Vista Smart Defender Description

Vista Smart Defender is a fake anti-spyware application that is produced by cybercriminals to intimidate affected Internet users into believing their computers have been contaminated with various security infections. Vista Smart Defender attempts to persuade web users to buy the nonexistent full version of scareware. The main issue with Vista Smart Defender is that the full edition is, in actuality, the commercial, which will not protect the computer from any type of malware threats. Although the name and interface of Vista Smart Defender may sound and look legitimate, Vista Smart Defender will not defend the computer from security threats or fix computer problems. Vista Smart Defender spreads by using a Trojan that is downloaded from infected websites.

Vista Smart Defender attempts to persuade victims to buy rogueware in order to swindle PC users out of their money. After installation, Vista Smart Defender will start supposedly scanning the PC and create fake scan results to frighten you into believing that you have numerous computer problems because of the existence of various malware threats that, in truth, are imaginary. Vista Smart Defender displays pop-up warning messages that inform you about certain system issues. To remove Vista Smart Defender from the affected computer, ESG’s malware research team advises you to use a legitimate anti-malware program.

Type: Rogue AntiSpyware Programs

How Can You Detect Vista Smart Defender?

Vista Smart Defender Technical Report

As new Vista Smart Defender details are reported by our customers and findings from our Threat Research Center, we will update this section.

Fake message for Vista Smart Defender:

The following fake error message(s) appears for Vista Smart Defender:

System Security Alert!
Unknown program is scanning your system registry right now! Identify the theft detected!

Vista Smart Defender Firewall Alert
Iexplore.exe is infected with Trojan.JS.Fraud.ba. Private data can be stolen by third parties, including credit card details and passwords.
Windows recommends activate Vista Smart Defender

System Security Alert!
Vulnerabilities found
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.

Vista Smart Defender Removal Details

Vista Smart Defender has typically the following processes in memory:

• %CommonAppData%\pcdfdata\[RANDOM].exe

Vista Smart Defender creates the following files in the system:

• %CommonAppData%\pcdfdata\vl.bin
• %CommonAppData%\pcdfdata\uninst.ico
• %CommonPrograms%\Vista Smart Defender\Vista Smart Defender Help and Support.lnk
• %CommonAppData%\pcdfdata\app.ico
• %CommonAppData%\pcdfdata\config.bin
• %CommonPrograms%\Vista Smart Defender\Vista Smart Defender.lnk
• %CommonAppData%\pcdfdata\defs.bin
• %CommonAppData%\pcdfdata\support.ico
• %CommonDesktopDir%\Vista Smart Defender.lnk

Vista Smart Defender creates the following registry entries:

• HKEY_CURRENT_USER\Software\Classes\.exe\ [RANDOM_2]
• HKEY_CURRENT_USER\Software\Classes\.exe\shell
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command = “”%CommonAppData%\pcdfdata\[RANDOM].exe” /ex “%1″ %*”
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command = ‘”%1″ %*’
• HKEY_CURRENT_USER\Software\Classes\.exe “Content Type” = ‘application/x-m’
• HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = ‘%1′
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run pcdfsvc = “%CommonAppData%\pcdfdata\[RANDOM].exe /min”
• HKEY_CURRENT_USER\Software\Classes\.exe
• HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’

Important Article Disclaimer