Vista Home Security 2013 Description

Vista Home Security 2013 is one of the many variants of fake security software belonging to the notorious Braviax family of malware (also known as FakeRean). These fake security applications are used to carry out a well known online scam in which criminals scare inexperienced computer users into purchasing fake upgraded versions of these scamware applications. There are numerous clones of Vista Home Security 2013, all of which use a common naming formula which begins with the targeted operating system’s name (in this case ‘Vista’), which is followed by a term making it seem as if the rogue security application is a real security program (’Home Security’) and then a number denoting the supposed version of this fake anti-malware program (’2013′). With the approach of the New Year, ESG security researchers have observed that criminals have started to release variants of the Braviax rogue security programs which include the string ‘2013′ at the end of each program’s name. Vista Home Security 2013 is one of these newer variants of these rogue security applications.

Vista Home Security 2013 Targets Computers with the Windows Vista Operating System

One of the defining traits of malware in the Braviax family of rogue security software is that they infect specific versions of Windows. The Trojan responsible for installing Vista Home Security 2013 will first detect which version of Windows is running on the infected computer. Then, Vista Home Security 2013 will install a Braviax variant that corresponds to that operating system. While Vista Home Security 2013 is installed on computers running Windows Vista, the program can just as easily be named XP Home Security 2013, Win 7 Home Security 2013 or Win 8 Home Security 2013, depending on the victim’s operating system.

Rogue security applications like Vista Home Security 2013 carry out a well known scam which involves convincing inexperienced computer users that they need to ‘upgrade’ to an expensive full version of Vista Home Security 2013. To do this, Vista Home Security 2013 intimidates the victim with various fake error messages and system alerts designed to scare the victim into thinking that the computer is severely infected. Trying to use Vista Home Security 2013 to remove these supposed infections is useless since Vista Home Security 2013 will insist that the only way to remove them is to pay for a ‘full version’ of Vista Home Security 2013. ESG security researchers recommend removing Vista Home Security 2013 instead with the aid of a fully updated and strong anti-malware application.

Type: Rogue AntiSpyware Programs

How Can You Detect Vista Home Security 2013?

Vista Home Security 2013 Technical Report

As new Vista Home Security 2013 details are reported by our customers and findings from our Threat Research Center, we will update this section.

Fake message for Vista Home Security 2013:

The following fake error message(s) appears for Vista Home Security 2013:

Critical System Alert!
Unknown software is try to take control over your system!

System hacked!
Unknown program is scanning your system registry right now! Identity theft detected!

Privacy alert!
Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion.

Privacy threat! Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.

System hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.

System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here.

Severe system damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.

Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.

Threat detected!
Security alert! Your computer was found to be infected with privacy-threatening software. Private data may get stolen and system damage may be severe. Recover your PC from the infection right now, perform a security scan.

Vista Home Security 2013 Removal Details

Vista Home Security 2013 has typically the following processes in memory:

• %CommonAppData%\[RANDOM CHARACTERS].exe
• %LocalAppData%\[RANDOM CHARACTERS].exe
• %Temp%\[RANDOM CHARACTERS].exe
• %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe

Vista Home Security 2013 creates the following files in the system:

• %UserProfile%\Start Menu\Programs\Vista Home Security 2013\Uninstall Vista Home Security 2013.lnk
• %UserProfile%\Start Menu\Programs\Vista Home Security 2013\Vista Home Security 2013.lnk
• %UserProfile%\Desktop\Vista Home Security 2013.lnk

Vista Home Security 2013 creates the following registry entries:

• HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ”
• HKEY_CURRENT_USER\Software\Classes\\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
• HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “”%LocalAppData%\.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode”
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
• HKEY_CLASSES_ROOT\
• HKEY_CLASSES_ROOT\ah\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “”%LocalAppData%\.exe” -a “C:\Program Files\Internet Explorer\iexplore.exe”"
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Vista Home Security 2013″
• HKEY_CURRENT_USER\Software\Classes\ “(Default)” = ‘Application’
• HKEY_CURRENT_USER\Software\Classes\\DefaultIcon “(Default)” = ‘%1′
• HKEY_CLASSES_ROOT\ah\shell\open\command “IsolatedCommand”
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “”%LocalAppData%\.exe -a “C:\Program Files\Mozilla Firefox\firefox.exe”"

Important Article Disclaimer