Vista AntiMalware 2011. How to remove? (Uninstall guide)

removal by Alice Woods - -   Also known as VistaAntiMalware2011 | Type: Rogue Antispyware
12

Vista AntiMalware 2011 is a rogue anti-spyware that makes itself comfortable just after getting on board. This dangerous program is capable to launch after every computer’s reboot and then starts malicious actions dedicated for ripping you off. You should know that Vista AntiMalware 2011 hails from a huge Fake antiviruses’ family that all change their names after the OS they find running on the infected machine. Additionally, every of these malwares installs pw.exe executable file and launches after every computer’s reboot to start money-stealing campaign.

Vista AntiMalware 2011 starts showing its malicious activity through fake system scanners, phony alerts and security notifications that all announce about numerous viruses detected. You may be tricked by those unexpected findings and scared into purchasing Vista AntiMalware 2011 because that’s how it usually offers to fix everything. Its alerts mostly read:

Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
Internet Explorer alert. Visiting this site may pose a security threat to your system!
Possible reasons include:
– Dangerous code found in this site’s pages which installed unwanted software into your system.
– Suspicious and potentially unsafe network activity detected.
– Spyware infections in your system
– Complaints from other users about this site.
– Port and system scans performed by the site being visited.

Things you can do:
– Get a copy of Vista AntiMalware 2011 to safeguard your PC while surfing the web (RECOMMENDED)
– Run a spyware, virus and malware scan
– Continue surfing without any security measures (DANGEROUS)

System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.

Vista AntiMalware 2011 will completely bombard you with all these messages until you won’t remove it with all its files. You should never agree with its continuous offers to purchase “licensed”, “full” or what ever it is called version and instead of that remove Vista AntiMalware 2011. Stop its executable when on safe mode with networking and rely on a reputable updated anti-spyware. Follow the additional removal instructions of Vista AntiMalware 2011:

To remove Vista Antimalware 2011 you will need another PC, as removing it from safe mode with networking will not work in most of the cases.

a) Burn these programs to CD or write them to USB disk. You can use your MP3 player, or smartphone if it has storage functions. This parasite does not spread through USB at the moment:

1. STOPzilla or an automatic removal tool below. Update STOPzilla and run a full system scan.

2.You might want to download Hitman Pro or Malwarebytes as alternate scanners. Though you are likely to be able to download them later on.

b) Boot normally. Wait for Vista AntiMalware 2011 to launch, and run exeregfix.reg . This should allow launching legitimate programs

c) Delete or remove the files that are mentioned in our files box. You can use STOPzilla to identify the infected files and additional infections or automatic Vista Antimalware 2011 removal tool. Do not forget update it before scanning. Remove what it finds.

d) Scan with STOPzilla and secondary tools and reboot your PC. This should fully get rid of Vista Antimalware 2011.

UPDATE!!! One of PC security bloggers, S!Ri, has announced about a serial code that may help you to disable those malwares like Vista Antimalware 2011 that change their names according to OS they find. Enter this serial code when doing registration: 1145-17884799-7733. This and the order number 21197673 should also work for earlier versions of this type of parasite.

After typing them, you should become able to use your anti-spyware, if it fails follow the guide written below. Be aware that these numbers are expected to change in the near future!

do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Vista AntiMalware 2011 you agree to our privacy policy and agreement of use.
Reimage is recommended to uninstall Vista AntiMalware 2011. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.
Alternate Software
Plumbytes Anti-Malware
We have tested Plumbytes Anti-Malware's efficiency in removing Vista AntiMalware 2011 (2010-11-16)
Malwarebytes Anti Malware
We have tested Malwarebytes Anti Malware's efficiency in removing Vista AntiMalware 2011 (2010-11-16)
Hitman Pro
We have tested Hitman Pro's efficiency in removing Vista AntiMalware 2011 (2010-11-16)
Webroot SecureAnywhere AntiVirus
We have tested Webroot SecureAnywhere AntiVirus's efficiency in removing Vista AntiMalware 2011 (2010-11-16)

Vista AntiMalware 2011 manual removal:

Kill processes:
pw.exe

MSASCui.exe

Delete registry values:
HKEY_CURRENT_USERSoftwareClassespezfile

HKEY_CLASSES_ROOTpezfile

HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*

HKEY_CURRENT_USERSoftwareClassespezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*

HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*

HKEY_CLASSES_ROOTpezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*

HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe"

HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe" -safe-mode

HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesInternet Exploreriexplore.exe"

HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = "1"

HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = "1"

Delete files:
%UserProfile%Local SettingsApplication DataopRSK

%UserProfile%Local SettingsApplication Datapw.exe

%UserProfile%Local SettingsApplication DataMSASCui.exe

%UserProfile%AppDataLocalopRSK

%UserProfile%AppDataLocalpw.exe

%UserProfile%AppDataLocalMSASCui.exe

About the author

Alice Woods
Alice Woods - Likes to teach users about virus prevention

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

More information about the author