Vista Smart Defender

By Domesticus in Rogue Anti-Spyware Program

Vista Smart Defender is a fake anti-spyware application that is produced by cybercriminals to intimidate affected Internet users into believing their computers have been contaminated with various security infections. Vista Smart Defender attempts to persuade web users to buy the nonexistent full version of scareware. The main issue with Vista Smart Defender is that the full edition is, in actuality, the commercial, which will not protect the computer from any type of malware threats. Although the name and interface of Vista Smart Defender may sound and look legitimate, Vista Smart Defender will not defend the computer from security threats or fix computer problems. Vista Smart Defender spreads by using a Trojan that is downloaded from infected websites.

Vista Smart Defender attempts to persuade victims to buy rogueware in order to swindle PC users out of their money. After installation, Vista Smart Defender will start supposedly scanning the PC and create fake scan results to frighten you into believing that you have numerous computer problems because of the existence of various malware threats that, in truth, are imaginary. Vista Smart Defender displays pop-up warning messages that inform you about certain system issues. To remove Vista Smart Defender from the affected computer, ESG's malware research team advises you to use a legitimate anti-malware program.

File System Details

Vista Smart Defender may create the following file(s):
# File Name Detections
1. %CommonAppData%\pcdfdata\[RANDOM].exe
2. %CommonAppData%\pcdfdata\vl.bin
3. %CommonAppData%\pcdfdata\uninst.ico
4. %CommonPrograms%\Vista Smart Defender\Vista Smart Defender Help and Support.lnk
5. %CommonAppData%\pcdfdata\app.ico
6. %CommonAppData%\pcdfdata\config.bin
7. %CommonPrograms%\Vista Smart Defender\Vista Smart Defender.lnk
8. %CommonAppData%\pcdfdata\defs.bin
9. %CommonAppData%\pcdfdata\support.ico
10. %CommonDesktopDir%\Vista Smart Defender.lnk

Registry Details

Vista Smart Defender may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Classes\.exe\ [RANDOM_2]
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command = ""%CommonAppData%\pcdfdata\[RANDOM].exe" /ex "%1" %*"
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-m'
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run pcdfsvc = "%CommonAppData%\pcdfdata\[RANDOM].exe /min"
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'

Messages

The following messages associated with Vista Smart Defender were found:

System Security Alert!
Unknown program is scanning your system registry right now! Identify the theft detected!
System Security Alert!
Vulnerabilities found
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.
Vista Smart Defender Firewall Alert
Iexplore.exe is infected with Trojan.JS.Fraud.ba. Private data can be stolen by third parties, including credit card details and passwords.
Windows recommends activate Vista Smart Defender

Related Posts

Trending

Most Viewed

Loading...