Severity scale  
  (74/100)

Win 7 Defender. How to Remove? (Uninstall Guide)

removal by - -   Also known as Win7 Defender, Win7 Defender (Unregistered) | Type: Rogue Antispyware
12

Win7 Defender is a rogue anti-spyware program from the same family as XP Defender and Vista Defender. It is called Braviax. Win7 Defender is promoted and installed through the use of Trojans that come from misleading websites that pretend to be online anti-malware scanners. Besides, fake viceo/audio codecs, software updates and insecure downloads can easily lead you to infiltration of this virus. Other malware threats have also been noticed to spread this threat. When Trojans are installed, they will download and install Win 7 Defender onto your computer.

HOW CAN I KNOW THAT I AM INFECTED WITH WIN7 DEFENDER?

Once installed, Win 7 Defender is configured to run automatically each time you logon into Windows. While running, this fake antivirus program will simulate a system scan and detect legitimate Windows files or non-existing files as infections. Furthermore, Win 7 Defender will flood your PC with popups and fake security warnings to mislead you into thinking that there are various harmful files on your computer.For example:

System Security Alert!
Vulnerabilities found
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.

This is done to create a reason for the user to buy Win 7 Defender "licensed version", which is completely and utterly non-functional. If you buy it, you will find yourself scammed. As you can see, all those fake alerts false scan results are displayed only to scare you. If you are infected with Win 7 Defender, please use these removal instructions below, which will help you to remove Win 7 Defender from your computer manually for free or with an automatic removal tool.

HOW CAN I REMOVE WIN 7 Defender?

In order to remove Win 7 Defender from the PC, scan your computer using legitimate antispyware programs, like PlumbytesWebroot SecureAnywhere AntiVirus or Reimage that are effectively working with these viruses. If you can't launch a program, rename the executable from xxx.exe to xxx.com or follow these steps:

1. Reboot your computer to Safe Mode with Networking. Just reboot your PC and, as soon as it starts booting up, start pressing F8 repeatedly.
2. Loggin as the same user as you were in normal Windows mode
3. Now click on IE or other browser and select 'Run As' or 'Run As administrator', enter your Administrator account password (if needed).
4. Enter this link to your address bar: http://www.2-spyware.com/download/hunter.exe and download a program on your desktop. Launch it to kill the malicious processes of Win 7 Defender and remove its files.

Related files: av.exe

Win 7 Defender properties:
• Changes browser settings
• Shows commercial adverts
• Connects itself to the internet
• Stays resident in background

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
Reimage - remover Happiness
Guarantee
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Win 7 Defender. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Win 7 Defender. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
STOPzilla
Tested and Confirmed! STOPzilla removes Win 7 Defender (2013-01-03 07:23:12)
Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes Win 7 Defender (2013-01-03 07:23:12)
Plumbytes
We are testing Plumbytes's efficiency (2013-01-03 07:23)
Hitman Pro
STOPzilla
Tested and Confirmed! STOPzilla removes Win 7 Defender (2013-01-03 07:23:12)
Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes Win 7 Defender (2013-01-03 07:23:12)
Webroot SecureAnywhere AntiVirus

Win 7 Defender manual removal

Kill processes:
[random characters].exe
Delete registry values:
HKEY_CLASSES_ROOT\.exe "(Default)" = "[random]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\pcdfdata
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = ""%CommonAppData%\pcdfdata\[random].exe" /ex "%1" %*"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "pcdfsvc" = "%CommonAppData%\pcdfdata\[random].exe /min
Delete files:
%CommonAppData%\pcdfdata\
%CommonAppData%\pcdfdata\[random].exe
%CommonAppData%\pcdfdata\app.ico
%CommonAppData%\pcdfdata\config.bin
%CommonAppData%\pcdfdata\defs.bin
%CommonAppData%\pcdfdata\support.ico
%CommonAppData%\pcdfdata\uninst.ico
%CommonAppData%\pcdfdata\vl.bin
%AllUsersProfile%\Desktop\Win 7 Defender.lnk
%CommonStartMenu%\Programs\Win 7 Defender\
%CommonStartMenu%\Programs\Win 7 Defender\Remove Win 7 Defender.lnk
%CommonStartMenu%\Programs\Win 7 Defender\Win 7 Defender Help and Support.lnk
%CommonStartMenu%\Programs\Win 7 Defender\Win 7 Defender.lnk

Geolocation of Win 7 Defender

Map reveals the prevalence of Win 7 Defender. Countries and regions that have been affected the most are: Vietnam, Germany and United States.

Removal guides in other languages


Information updated:

Comments on Win 7 Defender

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)