Multi-Device Licenses (Volume Discounts)

Change Region

English Português
Threat Database Rogue Anti-Spyware Program Vista Home Security 2013

Vista Home Security 2013

By Domesticus in Rogue Anti-Spyware Program
Translate To:
English

Threat Scorecard

Ranking: 3,571
Threat Level: 20 % (Normal)
Infected Computers: 6,066
First Seen: November 1, 2012
Last Seen: September 19, 2023
OS(es) Affected: Windows

Vista Home Security 2013 is one of the many variants of fake security software belonging to the notorious FakeRean family of malware (also known as Braviax). These fake security applications are used to carry out a well known online scam in which criminals scare inexperienced computer users into purchasing fake upgraded versions of these scamware applications. There are numerous clones of Vista Home Security 2013, all of which use a common naming formula which begins with the targeted operating system's name (in this case 'Vista'), which is followed by a term making it seem as if the rogue security application is a real security program ('Home Security') and then a number denoting the supposed version of this fake anti-malware program ('2013'). With the approach of the New Year, ESG security researchers have observed that criminals have started to release variants of the Braviax rogue security programs which include the string '2013' at the end of each program's name. Vista Home Security 2013 is one of these newer variants of these rogue security applications.

Vista Home Security 2013 Targets Computers with the Windows Vista Operating System

One of the defining traits of malware in the Braviax family of rogue security software is that they infect specific versions of Windows. The Trojan responsible for installing Vista Home Security 2013 will first detect which version of Windows is running on the infected computer. Then, Vista Home Security 2013 will install a Braviax variant that corresponds to that operating system. While Vista Home Security 2013 is installed on computers running Windows Vista, the program, depending on the victim's operating system, can just as easily be named Antivirus 2008, Windows Antivirus 2008, Vista Antivirus 2008, Antivirus Pro 2009, AntiSpy Safeguard, ThinkPoint, Spyware Protection 2010, Internet Antivirus 2011, Palladium Pro, XP Anti-Virus 2011, CleanThis, PC Clean Pro, XP Home Security 2012, Windows Clear Problems, XP Security 2012, Antivirus PRO 2015.

Rogue security applications like Vista Home Security 2013 carry out a well known scam which involves convincing inexperienced computer users that they need to 'upgrade' to an expensive full version of Vista Home Security 2013. To do this, Vista Home Security 2013 intimidates the victim with various fake error messages and system alerts designed to scare the victim into thinking that the computer is severely infected. Trying to use Vista Home Security 2013 to remove these supposed infections is useless since Vista Home Security 2013 will insist that the only way to remove them is to pay for a 'full version' of Vista Home Security 2013. ESG security researchers recommend removing Vista Home Security 2013 instead with the aid of a fully updated and strong anti-malware application.

File System Details

Vista Home Security 2013 may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. %CommonAppData%\[RANDOM CHARACTERS].exe
2. %LocalAppData%\[RANDOM CHARACTERS].exe
3. %Temp%\[RANDOM CHARACTERS].exe
4. %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe
5. %UserProfile%\Start Menu\Programs\Vista Home Security 2013\Uninstall Vista Home Security 2013.lnk
6. %UserProfile%\Start Menu\Programs\Vista Home Security 2013\Vista Home Security 2013.lnk
7. %UserProfile%\Desktop\Vista Home Security 2013.lnk

Registry Details

Vista Home Security 2013 may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''
HKEY_CURRENT_USER\Software\Classes\\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\
HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Vista Home Security 2013"
HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'
HKEY_CURRENT_USER\Software\Classes\\DefaultIcon "(Default)" = '%1'
HKEY_CLASSES_ROOT\ah\shell\open\command "IsolatedCommand"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""

URLs

Vista Home Security 2013 may call the following URLs:

confrontationdrunk.com

Messages

The following messages associated with Vista Home Security 2013 were found:

Critical System Alert!
Unknown software is try to take control over your system!
Privacy alert!
Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion.
Privacy threat! Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
Severe system damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here.
System hacked!
Unknown program is scanning your system registry right now! Identity theft detected!
System hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
Threat detected!
Security alert! Your computer was found to be infected with privacy-threatening software. Private data may get stolen and system damage may be severe. Recover your PC from the infection right now, perform a security scan.
Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.

Trending

Most Viewed

Loading...