XP Smart Defender

XP Smart Defender is a fake anti-spyware program designed by cybercrooks. XP Smart Defender has no capabilities of detecting and uninstalling any type of security threats. The main purpose of XP Smart Defender is to deceive unaware computer users and pilfer money from them. XP Smart Defender attempts to dupe PC users into thinking their computers are infected with various malware infections. Then, XP Smart Defender strives to induce victims to spend money on the bogus security tool that is allegedly able to repair any malware infections. XP Smart Defender is distributed via Trojans or malicious downloads and enters the corrupted machine secretly without a PC owner's knowledge. When installed, XP Smart Defender launches a supposed system scan and pretends to check the computer for possible malware threats and other security issues. Falsified malware reports produced by XP Smart Defender are used to intimidate victims into thinking their computers are corrupted.

XP Smart Defender urges victims to buy the full version of scareware, which, in reality, does not exist. XP Smart Defender also shows fraudulent pop-up warning messages that claim your computer is infected and in danger. To bypass the detection and removal, XP Smart Defender may disable legitimate security programs from functioning. Do not rely on anything XP Smart Defender states or displays because all information pertaining to this malicious software is inaccurate. ESG's malware researchers highly recommend you use a reputable anti-malware program to remove XP Smart Defender as soon as possible. Do not ever spend money on XP Smart Defender.

Infected with XP Smart Defender? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect XP Smart Defender

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

File System Details

XP Smart Defender creates the following file(s):
# File Name
1 %CommonAppData%\pcdfdata\[RANDOM].exe
2 %CommonAppData%\pcdfdata\vl.bin
3 %CommonAppData%\pcdfdata\support.ico
4 %CommonPrograms%\XP Smart Defender\XP Smart Defender.lnk
5 %CommonAppData%\pcdfdata\uninst.ico
6 %CommonAppData%\pcdfdata\config.bin
7 %CommonPrograms%\XP Smart Defender\XP Smart Defender Help and Support.lnk
8 %CommonAppData%\pcdfdata\defs.bin
9 %CommonAppData%\pcdfdata\app.ico
10 %CommonDesktopDir%\XP Smart Defender.lnk

Registry Details

XP Smart Defender creates the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-m'
HKEY_CURRENT_USER\Software\Classes\.exe\ [RANDOM_2]
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1'
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command = ""%CommonAppData%\pcdfdata\[RANDOM].exe" /ex "%1" %*"
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command = '"%1" %*'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run pcdfsvc = "%CommonAppData%\pcdfdata\[RANDOM].exe /min"

More Details on XP Smart Defender

The following messages associated with XP Smart Defender were found:
System Security Alert!
Unknown program is scanning your system registry right now! Identify the theft detected!
System Security Alert!
Vulnerabilities found
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.
XP Smart Defender Firewall Alert
Iexplore.exe is infected with Trojan.JS.Fraud.ba. Private data can be stolen by third parties, including credit card details and passwords.
Windows recommends activate XP Smart Defender

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as-is:
What is 15 + 12 ?