Vista Antivirus Plus 2013

Vista Antivirus Plus 2013 Description

ScreenshotVista Antivirus Plus 2013 is another one among numerous rogue security applications that belong to the FakeRean or Braviax family of rogue security applications. This notorious family carries out a misleading tactic that criminals use to take advantage of inexperienced computer users. Basically, Vista Antivirus Plus 2013 and its clones pretend to be real security programs in order to prove to PC users that the purchase of an expensive, fake upgrade in order to keep their computers safe from threats. To do this, Vista Antivirus Plus 2013 displays numerous alarming error messages and deliberately causes performance problems on the infected computer. However, since Vista Antivirus Plus 2013 and its clones are actually threats themselves, PC security researchers strongly advise disregarding all messages displayed by these fake security programs and then using a real anti-malware tool to protect your computer.

Identifying Vista Antivirus Plus 2013 and Its Clones


There are dozens of clones of Vista Antivirus Plus 2013 that use similar names or even different names such as Win 7 Antivirus Plus 2013, Windows Vista Internet Security 2012, Win 7 Home Security Pro 2013, Win 7 Defender Plus 2013, AntiSpy Safeguard, Vista Security 2013, Vista Internet Security Pro 2013, Antivirus2008, Vista Antivirus 2008, Win 7 Antispyware 2013, Vista Antivirus 2012, Win 7/Win 8/XP Defender 2013, Palladium Pro, Win 7 AntiVirus 2012, Vista Home Security 2013, Internet Security Premium, Internet Security Pro, Vista Smart Defender Pro, Vista Security Plus 2013, Security Cleaner Pro, XP Security 2012, Win 7 Defender, XP Internet Security 2012, XP Anti-Virus 2011, Antispyware Pro 2012, Win 7 Home Security 2013, Internet Security Pro 2013, XP Antivirus Plus 2013, Win 7 Security, Vista Security 2012, XP Security Plus 2013, Win 7 Security Plus 2013, Win 7 Internet Security 2012, XP Total Security 2013, Win 7 Internet Security Pro 2013, Antivirus Pro 2009, Windows 7 Internet Security 2012, XP Internet Security 2013, Vista Antivirus 2013, Windows Vista Antivirus 2012, Windows XP Internet Security 2012, PC Defender Plus, XP Security Cleaner Pro, Win 7 Internet Security 2013, Spyware Protection 2010, CleanThis, Win 8 Protection 2013, PCclean Pro, Internet Security 2012, Vista Security Cleaner Pro, XP Defender 2013, Win 8 Antivirus 2013, XP Security 2013, TitanAntivirus2013/PCDefender360, Win 7 Security 2012, XP Antivirus 2013, Win 8 Antispyware 2013, XP Home Security 2012, Win 7 Total Security 2013, XP Internet Security Pro 2013, Windows 7 Antispyware 2012, ThinkPoint, Win 8 Home Security 2013, MySafePC 2014 , Win 7 Internet Security 2011, Vista Defender Plus 2013, Windows Vista Security 2012, Win 8 Security System, XP Antispyware 2013, Win 7 Security 2013, Internet Security Protection, Win 8 Security Suite 2013, Vista Defender, Win 8 Defender 2013, Windows Essentials Pro 2013, Vista Internet Security 2012, Windows 7 Defender 2013, Privacy Protection, Win 7 Antivirus 2013, Vista Antispyware 2013, Windows Antivirus 2008, Internet Security, Internet Protector, XP Home Security 2013, Internet Security 2013, Internet Security Plus, Internet Security 2014, Antivirus Plus 2014, XP Defender Plus 2013, Vista Total Security 2013, Vista Internet Security 2013 and Win 7 Security Cleaner Pro.

Because of these characteristic naming patterns, which are probably generated automatically, these fake security programs are usually not difficult to recognize. Vista Antivirus Plus 2013 and its clones have names made up of three distinct part:
  1. The first part of the name will indicate the targeted computer's operating system. This first part can be either 'Vista', 'XP', 'Win 7' or 'Win 8', depending on the infected computer. Vista Antivirus Plus 2013 infects computers with the Windows Vista operating system. During installation, a variant corresponding to the infected computer's operating system is installed.
  2. This is usually followed by a term designed to convince the victim that Vista Antivirus Plus 2013 is, in fact, a real security program. These are usually broad, generic terms such as 'security', 'anti-malware', 'Internet protection', or – in this case - 'Antivirus Plus'.
  3. Finally, criminals add the current year to the end of these fake security programs' names. This is done to attempt to convince computer users that these are the latest in an established line of security software. Variants have been released since 2009 and, previously, PC security researchers have encountered Vista Antivirus Plus 2009, 2010, 2011 and 2012. Vista Antivirus Plus 2013 was released in October of 2012 and is part of a large batch of rogue security software claiming to be an update for the coming new year.

Infected with Vista Antivirus Plus 2013? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect Vista Antivirus Plus 2013

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

Screenshots & Other Imagery

Vista Antivirus Plus 2013 Image 1

File System Details

Vista Antivirus Plus 2013 creates the following file(s):
# File Name
1 %AppData%\Local\[RANDOM CHARACTERS].exe
2 %AppData%\Local\[RANDOM CHARACTERS]
3 %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS]
4 %Temp%\[RANDOM CHARACTERS]
5 %AllUsersProfile%\[RANDOM CHARACTERS]

Registry Details

Vista Antivirus Plus 2013 creates the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)"= '"%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe"'
HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-msdownload'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" – '"%1" %*'
HKEY_CLASSES_ROOT\exefile\shell\open\command “(Default)” = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe' /START "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mode'
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1' = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*"
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Internet Explorer\iexplore.exe"'

More Details on Vista Antivirus Plus 2013

The following messages associated with Vista Antivirus Plus 2013 were found:
Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
Tracking software found!
Your PC activity is being monitored. Possible spyware infection. Your data security may be compromised. Sensitive data can be stolen. Prevent damage now by completing a security scan.
Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.
Vista Antivirus Plus 2013 Alert
Internet Connection alert!
Suspicious network activity detected!
Malware infection is possible!
Vista Antivirus Plus 2013 Alert
System hacked!
Unknown programs is scanning your system registry right now! Identity theft detected!
Vista Antivirus Plus 2013 Firewall Alert
Vista Antivirus Plus 2013 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.

Site Disclaimer

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as-is:
What is 8 + 14 ?