Antivirus Live Removal Guide

Threat Level:
9/10
Rate this Article:
Comments (0)
Article Views: 13897
Category: Fake Antispyware

Antivirus Live comes from the same family of rogues as Antivirus System Pro. It is a fake computer security program and it copies the appearance of genuine computer safeguard applications in order to rip easy financial gain. By no means should you trust this application or consider it to be a legitimate program. Doing so would result in devastating consequences. You could lose all your money just by trusting Antivirus Live and you certainly would not want that.

If you are wondering how Antivirus Live is able to enter your system, the answer is very simple. Most of the rogues are associated with some other infections like Trojans, for example. Some Trojans connect to remote servers and download rogues like Antivirus Live onto target computers without users’ knowledge and/or permission. Trojan infection is hard to tackle, so you can never know when something like Antivirus Live might end up in your system. It shows that your antivirus program should be constantly up to date, and system scans should be performed regularly, if you want to avoid this problem.

However, if you happened to get infected by Antivirus Live, get ready for war. This rogue means serious business and it will sure make it seem like your system is suffering from serious problems. It will not allow you to run certain problems, blaming everything on some non-existent infection. Antivirus Live will tell you that the program had to be blocked in order to prevent the spread of the infection to others parts of your system. The message that follows the block is thus:

Security Warning
Application cannot be executed. The file hijackthis.exe is infected. Do you want to activate your antivirus software now?

Also, Antivirus Live might send you other fake security alert messages, such like this one:

Windows Security Alert
Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here for the scan you computer. Your system might be at risk now.

These messages and the rogue’s behavior in general is devised that way because the cyber criminals need you to believe that there is no other way out of this situation but to buy the full version of Antivirus Live. DO NOT DO THIS. Remove Antivirus Live from your computer if you want it back to normal. Use a reliable antispyware tool for the automatic removal if you do not know how to perform it manually. As long as the rogue disappears for good, all methods of removal are acceptable.

Download Remover for Antivirus Live *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter.

Antivirus Live Screenshots:

Antivirus Live

Antivirus Live technical info for manual removal:

Files Modified/Created on the system:

