Home Malware Programs Rogue Anti-Virus Programs Antivirus Live 2010

Antivirus Live 2010

Posted: February 23, 2010

Antivirus Live 2010 is rogue security software created to maliciously lure victims into spending money on a useless product. If your PC is infected with Antivirus Live 2010 it will display fake security warnings and prompts urging you to obtain a licensed version of Antivirus Live 2010. This rogue creates a list of fake viruses and convinces you that the PC is infected. The full version of Antivirus Live 2010 will not help it resolving security threats on the computer, it is a waste of money. The only way to remove Antivirus Live 2010 is by scanning a computer with trusted anti-virus application. This will not only remove Antivirus Live 2010 but the other corrupt files associated with it as well.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %UserProfile%\Local Settings\Application Data\[random]\
    2 %UserProfile%\Local Settings\Application Data\[random]\[random]sysguard.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AvScanHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Internet Settings "ProxyOverride" = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Associations "LowRiskFileTypes" = ".exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Attachments "SaveZoneInformation" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run "Antivirus Live 2010"HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run "[random]"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run "[random]"
Loading...