Vista Antispyware 2011 is extremely unsafe because it is categorized as rogue anti-spyware. This scam originates from the same rogue anti-spyware family as the infamous XP Security 2011 and other threats from Security AntiMalware Guard group that have been noticed in the middle of November. Vista Antispyware 2011 is known to have been infecting computers running Windows Vista by posing to be legitimate anti-spyware. It implements its malicious tactics through the bogus online virus scanners and sneaky trojans that overcome computer’s defense without any permission.
Having infiltrated computer in this way, malware never stops. Just like its relative programs, Vista Antispyware 2011 drops its own files to detected the as malicious. It functions by displaying numerous security notifications and may also start redirecting your web browser to insecure websites also promoting Vista Antispyware 2011. Its alerts announce:
Additionally to these above mentioned symptoms, Vista Antispyware 2011 can be predicted to ask you to pay for its licensed version – foolishly said to be the only possible solution if you want to get rid of the problems detected. In fact, Vista Antispyware 2011 scanners are just invented things of the scam and are definitely untrustworthy. It’s highly recommended to remove Vista Antispyware 2011 virus before it will “remove” these problems found on your PC.
How to remove Vista Antispyware 2011:
To remove Vista Antispyware 2011 you will need another PC, as removing it from safe mode with networking will not work in most of the cases.
a) Burn these programs to CD or write them to USB disk. You can use your MP3 player, or smartphone if it has storage functions. This parasite does not spread through USB at the moment:
1. STOPzilla or an automatic removal tool below. Update STOPzilla and run a full system scan.
2.You might want to download Hitman Pro or Malwarebytes as alternate scanners. Though you are likely to be able to download them later on.
b) Boot normally. Wait for Vista Antispyware 2011 to launch, and run exeregfix.reg . This should allow launching legitimate programs
c) Delete or remove the files that are mentioned in our files box. You can use STOPzilla to identify the infected files and additional infections or automatic Vista Antispyware 2011 removal tool. Do not forget update it before scanning. Remove what it finds.
d) Scan with STOPzilla and secondary tools and reboot your PC. This should fully get rid of Vista Antispyware 2011.
UPDATE!!! One of PC security bloggers, S!Ri, has announced about a serial code that may help you to disable those malwares like Vista Antispyware 2011 that change their names according to OS they find. Enter this serial code when doing registration: 1145-17884799-7733. This and the order number 21197673 should also work for earlier versions of this type of parasite. After typing them, you should become able to use your anti-spyware, if it fails follow the guide written below. Be aware that these numbers are expected to change in the near future!
Vista Antispyware 2011 manual removal:
Delete registry values:
HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_CURRENT_USERSoftwareClassespezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_CLASSES_ROOTpezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe" -safe-mode
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesInternet Exploreriexplore.exe"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = "1"
%UserProfile%Local SettingsApplication DataopRSK
%UserProfile%Local SettingsApplication Datapw.exe
%UserProfile%Local SettingsApplication DataMSASCui.exe