Vista Antivirus is another fake antivirus software which infects your system, shows fake warning that your system security level is low and demands money for protecting your computer from the fake infections. It sets up malicious proxy servers in Internet Explorer, so when you try to download a genuine security software it can block those sites. It alters settings in the Windows’ registry to automatically popup its own window whenever you try to run any program. You can remove ‘Vista Antivirus 2012’ from your system using the following instructions :
- Restart your computer in the Safe Mode with Networking. To do so, power on your computer and keep hitting F8 key until you see the Windows Advanced Options Menu. Use the up-down arrows keys on your keyboard to highlight Safe Mode with Networking and press Enter.
If your computer can only boot in the Normal mode and not in the Safe mode, then download winsafeboot.zip. Extract the contents to a folder and run the REG file corresponding to your Windows version. Click Yes when asked and restart your computer.
- After booting into the Safe Mode with Networking, follow the instructions on this page to restore EXE associations in Windows. Typically, you would download restore_exe_association.com and run it. You should also disable proxy servers in Internet Explorer by following instructions on this page. If you use Mozilla Firefox, then disable proxy servers using instructions on this page.
- Now open your Internet Explorer browser from the desktop shortcut, do not open it from the Start Menu. Then download Malwarebyte’s Anti-Malware from mbam-setup.exe. Rename mbam-setup.exe to mbam-setup.com. Double-click on mbam-setup.com to run the setup and install Malwarebytes’ Anti-Malware (MBAM) on your computer. Choose to update and launch when asked. The update would take some time in downloading the latest malware database from the MBAM servers.
- After the update is complete, the main window of the MBAM would open. Choose Perform quick scan and click on the Scan button as shown.
- The scan would run for some time. After the scan is complete you would see the ‘Vista Antivirus 2012’ infected items in the detected malware list. MBAM detects it as Trojan.ExeShell.Gen. The entries would be pre-selected for removal. Click on the Remove Selected to start the removal process.
- You would be asked to restart your computer for complete removal. Click on the Yes button to restart your computer.
This time start the computer in the Normal mode (just do not hit any F8 key). Upon restart the ‘Vista Antivirus 2012′ malware should be gone. You should also perform a complete scan using the Malwarebytes’ Anti-Malware and ESET Online Scanner to get rid of any other malware possibly infesting your computer.