Windows Enterprise Suite

Updated: March 23, 2013 Rogue 1 Comment

Windows Enterprise Suite is another addition to the long lists of fake computer security program. It has a sole purposed of acquiring financial gain for unfair marketing campaign of a useless program. Windows Enterprise Suite is usually obtained by visiting a website that hosts the installation files. Without user’s awareness, this rogue can be downloaded and installed on visitors computer automatically by implementing a malicious JavaScript placed on the said website.

Once inside the computer, Windows Enterprise Suite will begin to pop-up false alert messages and exhibit fabricated virus scan result to convince users about the present danger involving Virus, Trojan and other sort of Malware. In addition, several clean files are dropped on the system that it later identifies harmful. To remove these, it will prompt for the purchase of the Windows Enterprise Suite registered version, which in fact will not do any good on end user’s part. It would be better to download an effective Windows Enterprise Suite removal tool as represented by legitimate anti-malware programs.

Screenshot Image:

Technical Details and Additional Information:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Characteristics (Analysis)
To load Windows Enterprise Suite once Windows starts, Trojan that drops the rogue program also added entry to registry during installation. The following entry calls for the main executable program at start-up:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Windows Enterprise Suite”

Malware Behavior
Right after its successful penetration on the computer, this rogue will start a misleading crusade to achieve an objective of selling the paid edition. Task bar alert, pop-up messages, fake error pages and browser redirect are the primary line of attack. If these methods fail to generate favorable response from victims, Windows Enterprise Suite will literally block execution of programs and make the system unusable.

How to Remove Windows Enterprise Suite

1. Kill any running process that belongs to Windows Enterprise Suite.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for the following files and click End Task.
WE83b.exe or (random).exe

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit. This will open registry editor.
- Find and delete the following:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows Enterprise Suite"
- Close registry editor. Changes made will be save automatically.

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please Update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.

4. Delete all files dropped by Windows Enterprise Suite.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Associated Files and Folders.'

Automatic Removal of Windows Enterprise Suite

In order to completely remove the threat, click here to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected machine.

Alternative Removal Method for Windows Enterprise Suite

Option 1 : Use Windows System Restore to return Windows to previous state

If Windows Enterprise Suite enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Windows Enterprise Suite infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.

Option 2 : Windows Enterprise Suite manual uninstall guide

IMPORTANT! Manual removal of Windows Enterprise Suite requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to Windows Enterprise Suite.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for Windows Enterprise Suite files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.

4. Delete all files dropped by Windows Enterprise Suite.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Technical Reference

Associated Files and Folders:Added Registry Entries: