Saturday, May 15, 2010

Live Security Suite Removal GuideLive Security Suite Removal Guide

Live Security Suite Removal Guide
Live Security Suite (LiveSecuritySuite) is a fake antivirus program which infect your PC when you download a video codec, or update your flash player. Live Security Suite scans your computer everytime you boot your Windows up, and send fake warnings and alerts that your computer is in danger. This is a scam and try to get users to purchase Live Security Suite. Remove Live Security Suite from the infected system immediately.

Removal Guide
Kill Process
(How to kill a process effectively?)
LiveSS.exe
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
%UserProfile%\Application Data\Live Security Suite\unins000.exe

Unregister DLL files
%ProgramFiles%\Live Security Suite\db\WMILib.dll

Delete Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "UpdatesDisableNotify" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent "URLSS[2.0.3.0]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AVPath" = "\\.\root\SecurityCenter:AntiVirusProduct.instanceGuid="{653E64F8-62B6-4F96-B22D-4FFC6E44130E}"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirstRunDisabled" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallDisableNotify" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Live Security Suite"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "uniname" = "Live Security Suite_is1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PrS" = "http://gen-avpay.com/choose/?productid=GENAV3&uid=0&machineid=c3f92274b4b15694ae2311bd2316c727"
HKEY_CURRENT_USER\Software\Live Security Suite
HKEY_CURRENT_USER\Software\Microsoft\FTP "SearchDir" = "C:\Program Files\Live Security Suite\"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Suite_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Live Security Suite

Remove Folders and Files
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
%UserProfile%\Desktop\LiveSS.exe.txt
%UserProfile%\Desktop\Live Security Suite.lnk
%UserProfile%\Application Data\Live Security Suite
%Program Files%\Live Security Suite

No comments:

Post a Comment