• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools
Home › Malware removal › Rogue Anti Spyware › How to remove Vista Antispyware 2011 virus/malware

How to remove Vista Antispyware 2011 virus/malware

Myantispyware team November 17, 2010     114 Comments    

Vista Antispyware 2011 is a rogue antispyware program, clone of Vista Antispyware 2010. The program reports false infections, displays numerous fake security alerts and blocks legitimate Windows applications from running in order to scare you into thinking your computer in danger. It hopes that you will next purchase its full version. So, do not trust anything that this malware will display you and remove Vista Antispyware 2011 from your system as soon as possible. Read below what you’ll want to know though is what does this malware do and how to remove the rogue from your computer for free.

Like other rogues, Vista Antispyware 2011 is installed via trojans without your permission and knowledge. During installation, the program will register itself in the Windows registry to run automatically every time when you start an application (files with “exe” extension). The rogue also uses this method of running to block the ability to run any programs, including security applications.

Once running, Vista Antispyware 2011 will perform a system scan and detect a lot of infections. Then it will ask you to pay for a full version of the program to remove these infections. Of course, all of these infections are a fake. This malware want to scare you into thinking that your computer is infected with malicious software. Thus do not trust the scan results, simply ignore them!

While Vista Antispyware 2011 is running, it will display numerous fake security alerts. Some of the alerts are:

System danger!
Your system is in danger. Privacy threats detected.
Spyware, keyloggers or Trojans may be working in the
background right now. Perform an in-depth scan and removal
now, click here.

Attention: DANGER!
ALERT! System scan for spyware, adware, trojans and viruses is complete.
Vista Antispyware 2011 detected 29 critical system objects.

Last but not least, Vista Antispyware 2011 will hijack Internet Explorer and Firefox, so it will display a fake warning page instead a site that you want to visit. The fake warning is:

Vista Antispyware 2011 ALERT
Internet Explorer alert. Visiting this site may pose a security threat to your system

Of course, all of these messages, warnings and alerts are a fake and supposed to scare you into thinking your computer in danger! Just like false scan results, ignore all of them!

As you can see, Vista Antispyware 2011 is a scam which created with one purpose to scare you into thinking that your computer in danger as method to trick you into purchasing the full version of the program. If your computer is infected with this malware, then most importantly, do not purchase it! Uninstall the rogue from your PC as soon as possible. Use the removal guide below to remove Vista Antispyware 2011 and any associated malware from your computer for free.

More screen shoots of Vista Antispyware 2011




Use the following instructions to remove Vista Antispyware 2011 (Uninstall instructions)

Step 1. Repair “running of .exe files”.

Method 1

Click Start. Type in Search field command and press Enter. It will open the command prompt. Type into it notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\pezfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.

Method 2

Click Start. Type in Search field command and press Enter. It will open the command prompt. Type into it notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.

[Version]
Signature="$Chicago$"
Provider=www.myantispyware.com

[DefaultInstall]
DelReg=regsec
AddReg=regsec1

[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\pezfile
HKCR, .exe\shell\open\command

[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"

Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
Right click to fix.inf and select Install. Reboot your computer.
Note: if Vista returns error message “Installation failed”, then you need disable UAC control. Click Start, Control Panel, User accounting, Click “Turn User Account Control on or off”. Uncheck “Use User Account Control (UAC)” and click OK. Now try install fix.inf once again.

Step 2. Remove Vista Antispyware 2011 associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.

MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.

As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.

malwarebytes-antimalware1
Malwarebytes Anti-Malware Window

Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for Vista Antispyware 2011 infection. This procedure can take some time, so please be patient.

When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.


Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Vista Antispyware 2011. MalwareBytes Anti-malware will now remove all of associated Vista Antispyware 2011 files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.

Vista Antispyware 2011 creates the following files and folders

%AppData%\pw.exe

Vista Antispyware 2011 creates the following registry keys and values

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CURRENT_USER\Software\Classes\pezfile\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\pezfile\shell
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “pezfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | IsolatedCommand = “”%1″ %*”

Malware removal Rogue Anti Spyware

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

114 Comments

  1. ♥
    ― November 23, 2010 - 12:23 am  Reply

    This truly saved me, I did this and as of now the vista antispyware thing has not shown up…but i’m keeping my fingers crossed that hopefully it won’t come up again…hopefully this fix keeps on working. Thank you so much 🙂

  2. Daz
    ― November 26, 2010 - 7:11 am  Reply

    Just used Method 1. BRILLIANT. Saved my old man’s computer!