# File Name File Size (Bytes) File Hash
1nworsysguard.exe250624 bytesMD5: b54ed44807c881ca78a1d2a6fea14099
2eirqsysguard.exe429056 bytesMD5: b1b579e5705630ece0a7058ef8366e93
3sgnfsysguard.exe358144 bytesMD5: 0040e19bdeff2f26495e8ff8c1c86d78
4pxhrsysguard.exe250624 bytesMD5: 52092c53770a70d71513fce53bd18254
5anbesysguard.exe279296 bytesMD5: aa14cf58d92c00c2353b814ac079ae8d
6hlcpsysguard.exe429056 bytesMD5: 8404b9c7af3d297293e1a699b990c8ef
7savhsysguard.exe250624 bytesMD5: bcfe50fc2015af7beed9a09577be201d
8tfyusysguard.exe429056 bytesMD5: 0af359addd2a169acf1bf79d8390f5cb
9firisysguard.exe255744 bytesMD5: 6bad58f0f15d384a69503dbf9ab94fae
10ycvtsysguard.exe429056 bytesMD5: c908fedac97ba56b16aa4da7f5dbb70b
11oslksysguard.exe279296 bytesMD5: ebf37dd60c6a7cefdc4aa7d345b18114
12pbuqsysguard.exe294928 bytesMD5: e1b00f75057a2bc221b33f6ca5cbcf6a
13ynrasysguard.exe358144 bytesMD5: a9131bccdc09b4e39fdf093461fd28f7
14bcvksysguard.exe231168 bytesMD5: f2c0148943b89d1c9abaf5d94affd171
15vcsosysguard.exe429056 bytesMD5: 827aa8b04b9748e8335ba7859f4a2f20
16nswosysguard.exe250624 bytesMD5: 1f84accb79a737e17b97b6ea2c6f64f0
17%UserProfile%\Local Settings\Application Data\??????
18gjqcsysguard.exe266496 bytesMD5: 3fcb8b29edf41e38e41c76970182920f
19wegtsysguard.exe328448 bytesMD5: e0894e07721b5c1a3b45496cee46ebf9
20cxwysysguard.exe250624 bytesMD5: 9e9960c07ae6036d3dfe8edf23134c26
21njgksysguard.exe255744 bytesMD5: 66f572887ba65b8bf962fb175f8e8928
22itqqsysguard.exe256256 bytesMD5: 6870c6219d5ac6a35343e19f84cb6c0e
23ufwfsysguard.exe256256 bytesMD5: 6c4cb999488bad4901af7a712406ad67
24fpfgsysguard.exe429056 bytesMD5: 264eff482cedc5aa9ce53cd8419dbb12
25pxwksysguard.exe257792 bytesMD5: 75351c346ad3fe2f5334d2b608516f25
26qdcwsysguard.exe266496 bytesMD5: e52c3e7526055190fef2ec3d79b075c6
27gwxasysguard.exe250624 bytesMD5: 8334c88e56c42435c7733c3407556b94
28mbnqsysguard.exe358144 bytesMD5: 25a48948ed84b17285af017af9a20d6e
29ahpbsysguard.exe250624 bytesMD5: 7fb650ded66eb2f46fd87f6394c76bcf
30fmfwsysguard.exe429056 bytesMD5: 185551d9d3d26422018762f81f4e6b2a
31rxissysguard.exe429056 bytesMD5: bcc5224931234ff7bd8e425187f03e44
32feflsysguard.exe450816 bytesMD5: cb3f6e6d9d9fc81d672a3ec81c827222
33acsqsysguard.exe446720 bytesMD5: 62698cc20a087a4c84113a9f3d526337
34xinpsysguard.exe266496 bytesMD5: e3354fc6813d4876f7a9095fd7345368
35qtqssysguard.exe429056 bytesMD5: 185551d9d3d26422018762f81f4e6b2a
36ojvqsysguard.exe
37yobosysguard.exe256256 bytesMD5: 4854d10e95f193d0a45e40bf35eaafa9
38rnupsysguard.exe250624 bytesMD5: 4d0d93b5045ca1ccd2cfce95724c2b53
39oxclsysguard.exe358144 bytesMD5: 3d93f631ff53756c95aa7460c550005b
40xyiksysguard.exe255744 bytesMD5: a3c80be179cb9b63ea136959628cdc13
41ygdpsysguard.exe285712 bytesMD5: 1110c115e63bd0073b794799f56d8967
42esjdsysguard.exe431360 bytesMD5: de4c81af47d13dcb20cdf0327b0146b1
43wnwgsysguard.exe243968 bytesMD5: 93c47219e8721f3b7a0b767ee61b3b3e
44syvvsysguard.exe431360 bytesMD5: 943499a20411ffe95e01ca928c9bb5b6

Registry Modifications:

The following Registry Keys were created:

  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ kceuegvk
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ wlwjvytd
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ dvcpyoiu
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ygbtsfru
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ sqwqcdgj
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN kjiahiog
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rlnbkfum
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rvcsgeeq
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ jngohxfi
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ cfcshhge
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ sbuedhsh
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rkatnfcb
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ytsxmusf
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ epchjfmy
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ bwndpkpe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ myrmlfdn
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ kjiahiog
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN ytgrdwst
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rkuottab
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ alkpvyje
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN wlwjvytd
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ytgrdwst
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ embnayra
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN phipmcrm
  • HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ vvjwlgqf
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ wpswqjue
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ nyuqdsxq
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ipopqcov
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ fkdatvyd
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ilsyyigh
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ebcoljkk
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ hdbilwen
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ phipmcrm

Reply

Your email address will not be published.

Name
Website
Comment

Enter the numbers in the box to the right *