Virus description and consequences of its residing on your PC’s

Win 7 Defender 2013 poses a challenge to your operating system usability. Can anyone profit from using a system, in which launching any executable is followed by a popup of misleading and scaring content? Sounds like a rhetorical question.
If that is not enough, here is another example of the program’s behaviors: it has been observed to monitor computer system for processes inherent to security software, kill such processes and identify their source, then disable/delete the source. Sounds a bit like an attempt to escape its own removal by genuine security solution.
Indeed, a security solution must be strong enough to stand under the fire of aggressive counterfeit. Otherwise, before it is able to remove Win 7 Defender 2013, it is itself disabled and shredded by the revolting trojan. Click here to be able to rid your PC of the proactively protected invader in the hide of a security solution.

Technical Details and screenshots:

  • Full name: Win 7 Defender 2013, Win 7 Defender 2013, Windows 7 Defender 2013
  • Type: Rogue Security Software
  • Origin: Russian Federation, Ukraine

Signs of Win 7 Defender 2013 Infection:

Win 7 Defender 2013 has a nice-looking GUI. However, it is doubled from a template that has already been used in a number of previous counterfeits.
Main menu features such functions as Internet security, Proactive Security, Proactive Defense, Scan, Firewall. Needless to say, those services are not rendered, only imitated on visual level.
Popups of the program are a rich sign that unambiguously proves its invasion.
Click here to complete the detection by technical signs available only for proficient free scanner and get rid of Win 7 Defender 2013 as another destructive counterfeit.

Win 7 Defender 2013 automatical removal:

As stated above, the counterfeit may cause damage to other applications, including security tools able to remove Win 7 Defender 2013. It is critical that the tool below is not subject to such tricks.

Win 7 Defender 2013 Removal Tool

Manual Removal of Win 7 Defender 2013:

Please note the rogue may proactively respond as you are removing Win 7 Defender 2013 manually. Hence it is not recommended to make breaks while deleting the rogue. On the other hand, promptness must not affect precision and completeness of the extermination.

Remove Win 7 Defender 2013 files and dll’s:Watch Full Movie Online Streaming Online and Download

%CommonAppData%\<random characters and numbers>
%LocalAppData%\<random characters and numbers>
%LocalAppData%\<random 3 characters>.exe
%Temp%\<random characters and numbers>
%UserProfile%\Templates\<random characters and numbers>

Unregister Win 7 Defender 2013 registry values:

HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = “<random characters>”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%LocalAppData%\<random 3 characters>.exe” -a “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “IsolatedCommand” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “(Default)” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\<random characters> “(Default)” = “Application”
HKEY_CURRENT_USER\Software\Classes\<random characters> “Content Type” = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\<random characters>\DefaultIcon “(Default)” = “%1”
HKEY_CURRENT_USER\Software\Classes\<random characters>\shell\open\command “(Default)” = “”%LocalAppData%\<random 3 characters>.exe” -a “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\<random characters>\shell\open\command “IsolatedCommand” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\<random characters>\shell\runas\command “(Default)” = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\<random characters>\shell\runas\command “IsolatedCommand” = “”%1″ %*”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%LocalAppData%\<random 3 characters>.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%LocalAppData%\<random 3 characters>.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%LocalAppData%\<random 3 characters>.exe” -a “C:\Program Files\Internet Explorer\iexplore.exe”