- Installs itself without permissions
- Connects to the internet without permission
- Shows commercial adverts
- Slow internet connection
- Annoying Pop-up's
- Slow Computer
Antivirus LiveAntivirus Live is the latest rogue anti-spyware application, which was designed to attempt to dupe unsuspecting PC users into believing their dubious tactics to be true, and ultimately persuade them into purchasing the full version of this nefarious application. Antivirus Live, also known as Antivirus Live, is believed to be a replica of the rogue program: Antivirus System Pro. Antivirus Live usually spreads by using browser hijackers to redirect the user to websites hosting fake online system scans and thus tricking him into downloading the program. As is typical of rogue anti-spyware software like this, Antivirus Live doesn’t deviate much from the typical and most widely practiced tactics of PC parasite infiltration. Antivirus Live tends to also make use of affiliated backdoor Trojan infections, usually Trojan Vundo or Zlob, in order to ensure hidden penetration into the targeted machine is successful. Once inside the designated system, Antivirus Live will obscurely create hundreds of fake malware entities in the infiltrated system. Once this is done, Virus Remover Professional will then “detect” these dummy files and ensure the unsuspecting user, you, think it’s high time you removed all the reported malware. Antivirus Lives’ malicious trialware usually runs each time you log onto Windows and will display its fake system scanner that claims to find a variety of corrupted dangerous files. As a well-practiced tactic, Antivirus Live will have you believe that in order to protect your Operating System against these “detections”, you will be prompted to install Antivirus Live full commercial version which demands payment. Antivirus Live has the following properties: - Changes browser settings If you do install Antivirus Live licensed software, you will soon realize that it’s not only worthless in terms of malware removal, but it compromises any computer systems’ performance and will eventually slow down the computer considerably. One should remove the Antivirus Live rogue anti-spyware application as soon as it has been detected. A system that has been infected with Antivirus Live may tend to display the following basic symptoms, which a computer user should look out for: • Slow computer performance: • New desktop shortcuts or switched homepage: • Annoying pop-up messages: Manual removal is probably your best bet at maintaining the integrity of your computer, but manual removal should only be tried by those individuals that know a bit about registry files, and should be left to the individual who knows how to navigate their way around system files. All in all though, I would recommend, especially if you are not completely tech savvy, to make use of a reliable and legitimate, fully functional, up-to-date anti-spyware application, to remove Antivirus Live and all its components from the infected computer system. |
Download Spyware Removal Tool to Remove*
Antivirus Live
|
How to manually remove Antivirus Live
Files associated with infection (Antivirus Live):
xinpsysguard.exe
wegtsysguard.exe
tfyusysguard.exe
sgnfsysguard.exe
savhsysguard.exe
qtqssysguard.exe
qdcwsysguard.exe
pxwksysguard.exe
pbuqsysguard.exe
oslksysguard.exe
gjqcsysguard.exe
fpfgsysguard.exe
bcvksysguard.exe
ojvqsysguard.exe
nswosysguard.exe
anbesysguard.exe
cxwysysguard.exe
ufwfsysguard.exe
mbnqsysguard.exe
ynrasysguard.exe
oxclsysguard.exe
itqqsysguard.exe
njgksysguard.exe
rxissysguard.exe
yobosysguard.exe
xyiksysguard.exe
firisysguard.exe
fmfwsysguard.exe
ycvtsysguard.exe
hlcpsysguard.exe
vcsosysguard.exe
eirqsysguard.exe
esjdsysguard.exe
rnupsysguard.exe
syvvsysguard.exe
ahpbsysguard.exe
pxhrsysguard.exe
acsqsysguard.exe
feflsysguard.exe
wnwgsysguard.exe
nworsysguard.exe
gwxasysguard.exe
Processes to kill (Antivirus Live):
xinpsysguard.exe
wegtsysguard.exe
tfyusysguard.exe
sgnfsysguard.exe
savhsysguard.exe
qtqssysguard.exe
qdcwsysguard.exe
pxwksysguard.exe
pbuqsysguard.exe
oslksysguard.exe
gjqcsysguard.exe
fpfgsysguard.exe
bcvksysguard.exe
ojvqsysguard.exe
nswosysguard.exe
anbesysguard.exe
cxwysysguard.exe
ufwfsysguard.exe
mbnqsysguard.exe
ynrasysguard.exe
oxclsysguard.exe
itqqsysguard.exe
njgksysguard.exe
rxissysguard.exe
yobosysguard.exe
xyiksysguard.exe
firisysguard.exe
fmfwsysguard.exe
ycvtsysguard.exe
hlcpsysguard.exe
vcsosysguard.exe
eirqsysguard.exe
esjdsysguard.exe
rnupsysguard.exe
syvvsysguard.exe
ahpbsysguard.exe
pxhrsysguard.exe
acsqsysguard.exe
feflsysguard.exe
wnwgsysguard.exe
nworsysguard.exe
gwxasysguard.exe
Remove registry entries (Antivirus Live):
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ alkpvyje
