Antivirus Live is a rogue anti-spyware and ransomware program from the same family as Antivirus System Pro. Antivirus Live is installed via Trojans that install it automatically to your computer. Once installed, Antivirus Live will start up automatically when Windows boot. Once active it will scan your computer and display numerous infections, but will inform it will not remove them until you purchase the program. Actually, the scan is just a scam.
This program is also very aggressive in how it protects itself from being removed. While the Antivirus Live 2010 process is running it will terminate almost all programs that you launch stating that they are infected. It will also change the Proxy settings in Internet Explorer so that you can not browse to any site other than the Antivirus Live 2010 site so that you can purchase the program.
This step-by-step guide completely remove Antivirus Live. If you have any problem during the removal process, please contact Tee Support agent 24/7 online for more detailed instructions.
Screenshot for Antivirus Live:
Solution 1:
1) Kill processes: press Alt+Ctrl+Del>choose processes in the pop-up window, locate the process: [random]sysguard.exe>click it and then press End Process. (If this method doesn’t work, download a professioanl process tool to kill it.)
2) Delete registry values: click Start>Run>enter regedit in the box, click ok; Click the pluses (+) next to the following items>right-click and delete them one-by-one.
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:5555″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = “.exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[random]”
3) Search and delete files: [random]sysguard.exe
4) Delete directories:
%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS]\
%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS]\[random]sysguard.exe
Solution 2:
Download a removal like Spyware Doctor or Malwarebytes’ Anti-malware to automatically remove Antivirus Live. Of course, download the anti-virus software need to be done from another computer, since the internet browser doesn’t work under the infection.
Leave a reply