Vista Antivirus Plus 2013

Vista Antivirus Plus 2013 Description

ScreenshotVista Antivirus Plus 2013 is a fake anti-virus program created by scammers to convince innocent PC users to purchase its imaginary full version. In truth, the full edition of Vista Antivirus Plus 2013 will not protect the computer from any type of malware because it does not exist. Vista Antivirus Plus 2013 might seem to be a legal and trustworthy security tool because of its name and appearance, but, in reality, Vista Antivirus Plus 2013 will not defend your PC from any type of security threats. Vista Antivirus Plus 2013 proliferates via Trojans that could be downloaded from malicious websites. Trojans take advantage of security holes and other system vulnerabilities to access a corrupted machine. Vista Antivirus Plus 2013 strives to make victims purchasing the commercial version of its rogue program and gain credit card details. Once installed on the infected computer system, Vista Antivirus Plus 2013 launches bogus system scans and returns false scan results in order to intimidate PC users into believing their computers are infected with numerous malware infections. Vista Antivirus Plus 2013 also shows fake warning messages that report certain computer problems and declare that your computer is at risk. Vista Antivirus Plus 2013 does not have the ability to find and uninstall any type of malware threats, so the purchase of this software product is only a waste of money. To uninstall Vista Antivirus Plus 2013 from the affected PC, ESG's malware research team advises you to use an appropriate anti-malware tool that is able to remove rogue software.

Infected with Vista Antivirus Plus 2013? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect Vista Antivirus Plus 2013

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Vista Antivirus Plus 2013 Technical Report


As new Vista Antivirus Plus 2013 details are reported by our customers and findings from our Threat Research Center, we will update this section.

Screenshots & Other Imagery

Screenshot


Technical Information

File System Details

Vista Antivirus Plus 2013 creates the following file(s):
# File Name
1 %AppData%\Local\[RANDOM CHARACTERS].exe
2 %AppData%\Local\[RANDOM CHARACTERS]
3 %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS]
4 %Temp%\[RANDOM CHARACTERS]
5 %AllUsersProfile%\[RANDOM CHARACTERS]

Registry Details

Vista Antivirus Plus 2013 creates the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_CLASSES_ROOT\exefile\shell\open\command “(Default)” = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'
HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-msdownload'
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1' = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*"
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'
HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'
HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)"= '"%1" %*
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" – '"%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe' /START "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mode'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Internet Explorer\iexplore.exe"'

More Details on Vista Antivirus Plus 2013

The following messages associated with Vista Antivirus Plus 2013 were found:
Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
Tracking software found!
Your PC activity is being monitored. Possible spyware infection. Your data security may be compromised. Sensitive data can be stolen. Prevent damage now by completing a security scan.
Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.
Vista Antivirus Plus 2013 Alert
Internet Connection alert!
Suspicious network activity detected!
Malware infection is possible!
Vista Antivirus Plus 2013 Alert
System hacked!
Unknown programs is scanning your system registry right now! Identity theft detected!
Vista Antivirus Plus 2013 Firewall Alert
Vista Antivirus Plus 2013 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.

Site Disclaimer

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as-is:
What is 6 + 14 ?