Vista Antivirus 2013 Description
There has been a recent wave of attacks involving fake security programs with the '2013' string appended to the end of each fake security application's name. In fact, these are recently released versions of previous malware programs such as Vista Antivirus 2012, Vista Antivirus 2011 and Vista Antivirus 2010, all consisting in the same fake security program released with a new name and interface design each year. All versions of Vista Antivirus 2013 are considered malware and will cause disruptions in your computer as well as attempting to steal your money.
While most fake security programs carry out variants of what is essentially the same scam, one feature of Vista Antivirus 2013 sets it apart from other rogue security applications: Vista Antivirus 2013 can change its name and appearance depending on the victim's operating system. While Vista Antivirus 2013 is used to target computers with the Windows Vista operating system, computer users with the Windows XP or Windows 7 operating system will find that XP Antivirus 2013 and Win 7 Antivirus 2013 are installed on their computer respectively. Apart from this slight change to each program's name, Vista Antivirus 2013 and its clones are the same in all other aspects.
The Vista Antivirus 2013 scam is not particularly sophisticated. Basically, criminals will use Vista Antivirus 2013 to convince inexperienced computer users that they need to waste their money on a useless, fake security program. To do this, Vista Antivirus 2013 displays numerous error messages with alarming implications, claiming that the victim's computer has been invaded by Trojans, viruses, spyware and other malware threats. Vista Antivirus 2013 can also cause problems directly, such as causing the infected computer to become slower and to crash frequently, as well as blocking access to the victim's files or to the Internet. If the victim tries to use Vista Antivirus 2013 to fix these supposed malware problems, Vista Antivirus 2013 will display an error message claiming that they can only be removed by upgrading to a premium version of Vista Antivirus 2013. This 'full version' is, of course, not free, despite not having any real anti-malware capabilities.
Type: Rogue Anti-Virus Program
Infected with Vista Antivirus 2013? Scan Your PC for FreeDownload SpyHunter’s Spyware Scanner
to Detect Vista Antivirus 2013
Security Doesn't Let You Download SpyHunter or Access the Internet?
Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.
Vista Antivirus 2013 Technical Report
As new Vista Antivirus 2013 details are reported by our customers and findings from our Threat Research Center, we will update this section.
Screenshots & Other Imagery
Fake message for Vista Antivirus 2013:
The following fake error message(s) appears for Vista Antivirus 2013:
|Vista Antivirus 2013 Firewall Alert
Vista Antivirus 2013 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.
Unknown program is scanning your system registry right now! Identity theft detected!
Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion.
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an
in-depth scan and removal now, click here.
|Critical System Alert!
Unknown software is try to take control over your system!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
Sensitive areas of your system ware found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.
Vista Antivirus 2013 has typically the following processes in memory:
Vista Antivirus 2013 creates the following registry entries:
|HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'|
|HKEY_CURRENT_USER\Software\Classes\\DefaultIcon "(Default)" = '%1'|
|HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""|
|HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''|
|HKEY_CURRENT_USER\Software\Classes\\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*|
|HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*|
|HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"|
|HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*|
|HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*|
|HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe""|