Remove Enterprise Suite
November 19th, 2009 | by Alex |Enterprise Suite Descriptions:
Enterprise Suite is the latest rogueware application from the same range of rogues as Windows Enterprise Suite, Windows Enterprise Defenders and many others.
As soon as Enterprise Suite is installed on your computer, it starts fake scans and display security alerts which warn you that your machine is in danger.
Do not trust the application. It is designed to look legible but is worth nothing at all. All the detections of the malware found by Enterprise Suite is just hype.
The application is neither able to detect nor to remove any virus from your PC. Do not buy it. Remove the fake software as soon as you notice it on your PC. Wait for the full instructions on how to get rid of the maliciuos application.
Download SpyHunter* Spyware Detection Utility
Manual Enterprise Suite Removal Instructions:
Stop These Enterprise Suite Processes:
(Learn how to do this)
WinESuite.exe
Find and Delete These Enterprise Suite Files:
(Learn how to do this)
WinESuite.exe
%UserProfile%\Application Data\Enterprise Suite\Instructions.ini
%UserProfile%\Desktop\Enterprise Suite.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Enterprise Suite.lnk
%UserProfile%\Start Menu\Enterprise Suite.lnk
%UserProfile%\Start Menu\Programs\Enterprise Suite.lnk
%UserProfile%\Application Data\Enterprise Suite
%UserProfile%\Application Data\Enterprise Suite\cookies.sqlite
%UserProfile%\Application Data\Enterprise Suite\Instructions.ini
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Enterprise Suite.lnk
%UserProfile%\Desktop\Enterprise Suite.lnk
%UserProfile%\Recent\ANTIGEN.dll
%UserProfile%\Recent\cb.exe
%UserProfile%\Recent\cid.dll
%UserProfile%\Recent\CLSV.tmp
%UserProfile%\Recent\DBOLE.sys
%UserProfile%\Recent\ddv.sys
%UserProfile%\Recent\eb.exe
%UserProfile%\Recent\energy.sys
%UserProfile%\Recent\exec.tmp
%UserProfile%\Recent\FS.exe
%UserProfile%\Recent\grid.drv
%UserProfile%\Recent\runddlkey.drv
%UserProfile%\Recent\sld.drv
%UserProfile%\Recent\SM.drv
%UserProfile%\Recent\tempdoc.dll
%UserProfile%\Recent\tempdoc.tmp
%UserProfile%\Recent\tjd.sys
%UserProfile%\Start Menu\Enterprise Suite.lnk
%UserProfile%\Start Menu\Programs\Enterprise Suite.lnk
c:\Program Files\Mozilla Firefox\searchplugins\search.xml
C:\Documents and Settings\All Users\Application Data\e4a12b7
WinESuite.exe
C:\Documents and Settings\All Users\Application Data\WESSys
%UserProfile%\Application Data\Enterprise Suite
C:\Documents and Settings\All Users\Application Data\WESSys\wes.cfgc:\Documents and Settings\All Users\Application Data\345d567
C:\Documents and Settings\All Users\Application Data\345d567\752.mof
C:\Documents and Settings\All Users\Application Data\345d567\mozcrt19.dll
C:\Documents and Settings\All Users\Application Data\345d567\sqlite3.dll
C:\Documents and Settings\All Users\Application Data\345d567\WE345d.exe
C:\Documents and Settings\All Users\Application Data\345d567\WES.ico
C:\Documents and Settings\All Users\Application Data\345d567\WESSys
C:\Documents and Settings\All Users\Application Data\345d567\WESSys\vd952342.bd
C:\Documents and Settings\All Users\Application Data\WESSys
C:\Documents and Settings\All Users\Application Data\WESSys\wes.cfg
Remove These Enterprise Suite Registry Values:
(Learn how to do this)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Enterprise Suite”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “WinESuite.exe”
HKEY_CURRENT_USER\Software\3
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://search-gala.com/?&uid=162&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “[xSP_2:117fc3395e69e29f71abba93a68c4181_162]”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “887805703″
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\WE345d.DocHostUIHandler
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://search-gala.com/?&uid=162&q={searchTerms}”
Download SpyHunter* Spyware Detection Utility
One Response to “Remove Enterprise Suite”
By Pharmacy Technician on Dec 4, 2009 | Reply
nice post. thanks.