How to Manually Remove Antivirus Live

Posted on February 22nd, 2011 by by Shenron
If you like this post and want to receive updates from us, please subscribe to our RSS feed.

Antivirus Live is a form of rogue Antivirus application that attacks your system through Trojans or certain other malicious viruses. If it enters your in your system, you will begin to get warnings and notifications telling you that your system is at great security risks and infected by malicious viruses which it in fact not. The first thing this rogue application blocks on your system will be your authentic antivirus software. It also blocks other programs as well such as Internet Explorer, etc. Application cannot be executed will be the prompt message that you receive while executing different programs.

Following are given some instructions to remove Antivirus Live application manually from your system.

Antivirus Live Screen1 How to Manually Remove Antivirus Live

1.      First download Process Explorer onto your system from http://live.sysinternals.com/procexp.exe.

2.      Then, rename the procexp.exe as explorer.com before saving it.

3.      Launch the Process Explorer by clicking on explorer.com. Neutralize the Antivirus Live process.

  • [random]sysguard.exe, for example: xyzlsysguard.exe

4.      Locate and delete the folder given below from your system:

  • %UserProfile%Local SettingsApplication Data[RANDOM CHARACTERS]

5.      Next, open the Windows Registry Editor by entering ‘regedit’ into the run command.

6.      Delete the following registry values or entries:

  • HKEY_CURRENT_USERSoftwareAvScan
  • HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload “RunInvalidSignatures” = “1″
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings “ProxyOverride” = “”
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings “ProxyServer” = “http=127.0.0.1:5555″
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAssociations “LowRiskFileTypes” = “.exe”
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAttachments “SaveZoneInformation” = “1″
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “[random]“
  • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “[random]“