XP Smart Defender Description
XP Smart Defender is a fake anti-spyware program designed by cybercrooks. XP Smart Defender has no capabilities of detecting and uninstalling any type of security threats. The main purpose of XP Smart Defender is to deceive unaware computer users and pilfer money from them. XP Smart Defender attempts to dupe PC users into thinking their computers are infected with various malware infections. Then, XP Smart Defender strives to induce victims to spend money on the bogus security tool that is allegedly able to repair any malware infections. XP Smart Defender is distributed via Trojans or malicious downloads and enters the corrupted machine secretly without a PC owner’s knowledge. When installed, XP Smart Defender launches a supposed system scan and pretends to check the computer for possible malware threats and other security issues. Falsified malware reports produced by XP Smart Defender are used to intimidate victims into thinking their computers are corrupted.
XP Smart Defender urges victims to buy the full version of scareware, which, in reality, does not exist. XP Smart Defender also shows fraudulent pop-up warning messages that claim your computer is infected and in danger. To bypass the detection and removal, XP Smart Defender may disable legitimate security programs from functioning. Do not rely on anything XP Smart Defender states or displays because all information pertaining to this malicious software is inaccurate. ESG’s malware researchers highly recommend you use a reputable anti-malware program to remove XP Smart Defender as soon as possible. Do not ever spend money on XP Smart Defender.
Type: Rogue AntiSpyware Programs
How Can You Detect XP Smart Defender?
XP Smart Defender Technical Report
As new XP Smart Defender details are reported by our customers and findings from our Threat Research Center, we will update this section.
Fake message for XP Smart Defender:
The following fake error message(s) appears for XP Smart Defender:
XP Smart Defender Firewall Alert
Iexplore.exe is infected with Trojan.JS.Fraud.ba. Private data can be stolen by third parties, including credit card details and passwords.
Windows recommends activate XP Smart Defender
System Security Alert!
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.
System Security Alert!
Unknown program is scanning your system registry right now! Identify the theft detected!
XP Smart Defender Removal Details
XP Smart Defender has typically the following processes in memory:
XP Smart Defender creates the following files in the system:
- %CommonPrograms%\XP Smart Defender\XP Smart Defender.lnk
- %CommonPrograms%\XP Smart Defender\XP Smart Defender Help and Support.lnk
- %CommonDesktopDir%\XP Smart Defender.lnk
XP Smart Defender creates the following registry entries:
- HKEY_CURRENT_USER\Software\Classes\.exe\ [RANDOM_2]
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command = “”%CommonAppData%\pcdfdata\[RANDOM].exe” /ex “%1″ %*”
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command = ‘”%1″ %*’
- HKEY_CURRENT_USER\Software\Classes\.exe “Content Type” = ‘application/x-m’
- HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = ‘%1′
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run pcdfsvc = “%CommonAppData%\pcdfdata\[RANDOM].exe /min”
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’