Vista Smart Defender

Posted: March 2, 2013

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	2/10
Infected PCs:	98

First Seen:	March 4, 2013
OS(es) Affected:	Windows

Vista Smart Defender is a rogue anti-malware program that generates fake alerts to encourage its victims to purchase its software. Even though Vista Smart Defender can't detect any type of PC threat whatsoever, Vista Smart Defender will create fake firewall alerts, system scans and other imitations of genuine security features. Because Vista Smart Defender also may block important security programs, SpywareRemove.com malware experts recommend that you treat Vista Smart Defender as a danger to your PC and use a strong anti-malware program to remove Vista Smart Defender safely – all without paying Vista Smart Defender's registration fee.

Why Placing Your Faith in Vista Smart Defender Isn't the Smartest Idea You Could Have

Vista Smart Defender is also a member of the WinPC Defender family of scamware products as Ultimate Defender, SystemDefender, IE Defender, Advanced XP Defender, XP Defender, WinDefender2008, PCTotalDefender, PC Defender 2008, Personal Defender 2009, WinDefender 2009, Perfect Defender 2009, Total Defender, Malware Defender 2009, WinPC Defender, PC Privacy Defender, Smart Defender Pro, Rogue.UltimateDefender, FraudTool.LastDefender.b and Security Defender Pro 2015.. Vista Smart Defender and its brethren may have different brand names, but all of them can be considered to be essentially the same program: a fake anti-malware scanner that's dedicated to providing misleading information about your computer's health. SpywareRemove.com malware research team has observed that attacks by Vista Smart Defender can imitate firewall warnings, as well as alerts against such attacks as identity theft and the presence of backdoor vulnerabilities. Still, Vista Smart Defender's main feature is its fake scanner, which always will return results that are teeming with a variety of Trojans and other types of malicious software.

Vista Smart Defender may be incapable of protecting your PC from such dangers, but Vista Smart Defender always will encourage you to register its software to resolve any problems that you might have. To this end, Vista Smart Defender also may redirect your browser, block other applications and perform other attacks; these attacks will be disguised to look as if they're originating from unrelated malware.

Flunking Vista Smart Defender on PC Security

Regardless of how much Vista Smart Defender harms your ability to use your computer, SpywareRemove.com malware experts never recommend purchasing Vista Smart Defender or any other type of fake anti-malware application. Resolving any problems that are related to a Vista Smart Defender infection should use standardized security strategies for disabling malware, followed by deleting Vista Smart Defender with a legitimate anti-malware scanner.

If Vista Smart Defender blocks your anti-malware software, SpywareRemove.com malware experts suggest that you reboot in Safe Mode or, in the most restrictive scenarios, launch a separate OS via your USB drive. Either strategy will disable most PC threats, including Vista Smart Defender, and allow you to proceed with cleaning your computer. Because Vista Smart Defender is likely to cause Registry changes and other issues that are not easily detectable, you should avoid any attempts to remove Vista Smart Defender by hand if other means are available.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%CommonAppData%\pcdfdata\uninst.ico

File name: %CommonAppData%\pcdfdata\uninst.ico
Mime Type: unknown/ico
Group: Malware file

%CommonAppData%\pcdfdata\defs.bin

File name: %CommonAppData%\pcdfdata\defs.bin
File type: Binary File
Mime Type: unknown/bin
Group: Malware file

%CommonAppData%\pcdfdata\vl.bin

File name: %CommonAppData%\pcdfdata\vl.bin
File type: Binary File
Mime Type: unknown/bin
Group: Malware file

%CommonAppData%\pcdfdata\app.ico

File name: %CommonAppData%\pcdfdata\app.ico
Mime Type: unknown/ico
Group: Malware file

%CommonAppData%\pcdfdata\[RANDOM].exe

File name: %CommonAppData%\pcdfdata\[RANDOM].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

%CommonAppData%\pcdfdata\config.bin

File name: %CommonAppData%\pcdfdata\config.bin
File type: Binary File
Mime Type: unknown/bin
Group: Malware file

%CommonAppData%\pcdfdata\support.ico

File name: %CommonAppData%\pcdfdata\support.ico
Mime Type: unknown/ico
Group: Malware file

%CommonDesktopDir%\Vista Smart Defender.lnk

File name: %CommonDesktopDir%\Vista Smart Defender.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

%CommonPrograms%\Vista Smart Defender\Vista Smart Defender.lnk

File name: %CommonPrograms%\Vista Smart Defender\Vista Smart Defender.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

%CommonPrograms%\Vista Smart Defender\Vista Smart Defender Help and Support.lnk

File name: %CommonPrograms%\Vista Smart Defender\Vista Smart Defender Help and Support.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-m'HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command = ""%CommonAppData%\pcdfdata\[RANDOM].exe" /ex "%1" %*"HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exeHKEY_CURRENT_USER\Software\Classes\.exe\ [RANDOM_2]HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIconHKEY_CURRENT_USER\Software\Classes\.exe\shellHKEY_CURRENT_USER\Software\Classes\.exe\shell\openHKEY_CURRENT_USER\Software\Classes\.exe\shell\open\commandHKEY_CURRENT_USER\Software\Classes\.exe\shell\runasHKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\commandHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run pcdfsvc = "%CommonAppData%\pcdfdata\[RANDOM].exe /min"

Additional Information

The following messages's were detected:

#	Message
1	System Security Alert! Unknown program is scanning your system registry right now! Identify the theft detected!
2	System Security Alert! Vulnerabilities found Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.
3	Vista Smart Defender Firewall Alert Iexplore.exe is infected with Trojan.JS.Fraud.ba. Private data can be stolen by third parties, including credit card details and passwords. Windows recommends activate Vista Smart Defender

Vista Smart Defender Pro