaded spyware doctor from onto a disk. When I inserted it into the infected computer, I opened the file and ran it. (You may have to run in normal mode versus safe mode). I had tried a trial (free) version of spyware doctor but it didn’t allow for a full scan with the trial. I went to uninstall it and it prompted me to buy a promotional item (which I found something I wanted anyway – cheap) and it gave me an upgraded trial (vs. paying the $29.99) that allowed me to scan and get rid of the virus it found. Again, you would want to run a full scan and get rid of the nasty bugs.
    Good Luck with this beast!

  15. Jeremy says:

    first thing which helped me alot was Ccleaner run cleaner, then run the registry cleaner, restart your computer. Use your anti virus software I.E. I used Kaspersky on the infected comp, even the free trial version will work then run a full scan and wait til it pops up then DISINFECT =) and then your all set to go.

  16. kev says:

    This is how I removed vista security 2011 the task manager.

    2. find the 3letter processes with the same description
    (e.g bwr.exe or tbb.exe processes name with bwr or tbb description)

    3. right click the process and click open file location

    4. it will transfer you to app.application etc. folder

    5. click organize, click folder and search option

    6. click view tab, click show hidden files and folders

    then uncheck hide extensions for known file types
    and hide protected operating system files (recommended)

    7. now you will see bwr.exe (or whatever 3letter virus.exe)

    8. go to the task manager, right click the 3letter virus and click
    end process.

    9. go back to the foler that has bwr.exe file.(#4 above)

    10. click the bwr.exe one time and shift+d (which will erase
    this virus permanently)

    good luck

  17. kev says:

    oh forgot to mention..

    after you erase virus, don’t forget to do the reverse

    (folder-organize-foler and search option)

    click do not show hidden files and folders

    click hide extensions for known file types
    click hide protected operating system

  18. nick 2006 says:

    When ‘vista security 2011’ appears , do not close it. Press ctrl,alt,delete to open task manager window. on applications tab , right click on’vista security 2011’ . on drop down list , select ‘go to process’ it should then automatically open the process window and the offending file should already be highlighted. Select end process.

  19. Yekkiw says:

    Oh man kev. thanks alot. really helped.

  20. Lee says:

    Thanks kev

  21. sunflower says:

    We had the virus.. and got rid of it.. but now can not locate ANY of our photos, music, documents.. anything at all. Is it gone? or just hidden?? any help would be appreciated!!

  22. Harris says:

    Help required here : Already done system restore but upon reboot, the trojan/virus surface again. unable to run MBAM to clear this virus. Keeping me out of internet. Really sickening. What else must i do ?

  23. Harris says:

    Even in safe mode this vista security virus can pop up

  24. Lori says:

    Kev, I owe you one, really. This was a royal B#itch to get rid of, but it got through the first time I tried your method.
    I want to make one update, everyone:
    If the Virus is “open” when you try to delete this, it will have a window that pops up and says “you need permission to continue” or something along those lines. When that happens, follow Nick’s advice, and end the process, then you should delete it no problem.
    Just remember to go to your recycle bin and be extra sure it’s gone for good.

  25. Z says:

    Kevins method worked first try for me

  26. Mike says:

    Easiest way to be rid of the virus (worked for me on my computer and my Daughters)

    1. Close down computer
    2. When booting the computer hit the F8 key to enter safe mode
    3. Choose the option safe mode with command prompt
    4. Once the computer boots enter rstrui.exe as a command
    5. This will start system restore. Choose a restore date before the virus.
    6. Let windows run its magic
    7. Hopefully back to nomral operations.

  27. elee says:

    system restore worked for me. all documents and programs and internet working ok

  28. Anne says:

    Thanks a lot Kev <3 <3 <3 btw Mike n everyonw, what if I lost my restore system?

  29. Mike says:

    Anne…I am not sure what you mean but not everyone has the system restore function turned on so that may be your case. Use the Kev method instead. You could always try the restore after by clicking the windows open programs icon and typing system restore in the command/start search box.

