Win7 Defender is a rogue anti-spyware program from the same family as XP Defender and Vista Defender. It is called Braviax. Win7 Defender is promoted and installed through the use of Trojans that come from misleading websites that pretend to be online anti-malware scanners. Besides, fake viceo/audio codecs, software updates and insecure downloads can easily lead you to infiltration of this virus. Other malware threats have also been noticed to spread this threat. When Trojans are installed, they will download and install Win 7 Defender onto your computer.
HOW CAN I KNOW THAT I AM INFECTED WITH WIN7 DEFENDER?
Once installed, Win 7 Defender is configured to run automatically each time you logon into Windows. While running, this fake antivirus program will simulate a system scan and detect legitimate Windows files or non-existing files as infections. Furthermore, Win 7 Defender will flood your PC with popups and fake security warnings to mislead you into thinking that there are various harmful files on your computer.For example:
System Security Alert!
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.
This is done to create a reason for the user to buy Win 7 Defender “licensed version”, which is completely and utterly non-functional. If you buy it, you will find yourself scammed. As you can see, all those fake alerts false scan results are displayed only to scare you. If you are infected with Win 7 Defender, please use these removal instructions below, which will help you to remove Win 7 Defender from your computer manually for free or with an automatic removal tool.
HOW CAN I REMOVE WIN 7 Defender?
In order to remove Win 7 Defender from the PC, scan your computer using legitimate antispyware programs, like Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus or Reimage that are effectively working with these viruses. If you can't launch a program, rename the executable from xxx.exe to xxx.com or follow these steps:
1. Reboot your computer to Safe Mode with Networking. Just reboot your PC and, as soon as it starts booting up, start pressing F8 repeatedly.
2. Loggin as the same user as you were in normal Windows mode
3. Now click on IE or other browser and select 'Run As' or 'Run As administrator', enter your Administrator account password (if needed).
4. Enter this link to your address bar: http://www.2-spyware.com/download/hunter.exe and download a program on your desktop. Launch it to kill the malicious processes of Win 7 Defender and remove its files.
Win 7 Defender manual removal:
Delete registry values:
HKEY_CLASSES_ROOT.exe "(Default)" = "[random]"
HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = ""%CommonAppData%pcdfdata[random].exe" /ex "%1" %*"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "pcdfsvc" = "%CommonAppData%pcdfdata[random].exe /min
%AllUsersProfile%DesktopWin 7 Defender.lnk
%CommonStartMenu%ProgramsWin 7 Defender
%CommonStartMenu%ProgramsWin 7 DefenderRemove Win 7 Defender.lnk
%CommonStartMenu%ProgramsWin 7 DefenderWin 7 Defender Help and Support.lnk
%CommonStartMenu%ProgramsWin 7 DefenderWin 7 Defender.lnk