Win 7 Antivirus Pro 2013
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 8,230 |
| Threat Level: | 100 % (High) |
| Infected Computers: | 7,502 |
| First Seen: | October 1, 2012 |
| Last Seen: | April 14, 2024 |
| OS(es) Affected: | Windows |
Win 7 Antivirus Pro 2013 Image
Win 7 Antivirus Pro 2013 is part of a widespread malware attack that involves Trojans and fake security applications in the notorious WinPC Defender family of rogue security software. This family of malware is also known as Braviax. Despite their appearance, Win 7 Antivirus Pro 2013 and its clones are not real anti-virus programs and are used to scam inexperienced computer users.
Table of Contents
Win 7 Antivirus Pro 2013 and Its Clones Are Easy to Recognize by Their Naming Pattern
The many clones of Win 7 Antivirus Pro 2013 are not difficult to recognize because they use similar patterns for each fake security program's name (it is highly likely that these names are generated automatically). These fake security programs typically use a naming pattern composed of three parts:
- The targeted version of Windows (XP, Vista, Win 7, or Win 8). The Trojan responsible for installing Win 7 Antivirus Pro 2013 detects the infected computer's operating system and installs a variant of this fake security application that corresponds to it.
- A generic word somehow associated with computer security (antivirus, antimalware, antivirus pro, antimalware pro, home security, total security, security, internet security, etc.).
- The year of the release. These fake security applications have been released since 2009 and the latest batch, which includes Win 7 Antivirus Pro 2013, were released in October of 2012 and used the year '2013' in their names.
This naming pattern is readily apparent in Win 7 Antivirus Pro 2013, which targets computers using Windows 7, pretends to be a 'pro' anti-virus program, and claims to be a 2013 release despite being essentially the same fake security program that has attacked computers since 2009. Some clones of Win 7 Antivirus Pro 2013 are WinPC Defender, SystemDefender, IE Defender, IE Defender, XPdefender, WinDefender2008, PC Privacy Defender, Malware Defender 2009, Smart Defender Pro, Ultimate Defender, Advanced XP Defender, Security Defender Pro 2015.
Fake security programs like Win 7 Antivirus Pro 2013 use numerous error messages and deliberately caused problems on the victim's computer to persuade them that their machine is under attack. Posing as anti-virus programs, rogue security applications like Win 7 Antivirus Pro 2013 will claim to be able to solve the very problem they create if the victim is willing to pay for an expensive upgrade. ESG security researchers strongly advise against paying for Win 7 Antivirus Pro 2013. Instead, remove this bogus security program completely from your computer by enlisting the help of a powerful anti-malware tool that is updated with the latest malware definitions.
Aliases
15 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| Ikarus | Win32.Bancos |
| AhnLab-V3 | Trojan/Win32.Diple |
| AntiVir | TR/Bancos.CDL.8 |
| DrWeb | Trojan.KillProc.15905 |
| Avast | Win32:Bancos-CDL [Spy] |
| McAfee | Artemis!8A7BB35885CF |
| Kaspersky | Trojan-Ransom.Win32.Foreign.asxx |
| AVG | Dropper.Generic2.AAPU |
| Ikarus | Trojan-Dropper.SuspectCRC |
| McAfee-GW-Edition | Artemis!02E1070C9FAD |
| AntiVir | SPR/Tool.BeeInject.133 |
| Kaspersky | Trojan-Spy.MSIL.Agent.buh |
| Avast | MSIL:Crypt-AO |
| NOD32 | a variant of MSIL/Injector.U |
| AntiVir | TR/Boigy.2 |
SpyHunter Detects & Remove Win 7 Antivirus Pro 2013
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | SetupUbi.exe | 735e3f35a14cc39fb874b0799a198fb3 | 152 |
| 2. | n | 004d883c75e80cd386a260b5eccbf285 | 24 |
| 3. | syshost.exe | e6533434941eb27d0efd1bf7d37c4f4d | 20 |
| 4. | TMf2g99RPH1P2EI.exe | 2f5b8fa2968ecb754e181c50e4e869dc | 11 |
| 5. | winmgr.exe | bfdef30de6842d4190ec34213593ec49 | 9 |
| 6. | update.exe | 6124c9689dc1db263359cf83df35325b | 6 |
| 7. | Bla Bla.exe | cb9d64689c607953224011d89c08d839 | 6 |
| 8. | IZ Crypt Pre Alpha.exe | 5a251700f95ca463af81440a06c11086 | 5 |
| 9. | A-2068193475.exe | 9a65737e5ccc95b04f26f95eaa2be535 | 4 |
| 10. | wincmd.exe | 506a814c73adbfa70107a40085b90b4a | 4 |
| 11. | msdcsc.exe | 8f42640869da36976902d674b41cc36a | 3 |
| 12. | svchast.exe | 87b549a60cfc9dd0d4040fb78e879637 | 2 |
| 13. | 894481.exe | 8bd4851fb17d576e54df0b41bd3233c8 | 2 |
| 14. | Teemu.exe | 2f6ec4885e14e3904d94c037ad8c98fa | 2 |
| 15. | up2date.exe | a8a12411d33c56520ef81a83416caca6 | 2 |
| 16. | SERVICES.EXE | 48b0f162c65c7316db6ec1d294f8f37e | 2 |
| 17. | winmgr.exe | 9c7319a2126d1473067704a7bdbd36c9 | 2 |
| 18. | wins.exe | cb5c8a3f5cba769669f662ab9e30b913 | 2 |
| 19. | mslutv.exe | 7295902ee0f05ab37a2f764e9b45a8b6 | 2 |
| 20. | csrss.exe | 295f8c0f0188a4ffbacd71634986bb03 | 1 |
| 21. | 5879257.dll | 96d5dfe63f44097d219e1d749ba07d0a | 1 |
| 22. | gbpsvs.dll | ea505c2d439a5f36e3e079f25b41ae56 | 1 |
| 23. | wlcon.dll | fa8d670443046dd1f99dd08241362027 | 1 |
| 24. | gbieha.dll | ed5ef662951776536fc5a09266de8b08 | 1 |
| 25. | 6954194.dll | 6702fa8bfb4b5582511f22d93cb45a0a | 1 |
| 26. | Lollipop.exe | 8448d114db908ac23f610dc1292edabe | 1 |
| 27. | ycfyycfewuj.exe | dc051532febb8ee31d8ad7b7c6ac205c | 1 |
| 28. | 8103874.dll | b9097671abbe840bb69102e82adc8544 | 1 |
| 29. | %CommonApplData%\[RANDOM CHARACTERS_2] | ||
| 30. | %LocalAppData%\[RANDOM CHARACTERS_2] | ||
| 31. | %Temp%\[RANDOM CHARACTERS_2] | ||
| 32. | %UserProfile%\Templates\[RANDOM CHARACTERS_2] |
Registry Details
Messages
The following messages associated with Win 7 Antivirus Pro 2013 were found:
|
Privacy alert!
Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion. |
|
Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now. |
|
Threat detected!
Security alert! Your computer was found to be infected with privacy-threathening software. Private data may get stolen and system damage may be severe. Recover your PC from the infection right now, perform a security scan. |
|
Tracking software found!
Your PC activity is being monitored. Possible spyware infection. Your data security may be compromised. Sensitive data can be stolen. Prevent damage now by completing a security scan. |