  30. marcelsnews says:

    Oh thank Kev your solution perfectly works.

    I did what you said and it works well. I think i’ve uninstall it successfully.
    But Now it seems as my registry files have been damaged. I can not longer run any pre-installed program.

    I’m running a ‘CHKDSK’ cmd. I don’t really know a way to repair damaged files. In fact, the computer doesn’t have any backup or restore point :-(.


  31. abbey says:

    Kev thankyou so much! One in a million you are, truly amazing. My dad woulda’ bashed me up black n blue had he caught the virus running amuck on the comp, I owe ya.

  32. Brittany says:

    I followed Kevin’s steps & now the virus is gone, but I can’t open internet explorer. It’s asking me what program I want to use toopen it & then when I try to run it that doesn’t work

  33. Sue says:

    how do you get you money back? what is a phone number to call

  34. Kefke says:

    did like kev said but have the same problems as marcelnews
    if i now try to open like iexplorer it won’t work
    all other shortcuts won’t work
    does anyone know how i can fix this?
    i can’t open word for example in my startup but it luckely will open a saved file in my documents.

  35. f this virus says:

    Kev forgot to mention the little “i cant open anything after deleting this” part.
    Go get the file exefix from here:
    If you cant access the internet, go somewhere where you can and put the file on a usb disk or something. Put it on your desktop, and open it. It is not an .exe so it’ll open.

    It worked perfect for me!

  36. SoUpset says:

    So it looks like we all may have got played into screwing up our cpu’s even furthere after taking keg’s advice…has anyone heard or figured out what to do now that NOTHING on the CPU will work after this method in deleting the virus?

  37. sharon says:

    first you stop the thing from running with ctrl, alt & del, and then turn off your computer as you would normally.

    Open it again, except this time press f8 until you hear a couple of beeps.

    select “open windows in safe mode with internet”

    at some point, a box should open and ask if you want to use “system restore” select “yes” it will then open a box with dates in the past week. choose a date for the system to be restored to, a few days prior to the malware.

    then just let the system fix itself.

    after that, go straight to AVG and download their free malware removal program and run that.

    Problem solved!

  38. izequiele says:

    Thanks a lot big Kev
    I owe you a pint

  39. SoUpset says:

    Well I apologize to kev, I’m just frustrated but sharron what if ur system restore has been stopped by the virus already? I have deleted the virus like keV recommended but now my system restore won’t work my purchased version of mcafee won’t run a scan…NOTHING opens anymore…it always opens a box asking what program to open the file with!!!! Someone please HELP!!!!

  40. Bevo says:

    I hit this problem & have no idea how it came in as I am usually very careful about rougue programs.
    I run MS Security Essentials & this did not interecept it.
    As I had no idea what this was and could no longer access the Internet as the fake web site & warning etc. kept coming up from the ‘MS shield’ logo, I removed MS Security Essentials (mistakenly thinking it may be related to this) & installed Norton, ran a full scan & removed any files. This however had no effect.
    As I also have a Laptop which is OK and can access the Internet & can see that this describes exactly my problem, so am now trying to restore my PC to an earlier time & hope this will work.
    Fingers crossed as this problem is a real shocker!

  41. Ughhh says:

    @ SoUpset,

    follow fthisvirus’ advice:

    “Kev forgot to mention the little “i cant open anything after deleting this” part.
    Go get the file exefix from here:
    If you cant access the internet, go somewhere where you can and put the file on a usb disk or something. Put it on your desktop, and open it. It is not an .exe so it’ll open.

    It worked perfect for me!”

  42. chap says:

    to open system restore or other exe after deleting virus, right click n run as administrator

  43. MommaBear says:

    Well, I have been trying all night to get rid of this darn thing but my laptop keeps turning off as soon as I start making any head way!! As soon as I can get it to stay running for more than 2 seconds…I will try KEV’s mwthod to this maddness and let ya’ll know.


