Vista Internet Security 2013

Vista Internet Security 2013 Description

ESG security analysts have received various reports of malware attacks involving Vista Internet Security 2013 and other fake security applications belonging to the family of rogue security software. These fake security applications are known for attacking specific versions of Windows. According to ESG malware analysts, clones of Vista Internet Security 2013 have been active since at least 2009 and Vista Internet Security 2013 is just the latest in a long line of fake security applications that are renamed every year to include the current year in their name. It is important to realize that Vista Internet Security 2013 is not an actual anti-malware application. Rather than protecting your computer from malware, Vista Internet Security 2013 is a malware infection itself that will try to steal your money using a well known online scam.

Fake security applications like Vista Internet Security 2013 use numerous error messages to convince computer users that it is necessary to remove a nonexistent malware infection from their computer. Although Vista Internet Security 2013 is disguised as an anti-malware application, trying to remove this supposed malware infection using Vista Internet Security 2013 results in more error messages, urging the victim to upgrade their version of Vista Internet Security 2013 to an expensive (and equally useless) full version of this fake security tool. Apart from numerous error messages, Vista Internet Security 2013 can cause other problems on the infected computer. Vista Internet Security 2013 has the ability to block access to the victim's files, cause browser redirects and negatively affect system performance. It is not uncommon for Vista Internet Security 2013 to cause a computer to become slow, unresponsive, and to crash frequently.

Vista Internet Security 2013 is installed by a Trojan infection. This Trojan detects the operating system being used on the infected computer. Then, it installs a version of Vista Internet Security 2013 that corresponds to that operating system. While Vista Internet Security 2013 is installed on computers using Windows Vista, other versions of this fake security program are installed on other versions of Windows using names such as

Technical Information

Registry Details

Vista Internet Security 2013 creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS.exe].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mode'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1' = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe"'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\.exe "Content Type” = 'application/x-msdownload'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" – '"%1" %*'
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Internet Explorer\iexplore.exe"'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'
HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.