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ bwndpkpe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ cfcshhge
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ dvcpyoiu
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ebcoljkk
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ embnayra
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ epchjfmy
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ fkdatvyd
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ hdbilwen
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ilsyyigh
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ipopqcov
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ jngohxfi
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ kceuegvk
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ kjiahiog
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ myrmlfdn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ nyuqdsxq
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ phipmcrm
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rkatnfcb
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rkuottab
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rlnbkfum
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rvcsgeeq
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ sbuedhsh
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ sqwqcdgj
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ wlwjvytd
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ wpswqjue
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ygbtsfru
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ytgrdwst
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ytsxmusf
Comments
I need it off my computer now.. i havnt been on anything thats a virus.. it uploaded it self and i want it off other wise i will take immediate action and it is stopping me from doing everything!!
OMFG everything i do, it goes ........ is infected. Do you want to activate your anti virus now? everything i click on!!!!!! i hate it!!
This virus is so damn annoying and I went on nothing bad to get it! It just pops up and won't even let me on the internet and brings up porn!
I went to processes under task manager (as soon as i possibly could after logging on as this bullsh#t program stops that working too as soon as it launches) and stopped a process that i had not seen on there before, the name was something like this: ksbgwbuguard.exe checked the date created under properties and it had just been added by antivirus live as i thought. stopped the process then restored my system to an earlier time using system restore, working fine now
BTW this process will have the same name under description. kill this process and it should let you restore your system
i had to restore my computer and i lost everything i shouldve read this first
there is also a new varient that i found in the processes tab in the task manager, its called taensysguard.exe, as oppossed to the former "sysguard.exe"
for some reason my computer will not do a proper system restore, every time it just says restore incomplete, any idea why this is happening?
Something didn't seem right when all of a sudden every .exe file "was infected". This solution worked perfectly.
omg! even if i downloaded the program recommended above. it wont open. it keeps saying its infected. what do i do?
Mei,
Try runing the program in Safe Mode - Start your computer continue pressing F8. A menu will appear, choose Safe Mode. After the computer boots up, try the program again.
Can't get into safe mode, and can't open task manager, it just gets shut down straight away, any other suggestions?
Thankyou very much Pcthreat!
I just went through the same thing. Couldn't get on internet to download anything to clean it off. Finally resolved it...
Restart computer and immediately do a system restore (Start menu, PC Help & Tools, System Restore) Chose an earlier date to restore to - a few days before you noticed the problem. This should let you operate as before, then do a scan and download a good spyware if you don't have one.
This will not remove any documents or files that you have saved.
This thing completely paralysed my computer. Tried restarting to do a system restore, but it was faster than me and cut me off each time. Was about to tear my hair out when I logged on with a different user account and managed to download and run an anti-spyware program, getting rid of it with ease. Everything seems to be back to normal, so well worth trying if you have more than one user account on your computer.
To kill: I have two users on my XP machine. I was able to switch to the other user and open task manager with no problem. I killed several things, and was able to switch back to my other user.