  44. Abinadi says:

    well i didn’t know it was a virus threat and i accidentally installed it i tried all the steps but nothing how can i get rid of it now that its on my computer?

  45. Abinadi says:

    i have two accounts one name adinisrator and the other one that is for everybody but the one that is accesible to everyone is infeced with the virus how can i fix that?

  46. MC says:

    I think I deleted the virus using malwarebytes. The problem is I try to do a system restore after and it says it won’t work. Also, when restarting windows defender automatically comes up with an error.

  47. MC says:

    any ideas? it deleted 8 items, is that the correct amount?

  48. Strikethrough says:

    This won’t effectively remove the virus, but it will let you brose your Internet while infected. YES! With any Browser.

    Just go to “My Computer”, then on the address bar, type in “”, or “, or any other website. Too good to be true? Nope. Try it, it actually circumvents the activation of the virus. You are not activating mozilla directly or any other browser directly.

  49. msal says:

    I tried the kev method and it looks like I erased the virus but just like everyone here I couldnt open programs. I loaded the EXE fix from a usb drive and so far so good. Im now able to get on line but Im still skeptical.Im going to run some anivirus software a few time just to maker sure its gone.

  50. Lia says:

    Yay !
    I got this virus today after trying to watch a film and after using kevs method and the link provided by ‘fthisvirus’ I managed to get rid of it and get my Internet working, just downloading the free AVG trial to do a quick check, took an hour and a half to sort out (plus research time on how to get rid of the buggar), but I’m just happy it’s gone!
    Thanks to everyone who helped and gave advice, hopefully there will be no more set backs…

  51. alex says:

    sooo i used kev’s method it worked except now i can’t find windows firewall? help! it’s saying application isn’t found?

  52. alex says:

    same goes for firefox!

  53. Broderick says:

    I have malwarebytes, but the virus wouldn’t let me open it to run the scan. I found the virus in task manager (it was uuv.exe for me) and closed it, but as soon as I tried to open malware the virus would reopen. I did a system restore and it appears to have worked (so far).

  54. Michelle says:

    I got this virus on Sunday and after a little research, found the following very helpful. I used RKILL to stop the virus process. The log file from RKILL showed me where file was located (it was in documents and settings\username\appdata\local) but I had to go into the folder options and uncheck “hide protected operating system files” in order to see the file. (file was named spk.exe) Once I did that, I was able to find the file and delete it. I then used Malwarebytes to scan the whole system, which took over 3 hours, but it found 4 issues and cleaned them all up.

  55. Adam says:

    Hi there,

    Just do SYSTEM RESTORE .. it will do the trick.

    Set system restore 1 day before ..

    I did it ..

    Good luck.

  56. Laura says:

    I have tried Kev method, however mine keeps blocking me on everything.

  57. smitty says:

    allmost fell for it but closed it, went back in “time” and all is good SYSTEM RESTORE ROCKS!!

  58. christine says:

    this thing has infected my daughters computer cannot do a restore as only comes up as other user and rejects her passwords and username cant get online and it wont let me install spydoctor in safe mode i think im going mad any help please

  59. Mike M says:

    Kev’s solution worked great. However as a backup and in addition I ran Malwarebytes too. Malwarebytes is exceptional at removing as this is not the first time this has happened to me

  60. Mou Lotti says:

    System restore worked for me too. Vista Security 2011 doesn’t allow you to run system restore, but you can do it on admin mode. Just right click system restore and choose ‘run as administrator’, then select to restore the day before (or more).

    Good luck.

  61. Sri says: the task manager.

    2. find the 3letter processes with the same description
    (e.g bwr.exe or tbb.exe processes name with bwr or tbb description)

    for me it was uei.exe.

    3. right click the process and click open file location

    4. it will transfer you to app.application etc. folder

    5. click organize, click folder and search option

    6. click view tab, click show hidden files and folders

    then uncheck hide extensions for known file types
    and hide protected operating system files (recommended)

    7. now you will see bwr.exe (or whatever 3letter virus.exe uei.exe)

    8. go to the task manager, right click the 3letter virus and click
    end process.

