Vista Smart Defender Pro Description

Vista Smart Defender Pro is a fraudulent anti-spyware program that looks like an authentic security tool but, in reality, it cannot find and uninstall any type of malware infections. Vista Smart Defender Pro is delivered through the use of Trojans and other malware infections that use security vulnerabilities detected to download and install Vista Smart Defender Pro without a computer user’s permission and knowledge. When Vista Smart Defender Pro is installed on the targeted PC, it will load automatically when you start Windows and then initiate a phony system scan on the computer. Vista Smart Defender Pro will return false PC scan results in order to scare the affected PC user into thinking that his/her computer has been affected by numerous malware threats. Vista Smart Defender Pro will display fabricated pop-up security alerts, which also announce about imaginary computer problems and security issues. Vista Smart Defender Pro will recommend the victim to purchase the pseudo full version of its counterfeit software, which is worthless just like the trial version, in order to remove all the allegedly detected security infections. ESG’s malware analysts highly recommend you not to spend money on Vista Smart Defender Pro as it is a useless security tool. You should use a reputable anti-malware program in order to rid your PC of Vista Smart Defender Pro.

Type: Rogue AntiSpyware Programs

How Can You Detect Vista Smart Defender Pro?

Vista Smart Defender Pro Technical Report

As new Vista Smart Defender Pro details are reported by our customers and findings from our Threat Research Center, we will update this section.

Fake message for Vista Smart Defender Pro:

The following fake error message(s) appears for Vista Smart Defender Pro:

Vista Smart Defender Pro – Unregistered Version Attention: Danger! Alert! System scan for spyware, adware, Trojans and viruses is complete. Vista Smart Defender Pro detected 30 critical system objects. These security breaches may be exploited and lead to the following: Your system becomes a target for spam and bulky, intruding ads; Browser crashes frequently and web access speed decreases; Your personal files, photos, documents and passwords get stolen; Your computer is used for criminal activity behind your back; Bank details and credit card information gets disclosed; Click REGISTER to register your copy of Vista Smart Defender Pro and perform threat removal on your system. The list of infections and vulnerabilities detected will become available after registration

Vista Smart Defender Pro Removal Details

Vista Smart Defender Pro has typically the following processes in memory:

• %AppData%\Local\[RANDOM CHARACTERS].exe

Vista Smart Defender Pro creates the following files in the system:

• %AppData%\Local\[RANDOM CHARACTERS]
• %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS]
• %Temp%\[RANDOM CHARACTERS]
• %AllUsersProfile%\[RANDOM CHARACTERS]

Vista Smart Defender Pro creates the following registry entries:

• HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon “(Default)” = ‘%1′
• HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “(Default)” = ‘”%1″ %*’
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
• HKEY_CLASSES_ROOT\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1″ %*’
• HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = ‘%1′ = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1″ %*’
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%Program Files%\Mozilla Firefox\firefox.exe” -safe-mode’
• HKEY_CURRENT_USER\Software\Classes\exefile “Content Type” = ‘application/x-msdownload’
• HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “IsolatedCommand” = ‘”%1″ %*’
• HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1″ %*’
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’
• HKEY_CURRENT_USER\Software\Classes\.exe “Content Type” = ‘application/x-msdownload’
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%Program Files%\Mozilla Firefox\firefox.exe”‘
• HKEY_CURRENT_USER\Software\Classes\exefile “(Default)” = ‘Application’
• HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1″ %*’
• HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “IsolatedCommand” – ‘”%1″ %*’
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “(Default)” = ‘”%1″ %*’
• HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ‘exefile’
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%Program Files%\Internet Explorer\iexplore.exe”‘

Important Article Disclaimer