Vista Home Security 2013

Vista Home Security 2013 Description

Vista Home Security 2013 is one of the many variants of fake security software belonging to the notorious family of malware (also known as Braviax). These fake security applications are used to carry out a well known online scam in which criminals scare inexperienced computer users into purchasing fake upgraded versions of these scamware applications. There are numerous clones of Vista Home Security 2013, all of which use a common naming formula which begins with the targeted operating system's name (in this case 'Vista'), which is followed by a term making it seem as if the rogue security application is a real security program ('Home Security') and then a number denoting the supposed version of this fake anti-malware program ('2013'). With the approach of the New Year, ESG security researchers have observed that criminals have started to release variants of the Braviax rogue security programs which include the string '2013' at the end of each program's name. Vista Home Security 2013 is one of these newer variants of these rogue security applications.

Vista Home Security 2013 Targets Computers with the Windows Vista Operating System

One of the defining traits of malware in the Braviax family of rogue security software is that they infect specific versions of Windows. The Trojan responsible for installing Vista Home Security 2013 will first detect which version of Windows is running on the infected computer. Then, Vista Home Security 2013 will install a Braviax variant that corresponds to that operating system. While Vista Home Security 2013 is installed on computers running Windows Vista, the program, depending on the victim's operating system, can just as easily be named

Rogue security applications like Vista Home Security 2013 carry out a well known scam which involves convincing inexperienced computer users that they need to 'upgrade' to an expensive full version of Vista Home Security 2013. To do this, Vista Home Security 2013 intimidates the victim with various fake error messages and system alerts designed to scare the victim into thinking that the computer is severely infected. Trying to use Vista Home Security 2013 to remove these supposed infections is useless since Vista Home Security 2013 will insist that the only way to remove them is to pay for a 'full version' of Vista Home Security 2013. ESG security researchers recommend removing Vista Home Security 2013 instead with the aid of a fully updated and strong anti-malware application.

Technical Information

Registry Details

Vista Home Security 2013 creates the following registry entry or registry entries:
RegistryKey
HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''
HKEY_CURRENT_USER\Software\Classes\\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\
HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Vista Home Security 2013"
HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'
HKEY_CURRENT_USER\Software\Classes\\DefaultIcon "(Default)" = '%1'
HKEY_CLASSES_ROOT\ah\shell\open\command "IsolatedCommand"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""

More Details on Vista Home Security 2013

The following messages associated with Vista Home Security 2013 were found:
Critical System Alert!
Unknown software is try to take control over your system!
Privacy alert!
Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion.
Privacy threat! Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
Severe system damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here.
System hacked!
Unknown program is scanning your system registry right now! Identity theft detected!
System hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
Threat detected!
Security alert! Your computer was found to be infected with privacy-threatening software. Private data may get stolen and system damage may be severe. Recover your PC from the infection right now, perform a security scan.
Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.