Home Malware Programs Rogue Anti-Virus Programs Security Defender Pro 2015

Security Defender Pro 2015

Posted: March 24, 2015

Threat Metric

Threat Level: 10/10
Infected PCs: 26
First Seen: March 24, 2015
OS(es) Affected: Windows

Security Defender Pro 2015, also known as Defender Pro 2015, is a rogue anti-malware program that imitates the features of actual anti-malware suites as a means of extorting money with its software registration requests. The registered version of Security Defender Pro 2015 is no more capable of protecting your system from infections than its unregistered version. However, Defender Pro 2015 may generate believable pop-up alerts that highly resemble the warnings of real PC security suites. Because many members of Security Defender Pro 2015's estimated family of scamware, the WinPC Defender family also are known for committing other attacks, malware analysts heavily urge the uninstallation of Security Defender Pro 2015 through any means necessary.

Security Defender Pro 2015: the Professional Misleading Salesman

Security Defender Pro 2015 is another fraudulent security product that exploits its visual resemblance to Microsoft's Security Essentials as a means of keeping its victims unaware of its threatening nature. This skin also is common to other, most likely cloned scamware like Ultimate Defender, SystemDefender, IE Defender, Advanced XP Defender, XP Defender, WinDefender2008, PCTotalDefender, PC Defender 2008, Personal Defender 2009, WinDefender 2009, Perfect Defender 2009, Total Defender, Malware Defender 2009, WinPC Defender, PC Privacy Defender, Smart Defender Pro, Rogue.UltimateDefender and FraudTool.LastDefender.b. It also is one of the several methods Defender Pro 2015 uses to trick you into believing that your PC is being affected by multiple infections.

Security Defender Pro 2015 will initiate automatic 'scans' of your PC that don't provide legitimate results, but, instead, detect fake threats, including such threatening software as advanced password collectors, rootkits or worms. Secondary attacks may generate additional pop-up warnings with inaccurate system information, all of which are intended to force you to purchase Defender Pro 2015 for 'disinfecting' your PC.

Some variants of Security Defender Pro 2015 and related threats from the same family also may launch other attacks that are unrelated to its security tactic. These may include:

  • Security Defender Pro 2015 may download and install additional threats automatically.
  • Security Defender Pro 2015 may redirect your Web browser to its website or away from known PC security sites.
  • In-browser downloads of PC security tools may cancel automatically.
  • Security products already installed may be blocked by Defender Pro 2015, in an effort to thwart its uninstallation.

Most browser redirects and pop-ups from Security Defender Pro 2015 will promote its registration for disinfecting your PC successfully. However, since Security Defender Pro 2015 is fraudulent software without any real security features, purchasing Defender Pro 2015 has no advantages. As an additional warning, malware researchers often find correlations between compromised financial information and scamware registrations, which may result in other, illicit transactions.

The 2015's Answer to Recycled Scamware

Security Defender Pro 2015 bears a new brand name, but few observable, meaningful differences from previous rogue anti-malware scanners. Nevertheless, any infection related to a new variety of threat should be removed only by anti-malware products that also are up-to-date for detecting the newest threats. If Security Defender Pro 2015 blocks your security software before you can remove Defender Pro 2015, standard security protocols can help you disable most threats prior to launching real anti-malware scans. As with most threats of its type, Security Defender Pro 2015 is highly likely to use randomized file names or file names imitating stock Windows files.

Reports on Security Defender Pro 2015's principal distribution methods still are being finalized, but Defender Pro 2015 does not, as of this date, include properties for distributing and installing itself. Most scamware products are installed with the help of other threats or exploit kits, which may be encountered on hostile websites or while launching threatening executable files. Scanning these downloads and using anti-malware tools to protect your browser are the top self-defenses malware researchers can suggest, besides, of course, enacting safe Web-browsing behavior.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%UserProfile%\AppData\LocalLow\jkaodjxbzs.dat File name: %UserProfile%\AppData\LocalLow\jkaodjxbzs.dat
File type: Data file
Mime Type: unknown/dat
Group: Malware file
%UserProfile%\AppData\LocalLow\pjlxjjsabn.png File name: %UserProfile%\AppData\LocalLow\pjlxjjsabn.png
Mime Type: unknown/png
Group: Malware file
%UserProfile%\AppData\LocalLow\zflbwoitvz.png File name: %UserProfile%\AppData\LocalLow\zflbwoitvz.png
Mime Type: unknown/png
Group: Malware file
%Documents%\avicap32v2.exe File name: %Documents%\avicap32v2.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\avicap32v2 %Documents%\avicap32v2.exe

Additional Information

The following messages's were detected:
# Message
1Review harmful or potentially unwanted software
Your computer might be infected with: Win32/Wadnock.
Windows has detected potential threat that might compromise your privacy or damage your computer. This trojan is dangerous and executes commands from an attacker.
Your access to this program may be suspended until you take an action.
2System attack detected.
Unknown program tries to collect a personal info, compromise your privacy, or damage your PC.
Attack from: port: 18280
Attack port: 37825
Threat: Password.WIn32.OnlineGameSxa
3Virus detection alert.
System has detected security setting changes due to malware. This threat is dangerous, exploits the computer, and provides access to user files. A scan required to complete remediation.