Live Enterprise Suite - How to remove January 27, 2010 By gabriele Live Enterprise Suite is a dangerous rogue anti-spyware that “detects” legitimate Windows files as infections and additionally offers its paid services for removing them. LiveEnterpriseSuite was released by the same scammers who should be blamed for letting Ghost Antivirus and Internet Antivirus Pro outside, so just like the first ones, it uses aggressive techniques to make it difficult to remove. TDL3 rootkit is also connected to this rogue anti-spyware that makes it even harder to remove, so if you have already found Live Enterprise Suite on your computer you should IMMEDIATELY use a reputable anti-spyware for elimination. Live Enterprise Suite is promoted through the use of malware and fake online anti-malware scanners. If it is installed successfully, the first thing this program will do is disable of Task Manager so that you would not be allowed to stop its processes. Live Enterprise Suite installs various malware as well and cleverly creates it in random paths under the Windows folder. These actions will constantly terminate Explorer.exe or other executables with a reason to make people completely lost when they will try to access Windows desktop or any other program on it. Periodic system scanners are automatically loaded by Live Enterprise Suite when PC boots up. This rogue anti-spyware reports tons of supposed infections and tells that they will be “removed” only after people first purchase the program. These infections, though, just like numerous security alerts announcing about the critical level of PC protection are invented by LiveEnterpriseSuite. Some of them are known to be legitimate Windows files, so if removed they can even affect a normal Windows functionality. Please keep in mind that Live Enterprise Suite is a dangerous application which needs to be eliminated as soon as possible. Ignore its security alerts because they are fake and don’t think about making a purchase of this scam. It goes without saying that you MUST contact your credit card company to dispute the charges if you have already paid for it. An don’t forget to delete Live Enterprise Suite immediately after noticing its misleading activity on your computer. On middle May 2010, Live Enterprise Suite was replaced by Live Security Suite. The owners are more or less the same, and rogue got a new facelift. Both Live Enterprise Suite and Live Security Suite should be removed. Automatic Malware removal tools Download Spyhunter for Malware detection(Win) Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Download Combo Cleaner for Malware detection(Mac) Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy , Manual removal Processes: unins000.exe winlogon.exe services.exe atbyin.exe [random path]char.exe IAPro.exe Dll: WMILib.dll [random path].dll Files: %UserProfile%\\Application Data\\Live Enterprise Suite %UserProfile%\\Application Data\\Live Enterprise Suite\\settings.ini %UserProfile%\\Application Data\\Live Enterprise Suite\\uill.ini %UserProfile%\\Application Data\\Live Enterprise Suite\\unins000.exe %UserProfile%\\Application Data\\Live Enterprise Suite\\updateloadlist.ini %UserProfile%\\Application Data\\Live Enterprise Suite\\db %UserProfile%\\Application Data\\Live Enterprise Suite\\db\\config.cfg %UserProfile%\\Application Data\\Live Enterprise Suite\\db\\Timeout.inf %UserProfile%\\Application Data\\Live Enterprise Suite\\db\\Urls.inf %UserProfile%\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Internet Antivirus Pro.lnk %UserProfile%\\Application Data\\Microsoft\\Windows\\winlogon.exe %UserProfile%\\Local Settings\\Application Data\\Microsoft\\Windows\\log.txt %UserProfile%\\Local Settings\\Application Data\\Microsoft\\Windows\\pguard.ini %UserProfile%\\Local Settings\\Application Data\\Microsoft\\Windows\\services.exe %UserProfile%\\My Documents\\My Pictures\\atbyin.exe c:\\Program Files\\Common Files\\[random path]char.exe c:\\Program Files\\Common Files\\[random path]calc.exe c:\\Program Files\\Internet Antivirus Pro c:\\Program Files\\Internet Antivirus Pro\\activate.ico c:\\Program Files\\Internet Antivirus Pro\\Explorer.ico c:\\Program Files\\Internet Antivirus Pro\\IAPro.exe c:\\Program Files\\Internet Antivirus Pro\\unins000.dat c:\\Program Files\\Internet Antivirus Pro\\uninstall.ico c:\\Program Files\\Internet Antivirus Pro\\working.log c:\\Program Files\\Internet Antivirus Pro\\db c:\\Program Files\\Internet Antivirus Pro\\db\\DBInfo.ver c:\\Program Files\\Internet Antivirus Pro\\db\\ia080614.db c:\\Program Files\\Internet Antivirus Pro\\db\\lists.ini c:\\Program Files\\Internet Antivirus Pro\\db\\WMILib.dll c:\\Program Files\\Internet Antivirus Pro\\Languages c:\\Program Files\\Internet Antivirus Pro\\Languages\\IAEs.lng c:\\Program Files\\Internet Antivirus Pro\\Languages\\IAFr.lng c:\\Program Files\\Internet Antivirus Pro\\Languages\\IAGer.lng c:\\Program Files\\Internet Antivirus Pro\\Languages\\IAIt.lng c:\\WINDOWS\\system32\\[random path].dll c:\\WINDOWS\\system32\\[random path].dll c:\\Documents and Settings\\All Users\\Desktop\\Internet Antivirus Pro.lnk c:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Internet Antivirus Pro c:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Internet Antivirus Pro\\Internet Antivirus Pro Home Page.lnk c:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Internet Antivirus Pro\\Internet Antivirus Pro.lnk c:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Internet Antivirus Pro\\Purchase License.lnk c:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Internet Antivirus Pro\\Uninstall Internet Antivirus Pro.lnk Registers: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\taskmgr.exe \"Debugger\" HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\taskmgr.exe \"RealDebugger\" HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\567 1.4.2.0_is1 HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Live Enterprise Suite_is1 HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\taskmgr.exe HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Enum\\Root\\LEGACY_HTGRDENGINE HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\HTGrdEngine HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Enum\\Root\\LEGACY_HTGRDENGINE HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\HTGrdEngine HKEY_CURRENT_USER\\Software\\Microsoft\\FTP \"SearchDir\" = \"c:\\program files\\Internet Antivirus Pro\\\" HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\Run \"[random]\" HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \"Live Enterprise Suite\" HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \"Microsoft Windows logon process\" HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_BROWSER_EMULATION \"svchost.exe\" HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\User Agent \"URIAPRO[]\" HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\User Agent \"URIAPRO[]\" Live Enterprise Suite facts Type: Rogue Anti-Spyware Download Spyhunter for Malware detection(Win) Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Download Combo Cleaner for Malware detection(Mac) Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy , TOC Leave a ReplyYour email address will not be published. Required fields are marked *Comment * Name * Email * Website