How To Remove / Uninstall Windows Enterprise Defender Virus (Removal Guide)


10.10.2009

A new rogue anti-spyware (scam, scareware) has been infecting computers around the world. Called Windows Enterprise Defender, this program will try and trick you into buying it so you can remove the fake infections it created and then detected. Read more about what Windows Enterprise Defender does and how to remove it from your computer.

Windows Enterprise Defender (do not confuse it with the legitimate Windows Defender from Microsoft) works very much in the same way as some of the rogue anti-spyware (scam, malware) we talked about in the past days such as TrustSoldier, Windows Smart Security, Cyber Security etc. (if your computer has any of the programs mentioned, click the corresponding name for a quick guide on how to remove them).

How To Remove / Uninstall Windows Enterprise Defender Virus (Removal Guide)

When Windows Enterprise Defender installs itself on your computer, it will aromatically start when Windows is loaded. Before it will launch itself, it will create a series of essentially harmless files on your computer (cb.sys, ddv.dll, eb.sys, energy.exe, pal.sys, PE.drv, ppal.exe and tempdoc.tmp). It will then fake a scan of your computer and will display these files as infections. Conviently enough, you will then ask you to buy the program to get rid of these infections.

In addition, Windows Enterprise Defender will run a series of security alerts that will warn you about an active malware that has been detected, or that your computer is currently attack. These are all fake warnings and you should not buy this program as it is a scam.

Now that we talked about what Windows Enterprise Defender does, here is a guide on how to remove it from your computer.

1. Because you will have to close every open window later, it would be a good idea that you print out these steps.

2. This link will take you to our download page where you will be able to download Malwarebytes’ Anti-Malware for free(we will refer to it as MBAM from now on). Save the file on your computer in a place you will remember later (the desktop is always a good choice).

3. When the download is completed, you will have to close all the open windows and run the setup (it is called mbam-setup.exe).

4. Go through the download process by following the instructions the wizard gives you. Make sure you check for updating MBAM as well as for launching it when the download is finished. If you are not an experienced user, it is better that you don’t change the default settings.

5. After you installed Malwarebytes’ Anti-Malware, the program will tell you that you should update it before a scan. As you have already told it to do so, click OK and proceed to the next step.

6. Now, go to the Scanner tab and perform a quick scan by selecting the corresponding option and pressing the Scan button. This may take a while.

7. After the scan is complete, you will be taken to the Scanner screen. Press the “Show Results” button.

8. All the malware that Malwarebytes’ Anti-Malware found on your computer will be listed. Make sure you select them all and then press the “Remove Selected” from the lower left part of the window. A reboot may be needed to remove all the infections, so allow this is asked.

9. Wait for MBAM to finish removing all the malware. When this is done, a scan log will be opened in Notepad.

10. Read the log if you want. Close the notepad window and you have successfully removed Windows Enterprise Defender and all related files from your computer (as well as other malware MBAM detected).

This article is part of our “Malware Removal Tips” series of articles. Click here for more articles.

Tags: windows, defender, computer, enterprise, remove, scan, malware, download, program, these, about, infections, guide, mbam, security, detected, close, antimalware, malwarebytes, files, series, click, window, fake, scam, removal, after, should, button, itself