  3. F12
    ― February 19, 2011 - 6:36 am  Reply

    THANK YOU – THANK YOU – THANK YOU!!

    You saved me a trip to the computer shop. Worked exactly as you said it would. 🙂

  4. Toby
    ― February 20, 2011 - 3:47 am  Reply

    Thanks, worked like charm and MBAM found another 3 malware that wasn´t bugging me but harvesting info silently.

    Regards
    /Toby

  5. Jay
    ― February 22, 2011 - 6:44 am  Reply

    Thank you very much for this nice and easy to use guide. It was a big help for me!

  6. Randy
    ― March 2, 2011 - 11:29 am  Reply

    Thank you so much…worked great and was easy (I used method one)

  7. ksarah
    ― March 5, 2011 - 2:26 am  Reply

    it worked,i’m no longer being harrassed by the virus. i’m able to open internet explorer, itunes, ect. but for some reason when i did the scan using Malwarebyte it says no viruses were found. anyone experience anything similar?

  8. Patricia
    ― March 6, 2011 - 2:19 am  Reply

    This really helped me. Thanks so much! 🙂

  9. David
    ― March 6, 2011 - 6:53 pm  Reply

    I ran the Fix.Reg and re booted.

    Upon boot up there was no sign of the Vista Antispyware virus however I could not download Malwarebytes because I could not get online. Somehow in running fix.reg and rebooting ive lots the ability for IE to connect.

    Hugely frustrating because if I can get online I think i will kill this thing for sure

  10. Jon Maakestad
    ― March 7, 2011 - 8:27 am  Reply

    Method 1 didn’t work. Error message came up when I doubleclicked.

    Method 2 didn’t work either. Another error message.

    Can’t download Malwarebytes because I can’t get on the internet.

  11. Ken
    ― March 7, 2011 - 4:04 pm  Reply

    Thanks 4 the help. Method 1 worked great. Was able to regain access to Internet & download malwarebytes anti-malware. Was trying to fix a lady friend’s laptop. Running full scan now.

    Will update/change all of her anti-virus software, and firewall.

    BIG Thanks to all!

  12. Patrik (Myantispyware admin)
    ― March 8, 2011 - 10:09 am  Reply

    Ksarah, try update Malwarebytes and perform a fresh scan.

  13. Patrik (Myantispyware admin)
    ― March 8, 2011 - 10:41 am  Reply

    David, click Start, Run, type in search field: regedit and press Enter.
    Registry editor opens.
    Navigate in the left panel to HKEY_LOCAL_MACHINE \ SOFTWARE \ Clients \ StartMenuInternet \ IEXPLORE.EXE \ shell \ open \ command

    I the right part of window click twice to “@”. You will see a screen with the contents like below: “C:\Documents and Settings\user\Local Settings\Application Data\fda.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
    Remove left part, leave only “C:\Program Files\Internet Explorer\iexplore.exe”.

    Repeat the previous steps for Firefox, HKEY_LOCAL_MACHINE \ SOFTWARE \ Clients \ StartMenuInternet \ FIREFOX.EXE

  14. Relieved
    ― March 10, 2011 - 1:22 am  Reply

    Thank you thank you thank you! This totally worked (option 2). I am so glad I was able to remove this myself thanks to your guidance. 🙂

  15. Prasad
    ― March 11, 2011 - 3:59 am  Reply

    Had to go to safe mode and manually type the entiries in Method 1 to notepad (the browser didn’t work). Then executed the registry file and it did the trick. Thank you very much.

  16. Rob
    ― March 11, 2011 - 2:50 pm  Reply

    Did method 1 and it worked, does this fix it properly then? So the Vista Anti Virus is no longer there at all? Or is there more that needs to be done? Thanks, Rob.

  17. Lanny
    ― March 11, 2011 - 11:29 pm  Reply

    Hey this is great. I used all three methods just in case, it worked!

