What is Live Enterprise Suite?
Live Enterprise Suite is
a fake anti-spyware program designed by those who manufactured
similar rogue software such as Ghost Antivirus and Internet
Antivirus. Like any other fake software, Live Enterprise Suite
attempts to lure the user in to buying a license for it. It reaches
user systems via web-based malware and fake malware scanners. Once
established on the user’s operating system, Live Enterprise Suite
proceeds to aggressively block its removal via tactics such as
disabling the Task manager and Registry Editor. Furthermore, it
creates random file paths, causing Windows Explorer to crash every so
often. All these measures are taken to try and stop the user from
manual Live Enterprise Suite removal. This rogue software loads up at
boot time and performs numerous fake system scans, returning results
that show a large number of legitimate Windows files as threats. Live
Enterprise Suite then claims that its currently installed ‘trial’
version is inadequate to remove these ‘threats’ from the user’s
computer, and insists that the user buy the ‘full’ version of the
software. It is important to note that the ‘full’ version of this
fake anti-spyware cannot clean or even scan your computer, and it is
merely a hoax to try and get you to spend your money on this useless
software.
Live Enterprise Suite
removal involves a number of steps, which are discussed in detail
below. Users
should consider
scanning
the entire
computer with a genuine antivirus product such as Spyware Doctor with Antivirus » download to
make sure that there are no auxiliary
infections present. How to Remove Live Enterprise Suite ?
File Removal Procedures
The first step in Live
Enterprise Suite removal is to kill the following processes:
- unins000.exe
- winlogon.exe
- services.exe
- atbyin.exe
- [random
path]char.exe
- IAPro.exe
Next,
the following DLL files which are related to Live Enterprise Suite
should be unregistered:
- WMILib.dll
- [random
path].dll
Finally,
delete the following files and folders:
- %UserProfile%\Application
Data\Live Enterprise Suite
- %UserProfile%\Application
Data\Live Enterprise Suite\settings.ini
- %UserProfile%\Application
Data\Live Enterprise Suite\uill.ini
- %UserProfile%\Application
Data\Live Enterprise Suite\unins000.exe
- %UserProfile%\Application
Data\Live Enterprise Suite\updateloadlist.ini
- %UserProfile%\Application
Data\Live Enterprise Suite\db
- %UserProfile%\Application
Data\Live Enterprise Suite\db\config.cfg
- %UserProfile%\Application
Data\Live Enterprise Suite\db\Timeout.inf
- %UserProfile%\Application
Data\Live Enterprise Suite\db\Urls.inf
- %UserProfile%\Application
Data\Microsoft\Internet Explorer\Quick Launch\Internet Antivirus
Pro.lnk
- %UserProfile%\Application
Data\Microsoft\Windows\winlogon.exe
- %UserProfile%\Local
Settings\Application Data\Microsoft\Windows\log.txt
- %UserProfile%\Local
Settings\Application Data\Microsoft\Windows\pguard.ini
- %UserProfile%\Local
Settings\Application Data\Microsoft\Windows\services.exe
- %UserProfile%\My
Documents\My Pictures\atbyin.exe
- c:\Program
Files\Common Files\[random path]char.exe
- c:\Program
Files\Common Files\[random path]calc.exe
- c:\Program
Files\Internet Antivirus Pro
- c:\Program
Files\Internet Antivirus Pro\activate.ico
- c:\Program
Files\Internet Antivirus Pro\Explorer.ico
- c:\Program
Files\Internet Antivirus Pro\IAPro.exe
- c:\Program
Files\Internet Antivirus Pro\unins000.dat
- c:\Program
Files\Internet Antivirus Pro\uninstall.ico
- c:\Program
Files\Internet Antivirus Pro\working.log
- c:\Program
Files\Internet Antivirus Pro\db
- c:\Program
Files\Internet Antivirus Pro\db\DBInfo.ver
- c:\Program
Files\Internet Antivirus Pro\db\ia080614.db
- c:\Program
Files\Internet Antivirus Pro\db\lists.ini
- c:\Program
Files\Internet Antivirus Pro\db\WMILib.dll
- c:\Program
Files\Internet Antivirus Pro\Languages
- c:\Program
Files\Internet Antivirus Pro\Languages\IAEs.lng
- c:\Program
Files\Internet Antivirus Pro\Languages\IAFr.lng
- c:\Program
Files\Internet Antivirus Pro\Languages\IAGer.lng
- c:\Program
Files\Internet Antivirus Pro\Languages\IAIt.lng
- c:\WINDOWS\system32\[random
path].dll
- c:\WINDOWS\system32\[random
path].dll
- c:\Documents
and Settings\All Users\Desktop\Internet Antivirus Pro.lnk
- c:\Documents
and Settings\All Users\Start Menu\Programs\Internet Antivirus Pro
- c:\Documents
and Settings\All Users\Start Menu\Programs\Internet Antivirus
Pro\Internet Antivirus Pro Home Page.lnk
-
c:\Documents and Settings\All Users\Start Menu\Programs\Internet
Antivirus Pro\Internet Antivirus Pro.lnk
- c:\Documents
and Settings\All Users\Start Menu\Programs\Internet Antivirus
Pro\Purchase License.lnk
- c:\Documents
and Settings\All Users\Start Menu\Programs\Internet Antivirus
Pro\Uninstall Internet Antivirus Pro.lnk
Once the files have been
removed, your filesystem is safe from Live Enterprise Suite. Registry Removal Procedures
To ensure complete Live
Enterprise Suite removal, delete the following keys and settings from
the Windows Registry:
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Image File Execution Options\taskmgr.exe
"Debugger"
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Image File Execution Options\taskmgr.exe
"RealDebugger"
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\567
1.4.2.0_is1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live
Enterprise Suite_is1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Image File Execution Options\taskmgr.exe
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_HTGRDENGINE
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTGrdEngine
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HTGRDENGINE
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTGrdEngine
- HKEY_CURRENT_USER\Software\Microsoft\FTP
"SearchDir" = "c:\program files\Internet Antivirus
Pro\"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
"[random]"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
"Live Enterprise Suite"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
"Microsoft Windows logon process"
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet
Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION "svchost.exe"
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Settings\5.0\User Agent "URIAPRO[]"
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Settings\User Agent "URIAPRO[]"
After
this step is done, Live Enterprise Suite removal is complete,
however, in order to ensure that no other malicious components are
left behind it is recommended to conduct a complete operating system
scan using a genuine antivirus software such as Spyware Doctor with Antivirus » download. Conclusion
Manual Live Enterprise
Suite removal is not recommended for inexperienced users, as any
wrong move made on your part could cause damage to your system. If
you are not an experienced system administrator, the best way to
remove this rogue software is to use a web-based repair service such
as the one provided by www.onlinecomputerrepair.org
under the protection of a money back guarantee policy.
Tags:
Delete
Live Enterprise Suite | Live
Enterprise Suite
Removal |
How to Delete Live Enterprise Suite | Remove
Live Enterprise Suite | Live
Enterprise Suite
|