It also changed my browser settings to use a Proxy, so my internet was completely disabled.
this virus is so fast it defintely vut of the common areas of where to get rid of it im going to have fun removing it =)
Got infected today with this gastly thing. The only way I could get online to research it
was with my iPod touch. Will be having fun trying to remove it tonight.
I'm not able to restore (no administrator privilages), but can end the process.
Is there any other way to completely remove this from my pc, or will I just have to kill the process each time I start up?
This website helped me to get rid of this horrible thing!!!!
My virus was under "croisysguard.exe" It took me a large amount of time, patience, and repeated attempts of using the virus removal tools to remove this tricky virus. Above all, have patience and be persistent with the removal tools.
i hope the creator(s) of this virus die in a fire
I will light the fire
Just after starting up my computer ...I went to task manager and looked for the Utopsysguard.exe ..(not sure of the first four letters)... but immediately I was able to run programs...I am running my current virus protection to see what it can do. We'll see.
This virus completely took over my system. It wasnt allowing me to try to manually clean my system. i couldnt log onto the internet. Any type of manual clean up I tried to do the virus immediatly reverted me to antivirus. I followed of few of the tips left by you helpful computer allies. The one that worked for me was logging into a different administrator and doing a system restore. Once I did that all was well that ends well
Just another name for it in the task manger: BPIOSYSGUARD.EXE
runs two copies and is a major resource hog... I can load TM as the system logs in and end it then.
now just cleaning
Variation of the name and loation of the executable:
yuamsysgaurd.exe
Location of the executable:
Local Settings\Aplication Data\oauymo\
Registry Location:
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\kanwfefb
It's got me!! I'm in task manager now, what is it called???
If it sends you to a place to purchase the "Fix" non existant viruses. I would say that is fraud. Since they try to make you purchase the removal of their fake viruses I would say that is extorsion. Why is no one suing the company. No virus programmer would send you to a site to purchase the removal of their virus if they were not getting a cut. SUE THE BASTARDS!
so do i just terminate anything xxxxxguard.exe?
After I get rid of this thing, it's time for some good old vigilante justice.
I followed the advice of one of the commentors. I turned off the computer and then turned it back on in a minute. As soon as the status bar was visible, I clicked on All programs/accessories/system tools/system restore and restored to the previous day. When it rebooted, everything was clean.
I think I picked up the virus when I went to one of those game web sites for PCH.
I got it, I dunno how. I came home from work one day and it had overrun my PC.
I found the file FWUESYSGUARD.EXE-16B12371.pf and removed it, but it won't let me do anything else.
You need to run taskmgr early on when you get your desktop and kill whatever is named *sysguard.exe. You will be able to use your compuer and try and clean up.
I am running a stringer program from macafee that is supposed to clean it up
If you are using Windows XP you need to restart into Safe Mode and follow the suggestions. While in Safe Mode delete the contents of "C:\Documents and Settings\*UserName*\Local Setting\Temp\"
And finally run a full system scan using your virus scanner while still in Safe Mode.
A final suggestion is to make a emergency boot disk to take Windows out of the loop altogether when trying to clean up your system. There are lots of pre-built images roaming around the internet.
thanks
good.........
Wish i could locate the "Person" responsible for this.
I have other anti-virus programs and felt like I needed more protection..I bought the Antivirus Platium 2010 and it seemed to be working well...but from reading all of this, I'm guessing the other programs are prventing Antivirus Platium to do its damage. I haven't really had any problems...Any advice???
Great information, thanks for providing such useful informative blog...
I will personally hunt down whoever created antivirus live, tie them up, and slowly torture them to death.
@fml wow so cruel....
dude that thing is nasty. you guys sound like you have an easy version of it. my verison of it wouldn't let me get into alt ctrl delete or anything like that at all. holy ***** that thing was the worse after hours of trying to get rid of it I was finally able to get a system restore and got it off. damn whoever made that thing.