Vista Home Security 2013

Vista Home Security 2013 Description

Type: Adware

Vista Home Security 2013 is one of the many variants of fake security software belonging to the notorious FakeRean family of malware (also known as Braviax). These fake security applications are used to carry out a well known online scam in which criminals scare inexperienced computer users into purchasing fake upgraded versions of these scamware applications. There are numerous clones of Vista Home Security 2013, all of which use a common naming formula which begins with the targeted operating system's name (in this case 'Vista'), which is followed by a term making it seem as if the rogue security application is a real security program ('Home Security') and then a number denoting the supposed version of this fake anti-malware program ('2013'). With the approach of the New Year, ESG security researchers have observed that criminals have started to release variants of the Braviax rogue security programs which include the string '2013' at the end of each program's name. Vista Home Security 2013 is one of these newer variants of these rogue security applications.

Vista Home Security 2013 Targets Computers with the Windows Vista Operating System

One of the defining traits of malware in the Braviax family of rogue security software is that they infect specific versions of Windows. The Trojan responsible for installing Vista Home Security 2013 will first detect which version of Windows is running on the infected computer. Then, Vista Home Security 2013 will install a Braviax variant that corresponds to that operating system. While Vista Home Security 2013 is installed on computers running Windows Vista, the program, depending on the victim's operating system, can just as easily be named Windows Antivirus 2008, Vista Antivirus 2008, Antivirus Pro 2009, AntiSpy Safeguard, ThinkPoint, Spyware Protection 2010, Internet Antivirus 2011, Palladium Pro, XP Anti-Virus 2011, CleanThis, PC Clean Pro, XP Home Security 2012, Windows Clear Problems, XP Security 2012, Antivirus PRO 2015.

Rogue security applications like Vista Home Security 2013 carry out a well known scam which involves convincing inexperienced computer users that they need to 'upgrade' to an expensive full version of Vista Home Security 2013. To do this, Vista Home Security 2013 intimidates the victim with various fake error messages and system alerts designed to scare the victim into thinking that the computer is severely infected. Trying to use Vista Home Security 2013 to remove these supposed infections is useless since Vista Home Security 2013 will insist that the only way to remove them is to pay for a 'full version' of Vista Home Security 2013. ESG security researchers recommend removing Vista Home Security 2013 instead with the aid of a fully updated and strong anti-malware application.

Technical Information

File System Details

Vista Home Security 2013 creates the following file(s):
# File Name Detection Count
1 %CommonAppData%\[RANDOM CHARACTERS].exe N/A
2 %LocalAppData%\[RANDOM CHARACTERS].exe N/A
4 %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe N/A
5 %UserProfile%\Start Menu\Programs\Vista Home Security 2013\Uninstall Vista Home Security 2013.lnk N/A
6 %UserProfile%\Start Menu\Programs\Vista Home Security 2013\Vista Home Security 2013.lnk N/A
7 %UserProfile%\Desktop\Vista Home Security 2013.lnk N/A

Registry Details

Vista Home Security 2013 creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''
HKEY_CURRENT_USER\Software\Classes\\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Vista Home Security 2013"
HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'
HKEY_CURRENT_USER\Software\Classes\\DefaultIcon "(Default)" = '%1'
HKEY_CLASSES_ROOT\ah\shell\open\command "IsolatedCommand"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""

More Details on Vista Home Security 2013

The following messages associated with Vista Home Security 2013 were found:
Critical System Alert!
Unknown software is try to take control over your system!
Privacy alert!
Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion.
Privacy threat! Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
Severe system damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here.
System hacked!
Unknown program is scanning your system registry right now! Identity theft detected!
System hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
Threat detected!
Security alert! Your computer was found to be infected with privacy-threatening software. Private data may get stolen and system damage may be severe. Recover your PC from the infection right now, perform a security scan.
Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.