    Thanks for the post man!

  18. Patrik (Myantispyware admin)
    ― March 12, 2011 - 9:21 am  Reply

    Jon, have you tried to disable UAC control ?

  19. Ewan
    ― March 13, 2011 - 5:02 pm  Reply

    Many, many thanks! Method 1 worked for me. Performing full scan now. Will keep a note of this website for the future just in case. Excellent!

  20. friend
    ― March 15, 2011 - 3:11 am  Reply

    Thnak You very much. This was a lifesaver. ‘Right click’ ‘Add to favorites’

  21. Rene
    ― March 15, 2011 - 10:12 am  Reply

    Thanks Patrik – step one worked to an extent, and I installed Malwarebytes as Administrator in the end, as VAS2011 would kill any attempt to do so otherwise. I just applied your Registry fix from March 8, and that’s got IE working from the start menu again.

    Well done, and thank you for the help.

  22. Kay
    ― March 16, 2011 - 10:02 am  Reply

    Thank You so much!! It worked perfectly!

  23. amanda
    ― March 18, 2011 - 2:08 am  Reply

    Thank you!!!! I have a love hate relationship with my computer, and I’m pretty sure you just saved it from being thrown out the window out of frustration! Seriously though, I love you! Thanks soooo much for this, your truly a life saver!

  24. Jess
    ― March 18, 2011 - 5:52 pm  Reply

    When I tried method one, to confirm, it says it cannot import and is not a registry script. What am I doing wrong? I’m sure it’s something small and silly.

    Thank you, hopefully I can get this fixed, but if it has to wait until monday (computer shop) will it still be okay if off?

  25. jim
    ― March 21, 2011 - 8:26 pm  Reply

    worked great, it was so easy i just did 1 and 2, rebooted and ran malwarebytes.
    TIP, put both files on a thumb drive from a working pc, the just plug and play!

    Great job with this fix.
    Jim

  26. Rikke
    ― March 23, 2011 - 2:32 pm  Reply

    Thank you so much!

  27. futureUSAFwife
    ― March 24, 2011 - 3:07 pm  Reply

    This might have just saved my parents computer. It has not popped up yet. Does that mean it’s gone? Thanks.

  28. Hannah
    ― March 27, 2011 - 9:36 am  Reply

    Omg this actually works (option 1) thank you so much! The guide was so easy to follow and it works the vista virus 2011 thing has not popped up since. I’m so pleased that I fixed this myself rather than my dad telling me off when he has to fix it

  29. Heather
    ― March 28, 2011 - 9:47 pm  Reply

    Brilliant, thanks a mil, method 1 worked

  30. Joe
    ― March 29, 2011 - 5:24 pm  Reply

    Thanks worked fine

1 2 3 4 Next »

Leave a Reply to Nick Sr. Cancel reply




New Guides

Look Who Died Scam Facebook Message
Look Who Died in an Accident Scam On Facebook Messenger and TikTok
Yourcoolwords.com Click Allow Scam
Yourcoolwords.com Virus Removal Guide
Adventureorganic.com Click Allow Scam
Adventureorganic.com Virus Removal Guide
retellrule.com website
Retellrule.com Review: A Scam or Legit Online Store?
Search-Alpha.com
Search-Alpha.com redirect (Virus removal guide)

Follow Us

Search

Useful Guides

How to reset Internet Explorer settings to default
How to reset Google Chrome settings to default
remove chrome extension
How to remove Chrome extensions installed by enterprise policy
Tech Support Scam
Remove Tech Support Scam pop-up virus [Microsoft & Apple Scam]
Best free malware removal tools
Best Free Malware Removal Tools 2023

Recent Posts

How to remove ScanDisk and Scan Disk (Uninstall instructions)
How to remove Ultra Defragger (Uninstall instructions)
How to remove XP Antimalware 2011
How to remove XP Guard virus
How to remove XP Antispyware 2011 virus

MYANTISPYWARE.COM

  • About Us
  • Contact Us
  • Privacy Policy

NEED A HELP ?

If you're seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Links

  • Downloads
  • Instructions
  • Questions and Answers
  • Free Malware Removal Tools
Copyright © 2004 - 2023 MASW - Myantispyware.com.