Welcome to remove-malware.net
The ultimate resource for malware removal and virus protection
How to remove WindowsEnterpriseDefender.com hijacker
Malware Description:
WindowsEnterpriseDefender.com domain is the web ‘headquarters’ of the similar-sounding rogue anti-spyware called Windows Enterprise Defender. WindowsEnterpriseDefender.com is where your browser gets redirected if your system was previously infected with trojan viruses. The trigger for a browser hit to WindowsEnterpriseDefender.com can be a misleading popup alert that asks you to click it for more information. Anyway, if you go to WindowsEnterpriseDefender.com you will see loads of counterfeit facts about Windows Enterprise Defender program being a cutting-edge security tool applicable on pretty much any and all occasions of virus-based PC trouble. Please, do not get tricked by WindowsEnterpriseDefender.com hijacker and its sponsoring fake anti-spyware. The cyber crooks who released Windows Enterprise Defender badware have been using dirty methods to make people buy their useless and hazardous product. Being redirected to WindowsEnterpriseDefender.com means you at least got some backdoor trojan viruses to get rid of. When removing the hijacker, you should concurrently check your system for rogue anti-spyware which could have crept inside without your permission and any notice. Please, get some more tips regarding this matter below.
Malware Type: Browser Hijackers
Malware Author: dreamakerlab
Threat Level: 
High
Advice: Immediately remove
WindowsEnterpriseDefender.com Hijacker Free Scanner and Remover: 
Download Now
WindowsEnterpriseDefender.com Screenshot:
How to remove WindowsEnterpriseDefender.com hijacker manually:
Manual removal of WindowsEnterpriseDefender.com is feasible if you have sufficient expertise in working with program files, system processes, .dll files and registry entries.
The associated files to be deleted are listed below:
- %Documents and Settings%\All Users\Application Data\c9ba
- %Documents and Settings%\All Users\Application Data\c9ba\83.mof
- %Documents and Settings%\All Users\Application Data\c9ba\mozcrt19.dll
- %Documents and Settings%\All Users\Application Data\c9ba\sqlite3.dll
- %Documents and Settings%\All Users\Application Data\c9ba\unins000.dat
- %Documents and Settings%\All Users\Application Data\c9ba\WED.ico
- %Documents and Settings%\All Users\Application Data\c9ba\WindowsEDefender.exe
- %Documents and Settings%\All Users\Application Data\c9ba\WEDDSys
- %Documents and Settings%\All Users\Application Data\c9ba\WEDDSys\vd952342.bd
- %Documents and Settings%\All Users\Application Data\WEDDSys
- %Documents and Settings%\All Users\Application Data\WEDDSys\wed.cfg
- %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Enterprise Defender.lnk
- %UserProfile%\Application Data\Windows Enterprise Defender
- %UserProfile%\Application Data\Windows Enterprise Defender\cookies.sqlite
- %UserProfile%\Desktop\Windows Enterprise Defender.lnk
- %UserProfile%\Recent\cb.sys
- %UserProfile%\Recent\ddv.dll
- %UserProfile%\Recent\eb.sys
- %UserProfile%\Recent\energy.exe
- %UserProfile%\Recent\pal.sys
- %UserProfile%\Recent\PE.drv
- %UserProfile%\Recent\ppal.exe
- %UserProfile%\Recent\tempdoc.tmp
- %UserProfile%\Start Menu\Windows Enterprise Defender.lnk
- %UserProfile%\Start Menu\Programs\Windows Enterprise Defender.lnk
- %Program Files%\Mozilla Firefox\searchplugins\search.xml
The related registry entries to be removed are as follows:
- HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
- HKEY_CLASSES_ROOT\WindowsEDefender.DocHostUIHandler
- HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” => “http://search-gala.com/?&uid=7&q={searchTerms}”
- HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes “URL”
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “[xSP_2:61a6083b6194a2314e3dd54cf9615e36_7]“
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “876902803″
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Windows Enterprise Defender”
Please, be aware that manual removal of WindowsEnterpriseDefender.com is a cumbersome procedure and does not ensure complete deletion of the malware, due to the fact that some files might be hidden or may automatically reanimate themselves afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal of WindowsEnterpriseDefender.com, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.
| Download WindowsEnterpriseDefender.com Remover |
Like This Article? Let Others Know!
Page Info:
-
October 12, 2009 -
0 comments
-
Comments RSS
Make it social:
Latest Removal Guides
Types of Malware
- Adware (6)
- Browser Hijackers (731)
- Fake Security Programs (108)
- Mac Scareware (1)
- Ransomware (3)
- Rogue Anti-Spyware (721)
- Security Alerts (29)
- Spyware (2)
- Toolbars (4)
- Trojan Horses (92)
- Worms (31)
Post a Comment: