Home Malware Programs Rogue Anti-Spyware Programs Vista Smart Defender Pro

Vista Smart Defender Pro

Posted: March 4, 2013

Threat Metric

Ranking: 6,072
Threat Level: 2/10
Infected PCs: 8,720
First Seen: March 4, 2013
Last Seen: October 13, 2023
OS(es) Affected: Windows

Vista Smart Defender Pro claims to be able to detect and disinfect malware, but security-related information that's provided by Vista Smart Defender Pro always is inaccurate and can't help you protect your PC. Vista Smart Defender Pro's attacks, which SpywareRemove.com malware experts have noted to include various pop-ups and fake scans along with potential browser redirects and/or application-blocking behavior, will encourage you to spend money on registering Vista Smart Defender Pro – even though Vista Smart Defender Pro is the origin of all of these issues. There's no need to pay money to remove the imaginary PC threats that Vista Smart Defender Pro detects, but you should be prepared to remove Vista Smart Defender Pro as quickly as possible if you want to restore your computer to normal functionality.

Why Vista Smart Defender Pro isn't a Smart Choice for Protecting Windows Vista

Vista Smart Defender Pro markets itself as a supposedly Windows Vista-centric anti-malware product, but behind the marketing, Vista Smart Defender Pro's features all are carefully-crafted fakes that can't detect or defense against real PC threats. By abusing multiple formats of pop-up warnings, Vista Smart Defender Pro may make it look as if your PC is being attacked by spyware, backdoor Trojans or other high-level threats. To supplement its pop-ups, Vista Smart Defender Pro also includes a fraudulent system-scanning feature – which SpywareRemove.com malware experts have confirmed always to display fake infections.

Vista Smart Defender Pro displays these fake security features as part of its marketing ploy to trick victims into purchasing a fake registration key. In reality, Vista Smart Defender Pro's registered version isn't any more beneficial for your PC than its unregistered version, and your personal information (such as credit card details) that's used in this purchasing process is likely to be exploited in future attempts at financial fraud.

SpywareRemove.com malware researchers also warn of other rogue anti-malware scanners that are distinctly related to the Vista Smart Defender Pro's family, WinPC Defender. Thus far, Vista Smart Defender Pro's clones include Ultimate Defender, SystemDefender, IE Defender, Advanced XP Defender, XP Defender, WinDefender2008, PCTotalDefender, PC Defender 2008, Personal Defender 2009, WinDefender 2009, Perfect Defender 2009, Total Defender, Malware Defender 2009, WinPC Defender, PC Privacy Defender, Smart Defender Pro, Rogue.UltimateDefender, FraudTool.LastDefender.b and Security Defender Pro 2015.

Seeing a Professional About Ridding Your PC of Vista Smart Defender Pro

Vista Smart Defender Pro's major identifying traits are its fake security features, but SpywareRemove.com malware research team is even more concerned with Vista Smart Defender Pro's potential for harming your computer's real security features. Attacks by Vista Smart Defender Pro also may include browser redirects or malicious DNS settings changes, as well as attempts to block security-related programs like the ubiquitous Task Manager.

As a security risk, Vista Smart Defender Pro should be removed immediately, with appropriate application of any anti-malware software being the preferable means for deleting Vista Smart Defender Pro. If your choice of an anti-malware program is being blocked by Vista Smart Defender Pro, you may need to use Safe Mode, reboot from a backup OS or use other methods to disable Vista Smart Defender Pro before removing Vista Smart Defender Pro becomes viable.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%Temp%\[RANDOM CHARACTERS] File name: %Temp%\[RANDOM CHARACTERS]
Group: Malware file
%AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS] File name: %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS]
Group: Malware file
%AppData%\Local\[RANDOM CHARACTERS] File name: %AppData%\Local\[RANDOM CHARACTERS]
Group: Malware file
%AppData%\Local\[RANDOM CHARACTERS].exe File name: %AppData%\Local\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%AllUsersProfile%\[RANDOM CHARACTERS] File name: %AllUsersProfile%\[RANDOM CHARACTERS]
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" – '"%1" %*'HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = '%1' = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Internet Explorer\iexplore.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mode'

Additional Information

The following URL's were detected:
my-live-videos.com
The following messages's were detected:
# Message
1Vista Smart Defender Pro - Unregistered Version Attention: Danger! Alert! System scan for spyware, adware, Trojans and viruses is complete. Vista Smart Defender Pro detected 30 critical system objects. These security breaches may be exploited and lead to the following: Your system becomes a target for spam and bulky, intruding ads; Browser crashes frequently and web access speed decreases; Your personal files, photos, documents and passwords get stolen; Your computer is used for criminal activity behind your back; Bank details and credit card information gets disclosed; Click REGISTER to register your copy of Vista Smart Defender Pro and perform threat removal on your system. The list of infections and vulnerabilities detected will become available after registration

Loading...