Windows Enterprise Defender is a rogue antivirus application that uses the name of Windows Defender and the similarities of their name to appear as an official product or add on to windows. Of course, the real Windows Defender is a legitimate application, but Windows Enterprise Defender is a rogue antivirus application that gives false warnings about security problems (which are also falsified) and it encourages you to pay for the ability to fix the problems. So, read on for information that will help you to remove Windows Enterprise Defender.
One of the interesting “tricks” this rogue antivirus plays is creating the following files that it claims are viral:
The files are harmless, but are used as evidence by Windows Enterprise Defender that you need to purchase their software and then you will be able to remove the “threat” that these files pose.
The following site is related to Windows Enterprise Defender and it would be good to block it at the firewall or router if possible:
You may also want to go ahead and download malwarebytes antimalware from the virus removal toolkit page. If you are not able to run the install for the program there are a couple things you could try. 1) rename the install file (mbam.exe) to something else (bob.exe) and then attempt to run the installer, update and scan. 2) boot into safe mode and retry the installer. 3) The last idea is to kill off the following processes via task manager (the same as you would do to start a manual removal of Windows Enterprise Defender.)
The following processes should be killed off using task manager (or Process explorer – which you can download on the virus removal toolkit page.)
There may be a variable component to the naming of these files, you may want to be alert to possible variations in the naming above. If task manager is not able to be opened so that you can disable the processes, you may try process explorer as an alternative or rename task managers executable file. (taskmgr.exe) (My preference is to copy and paste then rename the file.)
The following dll files should be unregistered and deleted:
The following files and folders should also be deleted to remove Windows Enterprise Defender:
%docs%All UsersApplication Datac9ba
%docs%All UsersApplication Datac9ba83.mof
%docs%All UsersApplication Datac9bamozcrt19.dll
%docs%All UsersApplication Datac9basqlite3.dll
%docs%All UsersApplication Datac9baunins000.dat
%docs%All UsersApplication Datac9baWED.ico
%docs%All UsersApplication Datac9baWindowsEDefender.exe
%docs%All UsersApplication Datac9baWEDDSys
%docs%All UsersApplication Datac9baWEDDSysvd952342.bd
%docs%All UsersApplication DataWEDDSys
%docs%All UsersApplication DataWEDDSyswed.cfg
%userprof%Application DataMicrosoftInternet ExplorerQuick LaunchWindows Enterprise Defender.lnk
%userprof%Application DataWindows Enterprise Defender
%userprof%Application DataWindows Enterprise Defendercookies.sqlite
%userprof%DesktopWindows Enterprise Defender.lnk
%userprof%Start MenuWindows Enterprise Defender.lnk
%userprof%Start MenuProgramsWindows Enterprise Defender.lnk
After all of the above files are removed you still will want to run a reputable antivirus/spyware removal tool (perhaps a run with each…) such as malwarebytes antimalware (which you can download on the virus removal toolkit page.) You will want to do this so that you can be sure to remove Windows Enterprise Defender completely.
Related PostsRelated Posts
- Remove Proof Defender | Proof Defender Removal Proof Defender is another rogue security application that acts and claims to be antispyware/antivirus, but in reality is nothing more than a scam to get your dollars for a program that raises red flags over imaginary viruses and claims to clean them. It's related to the Perfect Defender 2009 family......
- How to Remove Windows System Defender | Removal Guide Windows System Defender is a new rogue antivirus software along the lines of Windows PC Defender (See the Windows PC Defender Removal guide) (I believe it's the same family of malware.) It claims to be a powerful and effective antivirus and antispyware suite, but will overwhelm you with warnings and......
- How to Remove Guard Pro | Guard Pro Removal Guide Guard Pro is a rogue antivirus application that is promoted through the use of malware and trojan horses. Once it is installed on a system it will run at startup and will scan the computer claiming to find files infected with viruses and finding security problems with your system. It......
- Enterprise Log Management: An Overview (Part 2) – - FOSE In part 1 of my guest post series for the FOSE Insights Blog, I talked about the importance of enterprise log management and the questions one should ask before implementing a log management solution. In this post, I’ll be covering the different types of log management solutions to help you......
- WebFusion Webhosting Evaluation Webfusion Webhosting Evaluation Internet host Evaluation - WebFusion WebFusion has 4 diverse hosting plans constructed to accommodate your requirements and aggressive pricing. WebFusion provides webmasters and site owners' fantastic flexibility and just the scale they need to have for his or her internet site. WebFuision is component of your Pipex......
- Download Microsoft Windows 7 RC Hi Folks, Microsoft has released Windows 7 RC. Here's what you need to know: This is pre-release software, so please read the following to get an idea of the risks and key things you need to know before you try the RC. You don't need to rush to get the......
- How to Remove Windows System Defender | Removal Guide
- How to Remove Windows PC Defender | Windows PC Defender Removal
- How to Remove System Defender | System Defender Removal Guide
- How to Remove Volcano Security Suite | Volcano Security Suite Removal Guide
- How to Remove Virus Doctor (or Remove VirusDoctor) | Virus Doctor Removal