Win 7 Defender

Win 7 Defender Description

Win 7 Defender Screenshot 1Win 7 Defender may be promoted as a cure for spyware, viruses and other types of PC threats, but Win 7 Defender’s real functions don’t have anything to do with detection or deletion of any type of threat to your computer. Like the other types of scamware that Win 7 Defender is cloned from, Win 7 Defender uses fraudulent system scans and pop-ups to urge you to buy its fake anti-malware services – under the threat that if you don’t do this, your PC will suffer under the ongoing ministrations of various PC threats. malware analysts, however, advise that you delete Win 7 Defender from your computer as soon as its presence is noticed, since Win 7 Defender’s very presence is a security risk due to Win 7 Defender’s creation of junk files and fake Windows components. Ideally, removing Win 7 Defender should be done with competent anti-malware software, despite Win 7 Defender’s potential-inclusion of (fake) removal tools.

Cutting Through Win 7 Defender’s Propaganda to Its Real Features

Win 7 Defender, although it looks and feels like a genuine Windows-friendly product, doesn’t have any of the features that you would expect a real anti-malware program to have. However, Win 7 Defender does possess a good facsimile of these features in the form of simulated system scans and inaccurate pop-up warnings that display fake information about your PC.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

Unfortunately, even this flood of fake information isn’t the limit of Win 7 Defender’s capabilities, as Win 7 Defender is also likely to:
  • Create trash files that are harmless for your PC (except for the clutter) and label them as the byproduct of nonexistent PC threats.
  • Launch itself without your consent – typically to run fake system scans.
  • Load an applet that imitates the appearance of your Windows Security Center – but this fake Security Center will only redirect you to Win 7 Defender’s site when you try to click on it.

Why Win 7 Defender is Just One of a Legion Against Your PC

Win 7 Defender may not mention its brethren, but malware researchers have traced Win 7 Defender’s ancestry back to a multitude of nigh-identical scamware products from the Rogue:Win32/FakeRean subgroup. In many cases, these fake anti-malware applications will attempt to present themselves in the form of products that are sponsored by Microsoft, such as Vista AntiMalware 2010, Win 7 Antispyware 2010, Win 7 Smart Security 2010, XP Guardian 2010, Vista Home Security 2011 or XP Total Security 2011. Other variants of the FakeRean scamware may use different titles, however – examples that are unlinked to specific Windows versions include Total PC Defender, Home Antivirus 2010 and Desktop Defender 2010.

All variants of FakeRean scamware should be removed by dedicated anti-malware scanners, although they may resist deletion until you deactivate them (by using Safe Mode or other types of baseline anti-malware strategies that are available in Windows). Deleting Win 7 Defender with proper software, however, should result in a fully-restored and unharmed PC. Win 7 Defender, like all types of FakeRean programs, is unable to attack non-Windows operating systems due to making various Windows components complicit in its attack strategies.

Win 7 Defender Automatic Detection Tool (Recommended)

Is your PC infected with Win 7 Defender? To safely & quickly detect Win 7 Defender we highly recommend you run the malware scanner listed below.

Visual & GUI Characteristics

Win 7 Defender Screenshot 2Win 7 Defender Screenshot 3Win 7 Defender Screenshot 4Win 7 Defender Screenshot 5Win 7 Defender Screenshot 6Win 7 Defender Screenshot 7Win 7 Defender Screenshot 8Win 7 Defender Screenshot 9Win 7 Defender Screenshot 10

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name
    1 %AllUsersProfile%\Desktop\Win 7 Defender.lnk
    2 %CommonAppData%\pcdfdata\.exe
    3 %CommonAppData%\pcdfdata\app.ico
    4 %CommonAppData%\pcdfdata\config.bin
    5 %CommonAppData%\pcdfdata\defs.bin
    6 %CommonAppData%\pcdfdata\support.ico
    7 %CommonAppData%\pcdfdata\uninst.ico
    8 %CommonAppData%\pcdfdata\vl.bin
    9 %CommonStartMenu%\Programs\Win 7 Defender\Remove Win 7 Defender.lnk
    10 %CommonStartMenu%\Programs\Win 7 Defender\Win 7 Defender Help and Support.lnk
    11 %CommonStartMenu%\Programs\Win 7 Defender\Win 7 Defender.lnk

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = ""%CommonAppData%\pcdfdata\.exe" /ex "%1" %*"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "pcdfsvc" = "%CommonAppData%\pcdfdata\.exe /min"HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\pcdfdata

Additional Information

  • The following messages's were detected:
    # Message
    1System Security Alert
    Unknown program is scanning your system registry right now! Identity theft detected.
    2System Security Alert
    Vulnerabilities found
    Background scan for security breaches was finished. Serious issues were detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defense.
    3Win 7 Defender Firewall Alert
    Firefox.exe is infected with Trojan-Clicker.Js.Agent.op. Private data can be stolen by third parties, including credit card details and passwords.
Posted: March 22, 2010 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 4.40 out of 5)
Loading ... Loading ...
Threat Metric
Threat Level: 10/10
Detection Count: 94


  • David Wold says:

    How do I temporarily disable windows defender

  • Butterbean says:

    I rebooted my computer, then ran Mcaffee antivirus full scan and it ended the Win 7 defender pro 2013 process, then I went to this site to disable Win 7 defender pro 2013. Now am going to manually go through my computer as instructed above to remove the software Win 7 defender pro 2013 for good. So far all is good but still want it totally off my computer and out of my registry as well.

  • Jane says:

    My Toshiba laptop has been infected by the win7 defender, wont let me run anything or get on the internet either, how do i get rid of this as i can’t download anything. Could put something from this computer onto a flash drive to put on the infected one.

  • Kirk says:

    How do I down load it to a flash drive so I can put it on the infected pc?

  • Bob Laywell says:

    My Dell desktop, with Windows 7 is infected with this Win 7 defender. I tried going into "Safe" mode, but the virus (malware – whatever) will not allow me to open either IE, or Chrome. What now?? Thanks.

  • Landis says:

    I cannot access the Internet on my PC win7defender blocks it. I am communicating with my. IPAD. I have a laptop if I can down to a flash drive and then transfer to my pc

Leave a Reply

What is 6 + 13 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)