Virus description and consequences of its residing on your PC’s

Vista Defender 2013 consists of popups. One of those popups states that your protection level is low and you need to activate the security program in question.
Malware experts would suggest the opposite. Here is a free scanner tool to follow their advice and remove Vista Defender 2013.
The program is a trojan based fake antispyware. The trojan is installed through phony online memory scanners. Those scanners scare user with instant reports on countless threats found. Other infiltration methods, including introduction without user’s consent, are applied.
Once installed, the trojan detects computer system type. The above name and interface is only loaded, if affected Windows is Vista. There are appropriate variants for XP and Win 7, too. It is critical to exterminate the rogue, for it badly oppresses host machine turning it into its malvertisement headquarter.

Technical Details and screenshots:

  • Full name: Vista Defender 2013, Vista Defender 2013, Windows Vista Defender 2013
  • Type: Rogue Security Software
  • Origin: Russian Federation, Ukraine

Signs of Vista Defender 2013 Infection:

The rogue popups alerts and nag screens. Some users believe only legitimate programs may issue messages from system tray. The foxy program obviously tries to benefit on that superstition, as it generates excessive amount of desktop toolbar popups.
Some of the alerts may read as follows:

“ Security breach!
Beware! Spyware infection was found…”

“Vista Defender 2013 Alert
System hacked…”

Get a free scan tool to get rid of Vista Defender 2013 and other security risks to your PC.

Vista Defender 2013 automatical removal:

There is no chance for a single malware to survive, if you apply free scanner below. In spite of that the rogue may try to abort its extermination processes, the recommended removal tool will successfully and confidently remove Vista Defender 2013 malware.

Vista Defender 2013 Removal Tool

Manual Removal of Vista Defender 2013:

The manual guide is to get rid of Vista Defender 2013 only. To cover other threats on your PC, it is good to scan its memory with free tool above. Upon completing the scan, you may proceed to automatic extermination, or find and apply relevant manual removal instructions.

Remove Vista Defender 2013 files and dll’s:

%CommonAppData%\<random characters and numbers>
%LocalAppData%\<random characters and numbers>
%LocalAppData%\<random 3 characters>.exe
%Temp%\<random characters and numbers>
%UserProfile%\Templates\<random characters and numbers>

Unregister Vista Defender 2013 registry values:

HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = “<random characters>”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%LocalAppData%\<random 3 characters>.exe” -a “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “IsolatedCommand” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “(Default)” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\<random characters> “(Default)” = “Application”
HKEY_CURRENT_USER\Software\Classes\<random characters> “Content Type” = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\<random characters>\DefaultIcon “(Default)” = “%1”
HKEY_CURRENT_USER\Software\Classes\<random characters>\shell\open\command “(Default)” = “”%LocalAppData%\<random 3 characters>.exe” -a “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\<random characters>\shell\open\command “IsolatedCommand” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\<random characters>\shell\runas\command “(Default)” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\<random characters>\shell\runas\command “IsolatedCommand” = “”%1″ %*”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%LocalAppData%\<random 3 characters>.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%LocalAppData%\<random 3 characters>.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%LocalAppData%\<random 3 characters>.exe” -a “C:\Program Files\Internet Explorer\iexplore.exe”

Vista Defender 2013 removal