How to Remove
   Leading Windows Vista Repair Site on the Web!

www.PCNinja.com securitytoolremoval.net Virus Removal www.smitfraud.net Windows 7
Top Virus Threats

Do You Need Help?

http://www.pcninja.com/ can 100% remove all viruses and spyware online for you. The cost is low and they work fast.

 

Windows Enterprise Defender Removal

Having Trouble removing Windows Enterprise Defender?
Try Spyware Doctor With Antivirus » Download

If you find the removal guide below too hard to follow or just want an expert to remove this for you then consider www.onlinecomputerrepair.org. They are a great company and I know you will be taken care of. It's a very fast way to repair your computer with out you having to do anything.

Windows enterprise Defender removal

Windows Enterprise Defender Removal Software » Download

What is Windows Enterprise Defender?

Windows Enterprise Defender is a misleading security application. It can be called a rouge program. It is from the same family as Virus Doctor. It is also a clone application of Windows PC Defender and Windows Protection Suite. This fake application (Windows Enterprise Defender) was designed to mimic the look of Microsoft’s own Windows Defender.

This nasty program is one of the worst totally fake security software you might run upon. It can disable your Task Manager and others Windows features ! It will also control your computer a lot ! You will quickly find you are no more able to update your own anti-virus program.

Since it is mimicking Windows Defender.... this rouge program wants you to believe you need to purchase a fake online full version ! In any case, it will make sure to hurt your system the most it can.

Whenever you see that Window telling you to buy a (fake !) registered version: don't do that ! The results you will see are all fake ones ! This rouge software is only after your money !

So if you ever become infected by Windows Enterprise Defender.... you will have to remove it ! If you're ok with computers, there is a manual removal at the end. If not, I will first suggest a very good online service. I do believe it is your best option so far. This is a website called www.onlinecomputerrepair.org . It is run by experts and they are ready to help you with your Windows Enterprise Defender removal . They will charge around 89 dollars.
Let's face it: it is a lot less than calling someone local and being done online, a lot faster !

What Does Windows Enterprise Defender do?

At first, this trojan, Windows Enterprise Defender, will produce a huge amount of essentially harmless files on a user's computer (cb.sys, ddv.dll, eb.sys, energy.exe, pal.sys, PE.drv, ppal.exe and tempdoc.tmp).
It will then reconfigure the Registry to run itself every time you logon into Windows.

Then, it would pretend a scan of a user's computer and would show these files as viruses and computer security threats. Windows Enterprise Defender will constantly display many fake security alerts stating that your computer is under attack by an Internet Virus or is infected with Trojans, spyware and other malware.

It will also flood the system with its super-annoying ads which pop up from the system tray or, it seems, out of nowhere and report the detection of insecure activity on your machine.

Also Windows Enterprise Defender makes it problematic to go online (means going to security related websites and trying to update ), use the Task Manager, Add/Remove Programs GUI, System Restore, and will block anti-virus software and some other essential features.

All of that are used in order to make you buy a registered version of Windows Enterprise Defender.

We can resume this trojan's properties by the following: it will change your browser settings in many ways, it will show lots of commercial advertisements (mostly the one asking you to buy a full version !) and it will always stay resident in the background !

How did I get infected with Windows Enterprise Defender ?

The infection normally occurs in one of many possible ways. One way is that you downloaded a  fake video codec. Windows Enterprise Defender may gain access to your computer via the zlob/MediaAccess Codec installer. This is a very common way of tricking users into installing this fake security client.

Also beware of online scanners: some are fake and Windows Enterprise Defender loves this way to trick users !
Sometimes, those hackers will build their own website (rather than hacking into others !), then they will install on it malware like Windows Enterprise Defender. If you have no real security programs on your computer or if the rouge program is very new, you are at risk of getting infected. Such compromised websites will try to force you to download the malware onto the user's computer (also known as drive by download).

