XP Smart Defender

By Domesticus in Rogue Anti-Spyware Program | 138 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading ... Loading ...
 More... More

XP Smart Defender Description

XP Smart Defender is a fake anti-spyware program designed by cybercrooks. XP Smart Defender has no capabilities of detecting and uninstalling any type of security threats. The main purpose of XP Smart Defender is to deceive unaware computer users and pilfer money from them. XP Smart Defender attempts to dupe PC users into thinking their computers are infected with various malware infections. Then, XP Smart Defender strives to induce victims to spend money on the bogus security tool that is allegedly able to repair any malware infections. XP Smart Defender is distributed via Trojans or malicious downloads and enters the corrupted machine secretly without a PC owner’s knowledge. When installed, XP Smart Defender launches a supposed system scan and pretends to check the computer for possible malware threats and other security issues. Falsified malware reports produced by XP Smart Defender are used to intimidate victims into thinking their computers are corrupted.

XP Smart Defender urges victims to buy the full version of scareware, which, in reality, does not exist. XP Smart Defender also shows fraudulent pop-up warning messages that claim your computer is infected and in danger. To bypass the detection and removal, XP Smart Defender may disable legitimate security programs from functioning. Do not rely on anything XP Smart Defender states or displays because all information pertaining to this malicious software is inaccurate. ESG’s malware researchers highly recommend you use a reputable anti-malware program to remove XP Smart Defender as soon as possible. Do not ever spend money on XP Smart Defender.

Type: Rogue AntiSpyware Programs

How Can You Detect XP Smart Defender?

Download SpyHunter’s Detection Scanner
to Detect XP Smart Defender.

Can’t install SpyHunter? Click here to view possible causes of installation issues.

XP Smart Defender Technical Report

As new XP Smart Defender details are reported by our customers and findings from our Threat Research Center, we will update this section.

Fake message for XP Smart Defender:

The following fake error message(s) appears for XP Smart Defender:

XP Smart Defender Firewall Alert
Iexplore.exe is infected with Trojan.JS.Fraud.ba. Private data can be stolen by third parties, including credit card details and passwords.
Windows recommends activate XP Smart Defender

System Security Alert!
Vulnerabilities found
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.

System Security Alert!
Unknown program is scanning your system registry right now! Identify the theft detected!

XP Smart Defender Removal Details

XP Smart Defender has typically the following processes in memory:

  • %CommonAppData%\pcdfdata\[RANDOM].exe

XP Smart Defender creates the following files in the system:

  • %CommonAppData%\pcdfdata\vl.bin
  • %CommonAppData%\pcdfdata\support.ico
  • %CommonPrograms%\XP Smart Defender\XP Smart Defender.lnk
  • %CommonAppData%\pcdfdata\uninst.ico
  • %CommonAppData%\pcdfdata\config.bin
  • %CommonPrograms%\XP Smart Defender\XP Smart Defender Help and Support.lnk
  • %CommonAppData%\pcdfdata\defs.bin
  • %CommonAppData%\pcdfdata\app.ico
  • %CommonDesktopDir%\XP Smart Defender.lnk

XP Smart Defender creates the following registry entries:

  • HKEY_CURRENT_USER\Software\Classes\.exe\ [RANDOM_2]
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command = “”%CommonAppData%\pcdfdata\[RANDOM].exe” /ex “%1″ %*”
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command = ‘”%1″ %*’
  • HKEY_CURRENT_USER\Software\Classes\.exe “Content Type” = ‘application/x-m’
  • HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = ‘%1′
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run pcdfsvc = “%CommonAppData%\pcdfdata\[RANDOM].exe /min”
  • HKEY_CURRENT_USER\Software\Classes\.exe
  • HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = ‘”%1″ %*’

Important Article Disclaimer

ESG Support Center

This entry was last updated on 03/4/13 and posted on 03/2/13. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
« Win 7 Smart Defender
‘Malware-as-a-service’ Market Booms as Prices for Malware and Botnet Creation Tools Decline »

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Popular Malware

Popular Trojans

Recent Malware

Home | SpyHunter Risk Assessment Model | Privacy Policy | End User License Agreement | Additional Terms and Conditions
Copyright 2003-2012. Enigma Software Group USA, LLC. All Rights Reserved.