Severity scale:  
  (72/100)

Enterprise Suite. How to remove? (Uninstall guide)

removal by Jake Doevan - -   Also known as EnterpriseSuite | Type: Rogue Antispyware
12

Enterprise Suite is a misleading application created by the same group of scammers who have released Windows Enterprise Suite, Windows Enterprise Defender and many other rogue applications. The misleading application is pushed through the use of Trojans that come from fake online scanners [Figure 2], bogus websites or bundled with other malicious software. The scammers also use social engineering to promote rogue applications. Once a Trojan virus is installed, it will download Enterprise Suite files and display fake security alerts to scare you into thinking that your computer is infected with spyware, worms and other malware. The rogue program will then imitate system scan and will give false report of threats/infections on your computer. Finally, you will be prompted to pay for a full version of the program to remove those threats. So obviously, this is a scam. Do not purchase this bogus application. Instead, uninstall Enterprise Suite from your PC upon detection.

Enterprise Suite graphical user interface
[Figure 1. Enterprise Suite graphical user interface]

As you can see from the image above, EnterpriseSuite uses Windows OS style to make it look more legitimate and reliable. The rogue program displays fake scan results, though, the names of provided infections are real. If you decide to check if a particular infection reported by this program actually exists, you will likely find out that it does exist. Some of the reported infections you may see:

SpamTool.Win32.Delf.h
Trojan-Spy.Win32.Citifraud
Trojan-PSW.Win32.Fantast
Trojan-PSW.Win32.Dripper
Trojan-PSW.Win32.Delf.d
Trojan-Spy.HTML.Bankfraud.ix
Trojan.BAT.AnitV.a
Virus.Win32.Faker.a
Trojan-Spy.HTML.Bankfraud.ra
Virus.BAT.IBBM.ClsV

Enterprise Suite - fake online scanner
[Figure 2. Enterprise Suite – fake online scanner]

To make things worse, Enterprise Suite will constantly display fake security alerts stating that your computer is not protected and that you should buy the full version of the program to ensure full system and remove found infections. Those security alerts are very annoying and will likely pop up every one or two minutes. However, that’s not all. The misleading application will block anti-virus software and security related websites. It will hijack Internet Explorer and redirect you to various misleading websites instead of requested ones. Windows Task manager, registry editor, system restore and other tools may be blocked too.

Enterprise-suite.net is the homepage of Enterprise Suite [Figure 3]. The rogue application also try to establish connection with:

securityearth.cn
update1.enterprise-suite.net
update2.enterprise-suite.net

Enterprise Suite - home page
[Figure 3. Enterprise Suite – home page]

If you find that you find that your computer is infected with this malware, please use the removal guide below to remove Enterprise Suite manually for free. Don’t forget to scan your computer with a legitimate anti-spyware application and contact your credit card company if you have already purchased this bogus program.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Enterprise Suite you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Enterprise Suite. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.

Enterprise Suite manual removal:

Kill processes:
WE345d.exe

eb.exe

FS.exe

cb.exe

Delete registry values:
HKEY_CURRENT_USERSoftware3

HKEY_CLASSES_ROOTCLSID{3F2BBC05-40DF-11D2-9455-00104BC936FF}

HKEY_CLASSES_ROOTWE345d.DocHostUIHandler

HKEY_CURRENT_USERSoftwareClassesSoftwareMicrosoftInternet ExplorerSearchScopes "URL" = "http://search-gala.com/?&uid=162&q={searchTerms}"

HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload "RunInvalidSignatures" = "1"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings5.0User AgentPost Platform "[xSP_2:117fc3395e69e29f71abba93a68c4181_162]"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings5.0User AgentPost Platform "887805703"

HKEY_CLASSES_ROOTSoftwareMicrosoftInternet ExplorerSearchScopes "URL" = "http://search-gala.com/?&uid=162&q={searchTerms}"

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun "Enterprise Suite"

Unregister DLLs:
ANTIGEN.dll

cid.dll

tempdoc.dll

Delete files:
752.mof

mozcrt19.dll

sqlite3.dll

WE345d.exe

WES.ico

vd952342.bd

wes.cfg

cookies.sqlite

Instructions.ini

Enterprise Suite.lnk

Enterprise Suite.lnk

ANTIGEN.dll

cb.exe

cid.dll

CLSV.tmp

DBOLE.sys

ddv.sys

eb.exe

energy.sys

exec.tmp

FS.exe

grid.drv

runddlkey.drv

sld.drv

SM.drv

tempdoc.dll

tempdoc.tmp

tjd.sys

c:\Program Files\Mozilla Firefox\searchplugins\search.xml

Delete directories:
C:Documents and SettingsAll UsersApplication Data345d567

C:Documents and SettingsAll UsersApplication Data345d567WESSys

C:Documents and SettingsAll UsersApplication DataWESSys

%UserProfile%Application DataEnterprise Suite

About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions


  • Guest

    What if the deleted your past McAfee secruity programs to get rid of everything else? And has a backdoor not letting you open your setting files trying to get rid of it?

  • Guest

    To Whom It May Concern:
    The Enterprise Suite just keeps popping up on my computer. How do I get rid of this Enterprise Suite, I did download the Enterprise Suite Remover and it's not working. Thank You.