XP Antivirus Pro 2013
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 8,080 |
| Threat Level: | 100 % (High) |
| Infected Computers: | 7,435 |
| First Seen: | October 1, 2012 |
| Last Seen: | September 18, 2023 |
| OS(es) Affected: | Windows |
XP Antivirus Pro 2013 Image
There has been a large number of reports of widespread infections involving updated variants of the WinPC Defender or Braviax family of malware. XP Antivirus Pro 2013 is one of the many names that are being used by these fake security programs to scam unsuspecting computer users. As is common with these kinds of fake security programs, there are numerous clones of XP Antivirus Pro 2013. All of these fake security programs use a similar pattern for determining each fake security application's name. The first word is usually the targeted operating system (in this case it is XP since the targeted operating system is Windows XP). It is followed by a generic term that makes it seem as if the program is a security application such as antimalware, home security, antivirus, internet security, etc. Finally, these programs will have the current year tacked on to the end of the rogue security application's name.
The newest variants in this family of malware, including XP Antivirus Pro 2013, use the year '2013.' However, apart from its denomination, there is no dissimilarity between XP Antivirus Pro 2013 and previous versions such as WinPC Defender, SystemDefender, IE Defender, IE Defender, XPdefender, WinDefender2008, PC Privacy Defender, Malware Defender 2009, Smart Defender Pro, Ultimate Defender, Advanced XP Defender, Security Defender Pro 2015.
XP Antivirus Pro 2013 and its clones attack particular Windows versions. Although the Trojan that installs XP Antivirus Pro 2013 attacks a variety of computers, each fake security program's name varies depending on the infected computer's operating system. XP Antivirus Pro 2013 is only installed on computers running Windows XP. If the targeted computer is using another version of Windows, such as Windows 7, Windows 8 or Vista, then a program named Win 7 Antivirus Pro 2013, Win 8 Antivirus Pro 2013 or Vista Antivirus Pro 2013 would be installed instead.
XP Antivirus Pro 2013 is designed to make its victims be convinced that their machine is infested with malware. This fake security program harasses its victims with numerous fake error messages and system alerts. When the victim attempts to fix these supposed problems with XP Antivirus Pro 2013, this fake security program displays error messages urging the victim to pay for a fake upgrade for XP Antivirus Pro 2013. Since XP Antivirus Pro 2013 isn't capable of detecting or removing malware and is part of a malware attack itself, ESG security researchers recommend its complete removal using a strong anti-malware program that is fully up to date.
Table of Contents
Aliases
15 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| Ikarus | Win32.Bancos |
| AhnLab-V3 | Trojan/Win32.Diple |
| AntiVir | TR/Bancos.CDL.8 |
| DrWeb | Trojan.KillProc.15905 |
| Avast | Win32:Bancos-CDL [Spy] |
| McAfee | Artemis!8A7BB35885CF |
| Kaspersky | Trojan-Ransom.Win32.Foreign.asxx |
| AVG | Dropper.Generic2.AAPU |
| Ikarus | Trojan-Dropper.SuspectCRC |
| McAfee-GW-Edition | Artemis!02E1070C9FAD |
| AntiVir | SPR/Tool.BeeInject.133 |
| Kaspersky | Trojan-Spy.MSIL.Agent.buh |
| Avast | MSIL:Crypt-AO |
| NOD32 | a variant of MSIL/Injector.U |
| AntiVir | TR/Boigy.2 |
SpyHunter Detects & Remove XP Antivirus Pro 2013
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | SetupUbi.exe | 735e3f35a14cc39fb874b0799a198fb3 | 148 |
| 2. | n | 004d883c75e80cd386a260b5eccbf285 | 24 |
| 3. | syshost.exe | e6533434941eb27d0efd1bf7d37c4f4d | 20 |
| 4. | TMf2g99RPH1P2EI.exe | 2f5b8fa2968ecb754e181c50e4e869dc | 11 |
| 5. | winmgr.exe | bfdef30de6842d4190ec34213593ec49 | 9 |
| 6. | update.exe | 6124c9689dc1db263359cf83df35325b | 6 |
| 7. | Bla Bla.exe | cb9d64689c607953224011d89c08d839 | 6 |
| 8. | IZ Crypt Pre Alpha.exe | 5a251700f95ca463af81440a06c11086 | 5 |
| 9. | A-2068193475.exe | 9a65737e5ccc95b04f26f95eaa2be535 | 4 |
| 10. | wincmd.exe | 506a814c73adbfa70107a40085b90b4a | 4 |
| 11. | msdcsc.exe | 8f42640869da36976902d674b41cc36a | 3 |
| 12. | svchast.exe | 87b549a60cfc9dd0d4040fb78e879637 | 2 |
| 13. | 894481.exe | 8bd4851fb17d576e54df0b41bd3233c8 | 2 |
| 14. | Teemu.exe | 2f6ec4885e14e3904d94c037ad8c98fa | 2 |
| 15. | up2date.exe | a8a12411d33c56520ef81a83416caca6 | 2 |
| 16. | SERVICES.EXE | 48b0f162c65c7316db6ec1d294f8f37e | 2 |
| 17. | winmgr.exe | 9c7319a2126d1473067704a7bdbd36c9 | 2 |
| 18. | wins.exe | cb5c8a3f5cba769669f662ab9e30b913 | 2 |
| 19. | mslutv.exe | 7295902ee0f05ab37a2f764e9b45a8b6 | 2 |
| 20. | csrss.exe | 295f8c0f0188a4ffbacd71634986bb03 | 1 |
| 21. | 5879257.dll | 96d5dfe63f44097d219e1d749ba07d0a | 1 |
| 22. | gbpsvs.dll | ea505c2d439a5f36e3e079f25b41ae56 | 1 |
| 23. | wlcon.dll | fa8d670443046dd1f99dd08241362027 | 1 |
| 24. | gbieha.dll | ed5ef662951776536fc5a09266de8b08 | 1 |
| 25. | 6954194.dll | 6702fa8bfb4b5582511f22d93cb45a0a | 1 |
| 26. | Lollipop.exe | 8448d114db908ac23f610dc1292edabe | 1 |
| 27. | ycfyycfewuj.exe | dc051532febb8ee31d8ad7b7c6ac205c | 1 |
| 28. | 8103874.dll | b9097671abbe840bb69102e82adc8544 | 1 |
| 29. | %CommonApplData%\[RANDOM CHARACTERS_2] | ||
| 30. | %LocalAppData%\[RANDOM CHARACTERS_2] | ||
| 31. | %Temp%\[RANDOM CHARACTERS_2] | ||
| 32. | %UserProfile%\Templates\[RANDOM CHARACTERS_2] |
Registry Details
Messages
The following messages associated with XP Antivirus Pro 2013 were found:
|
Severe system damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan. |
|
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here. |
|
Virus intrusion!
Your computer security is at risk. Spyware, worms and Trojans were detected in the background. Prevent data corruption and credit card information theft. Safeguard your system and perform a free security scan now. |
|
XP Antivirus Pro 2013 Firewall Alert
XP Antivirus Pro 2013 has blocked a program from accessing the internet Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen Private data can be stolen by third parties, including credit card details and passwords. |