If you found yourself infected after browsing such a website, I want to recommend you an excellent software, it is called  Spyware Doctor with Antivirus » download. Use it to run a full and in-depth scan of your system. This program will help you with your Windows Enterprise Defender removal . Besides it will also clean your computer of any others threats.

How to Remove Windows Enterprise Defender ?

Windows Enterprise Defender removal is done the following way:

Kill Windows Enterprise Defender processes

  • WindowsEDefender.exe
  • ppal.exe
  • ddv.dll
  • pal.sys
  • energy.exe
  • WindowsEDefender.exe

We do recommend you run a full scan using Spyware Doctor with Antivirus » download. Even if you do not intend on purchasing the product it will help to stop the virus from re-installing and re-activating while you manually remove the rest of the traces. Also it will inform you of any new changes to the file names. You may need this if it mutates.

Delete Windows Enterprise Defender registry values:

  • HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
  • HKEY_CLASSES_ROOT\WindowsEDefender.DocHostUIHandler
  • HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” => “http://search-gala.com/?&uid=7&q={searchTerms}”
  • HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes “URL”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “[xSP_2:61a6083b6194a2314e3dd54cf9615e36_7]"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “876902803″
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Windows Enterprise Defender”

Delete Windows Enterprise Defender files: ( Hint ) Most of these files will be in the %UserProfile%\Application Data\Windows Enterprise Defender directory. Not all will be there and some may not be present in your virus version

  • Windows Enterprise Defender.lnk
  • WindowsEDefender.exe
  • Windows Enterprise Defender
  • %UserProfile%\Start Menu\Programs\Windows Enterprise Defender.lnk
  • %UserProfile%\Start Menu\Windows Enterprise Defender.lnk
  • %UserProfile%\Recent\tempdoc.tmp
  • %UserProfile%\Recent\ppal.exe
  • %UserProfile%\Recent\PE.drv
  • %UserProfile%\Recent\pal.sys
  • %UserProfile%\Recent\energy.exe
  • %UserProfile%\Recent\eb.sys
  • %UserProfile%\Recent\ddv.dll
  • %UserProfile%\Recent\cb.sys
  • %UserProfile%\Desktop\Windows Enterprise Defender.lnk
  • %UserProfile%\Application Data\Windows Enterprise Defender\cookies.sqlite
  • %UserProfile%\Application Data\Windows Enterprise Defender
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Enterprise Defender.lnk
  • C:\Documents and Settings\All Users\Application Data\WEDDSys\wed.cfg
  • C:\Documents and Settings\All Users\Application Data\WEDDSys
  • C:\Documents and Settings\All Users\Application Data\c9ba\WEDDSys
  • C:\Documents and Settings\All Users\Application Data\c9ba\WindowsEDefender.exe
  • C:\Documents and Settings\All Users\Application Data\c9ba\WED.ico
  • C:\Documents and Settings\All Users\Application Data\c9ba\unins000.dat
  • C:\Documents and Settings\All Users\Application Data\c9ba\sqlite3.dll
  • C:\Documents and Settings\All Users\Application Data\c9ba\WEDDSys\vd952342.bd
  • C:\Documents and Settings\All Users\Application Data\c9ba\mozcrt19.dll
  • C:\Documents and Settings\All Users\Application Data\c9ba\83.mof
  • C:\Program Files\Mozilla Firefox\searchplugins\search.xml
  • C:\Documents and Settings\All Users\Application Data\c9ba

Delete Windows Enterprise Defender directories: ( Please note that in most cases everything in this folder can be deleted. Just be sure it’s the correct folder )

  • %AllUsersProfile%\Application Data\c9ba
  • %AllUsersProfile%\Application Data\c9ba\WEDDSys
  • %AllUsersProfile%\Application Data\WEDDSys
  • %UserProfile%\Application Data\Windows Enterprise Defender
That should do it. This worked very well for us. If you are having a ton of trouble the consider hiring a pro to remove it for you. www.onlinecomputerrepair.org has our vote. They are great and a ton of experts out there recommend them to people.