    9. go back to the foler that has bwr.exe file.(#4 above)

    10. click the bwr.exe one time and shift+d (which will erase
    this virus permanently)

    After this point the virus will be cleaned up.But none of the exe will work.everything will say open with the following program.
    at this point I restarted my system and while it was coming up I used f8 to go to safe mode and choose safe mode with commands.

    then I ran rsturi and selected a date before my system got affected.and it works fine.

    The reason I followed the above 8 steps is that sometimes when we restart with this virus it just din take chances.

  62. Sri says:

    Forgot to tell one more thing.If the exe files you are trying to run don’t work.Right click and run them as administrator.It will run.

    2)to restore your system to a point where it was before it was affected , as I told press f8 multiple times before the booting and choose safe mode with commands.once the command prompt appears

    c:\Windows\System32>rstrui.exe press enter

    it will prompt a screen to restore the system to a earlier point.

  63. GJ says:

    Thanx a lot Mike
    mike solved my problem with his clear instructions
    tahnx again.

  64. Gary says:

    I am a 54 yr old professional I need my pc up and running…5 words
    kev…you are a genius…

  65. Chilly8 says:

    This malware can spread through Flash ads as well. I was watching the Sharapova-Petkovic match via Meevos.TV the other day when the stream cut off and would not re-start. I suddenly found I had this “Vista Security 2011” malware, and figured out that I somehow got it through one of the Flash ads on Meevos. There are people out there using flash ads to spread malware, such as Vista Security 2011.

    Congress needs to pass a law making flash ads illegal. Malware can spread through Flash ads, as I found out the other dayu. therefore Congress should pass a law making flash ads illegal in video streams.

    Therefore I advocate that Congress pass a law banning flash advertising, and cut off one outlet for malware to spread.

  66. alex says:

    SOOOO there’s a new one except it’s “2012” is the removal the same!?? help!!!!!!!!!

  67. Late Nite Larry says:

    I received a customer’s laptop that was running Vista Premium 32-bit and it was infected with this Vista Security 2011 virus as a result of someone she loaned her PC to, installed a toolbar from filmfanatic while online shopping for movies. I speculated that this toolbar installed adware, which then nefariously ran a script that installed this Vista Security trojan.

    It is definitely a very deadly virus.

    I was able to remove the virus by running a program named UnhackMe in SafeMode; however, once the virus was removed my- customer’s PC was un-usable as no apps would actually execute or run.

    To remedy this, and what I should have done initially,I created a parallel user account with admin level privileges with her identical desktop environment and icons etc..,

    I then deleted her defective user account which had the infected registry/system files etc.., and vada ving vada voom her PC was like new.

    I then installed MSE and ran a full scan with the result being 0 infected files found. I then installed WOT for Internet Explorer and advised my customer to observe the WOT’s warnings about fraudulent sites and to proceed with caution in the future when browsing.

    This entire procedure took about an hour or so.

  68. Carl says:

    Use mikes method it works so well ! Would recommend! Just done it perfect thanks mike !

  69. Chris says:

    Kev, I LOVE YOU!!!!

  70. Big Austin says:

    Thanks Mike who posted on 19 April 2011 at 10:02 pm. Kev’s way works but not for those of us with Windows Vista. It’s restoring as I speak. Before I tried going to backup restore on the laptop and was blocked. For those who missed it, I copied and pasted Mike’s directions.

    Easiest way to be rid of the virus (worked for me on my computer and my Daughters)

    1. Close down computer
    2. When booting the computer hit the F8 key to enter safe mode
    3. Choose the option safe mode with command prompt
    4. Once the computer boots enter rstrui.exe as a command
    5. This will start system restore. Choose a restore date before the virus.
    6. Let windows run its magic
    7. Hopefully back to nomral operations.

Leave a Reply

Your email address will not be published. Required fields are marked *