Security Defender Pro 2015

Posted: March 24, 2015

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	10/10
Infected PCs:	26

First Seen:	March 24, 2015
OS(es) Affected:	Windows

Security Defender Pro 2015, also known as Defender Pro 2015, is a rogue anti-malware program that imitates the features of actual anti-malware suites as a means of extorting money with its software registration requests. The registered version of Security Defender Pro 2015 is no more capable of protecting your system from infections than its unregistered version. However, Defender Pro 2015 may generate believable pop-up alerts that highly resemble the warnings of real PC security suites. Because many members of Security Defender Pro 2015's estimated family of scamware, the WinPC Defender family also are known for committing other attacks, malware analysts heavily urge the uninstallation of Security Defender Pro 2015 through any means necessary.

Security Defender Pro 2015: the Professional Misleading Salesman

Security Defender Pro 2015 is another fraudulent security product that exploits its visual resemblance to Microsoft's Security Essentials as a means of keeping its victims unaware of its threatening nature. This skin also is common to other, most likely cloned scamware like Ultimate Defender, SystemDefender, IE Defender, Advanced XP Defender, XP Defender, WinDefender2008, PCTotalDefender, PC Defender 2008, Personal Defender 2009, WinDefender 2009, Perfect Defender 2009, Total Defender, Malware Defender 2009, WinPC Defender, PC Privacy Defender, Smart Defender Pro, Rogue.UltimateDefender and FraudTool.LastDefender.b. It also is one of the several methods Defender Pro 2015 uses to trick you into believing that your PC is being affected by multiple infections.

Security Defender Pro 2015 will initiate automatic 'scans' of your PC that don't provide legitimate results, but, instead, detect fake threats, including such threatening software as advanced password collectors, rootkits or worms. Secondary attacks may generate additional pop-up warnings with inaccurate system information, all of which are intended to force you to purchase Defender Pro 2015 for 'disinfecting' your PC.

Some variants of Security Defender Pro 2015 and related threats from the same family also may launch other attacks that are unrelated to its security tactic. These may include:

Security Defender Pro 2015 may download and install additional threats automatically.
Security Defender Pro 2015 may redirect your Web browser to its website or away from known PC security sites.
In-browser downloads of PC security tools may cancel automatically.
Security products already installed may be blocked by Defender Pro 2015, in an effort to thwart its uninstallation.

Most browser redirects and pop-ups from Security Defender Pro 2015 will promote its registration for disinfecting your PC successfully. However, since Security Defender Pro 2015 is fraudulent software without any real security features, purchasing Defender Pro 2015 has no advantages. As an additional warning, malware researchers often find correlations between compromised financial information and scamware registrations, which may result in other, illicit transactions.

The 2015's Answer to Recycled Scamware

Security Defender Pro 2015 bears a new brand name, but few observable, meaningful differences from previous rogue anti-malware scanners. Nevertheless, any infection related to a new variety of threat should be removed only by anti-malware products that also are up-to-date for detecting the newest threats. If Security Defender Pro 2015 blocks your security software before you can remove Defender Pro 2015, standard security protocols can help you disable most threats prior to launching real anti-malware scans. As with most threats of its type, Security Defender Pro 2015 is highly likely to use randomized file names or file names imitating stock Windows files.

Reports on Security Defender Pro 2015's principal distribution methods still are being finalized, but Defender Pro 2015 does not, as of this date, include properties for distributing and installing itself. Most scamware products are installed with the help of other threats or exploit kits, which may be encountered on hostile websites or while launching threatening executable files. Scanning these downloads and using anti-malware tools to protect your browser are the top self-defenses malware researchers can suggest, besides, of course, enacting safe Web-browsing behavior.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%UserProfile%\AppData\LocalLow\jkaodjxbzs.dat

File name: %UserProfile%\AppData\LocalLow\jkaodjxbzs.dat
File type: Data file
Mime Type: unknown/dat
Group: Malware file

%UserProfile%\AppData\LocalLow\pjlxjjsabn.png

File name: %UserProfile%\AppData\LocalLow\pjlxjjsabn.png
Mime Type: unknown/png
Group: Malware file

%UserProfile%\AppData\LocalLow\zflbwoitvz.png

File name: %UserProfile%\AppData\LocalLow\zflbwoitvz.png
Mime Type: unknown/png
Group: Malware file

%Documents%\avicap32v2.exe

File name: %Documents%\avicap32v2.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\avicap32v2 %Documents%\avicap32v2.exe

Additional Information

The following messages's were detected:

#	Message
1	Review harmful or potentially unwanted software Your computer might be infected with: Win32/Wadnock. Windows has detected potential threat that might compromise your privacy or damage your computer. This trojan is dangerous and executes commands from an attacker. Your access to this program may be suspended until you take an action.
2	System attack detected. Unknown program tries to collect a personal info, compromise your privacy, or damage your PC. Details: Attack from: 249.251.51.131 port: 18280 Attack port: 37825 Threat: Password.WIn32.OnlineGameSxa
3	Virus detection alert. System has detected security setting changes due to malware. This threat is dangerous, exploits the computer, and provides access to user files. A scan required to complete remediation.