Livesoftrock.com
Livesoftrock.com is a malicious browser hijacker designed to promote the Antivirus Soft rogue anti-spyware program. Do not click on any webpage this browser hijacker produces and do not fall for its trickery. Livesoftrock.com will redirect your browser to a fake system scan page, which produces bogus results to convince you that the system is infected. This is all part of the scam to sell Antivirus Soft's rogue product. Use an efficient anti-spyware remover to detect and terminate all threats related to Antivirus Soft, including Livesoftrock.com.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random]sftav.exe 2 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random]sysguard.exe 3 [random]sftav.exe 4 [random]sysguard.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AvScanHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"
You can't do any of this unless you boot up in safe mode. Livesoftrock cancels all applications from booting up including command prompts like cmd or regedit.
Research the Livesoftrock.com /Antivirus Soft issue before you do anything.
1) could not get onto the web because the virus blocked me.
2)Spydoctor is a paid program, so when you download it, you still have to pay for it before you can try to fix your computer.
3) Microsoft and Spyblaster did not detect anything so it would not fix the issue.
4) You cant use the task manager to help because everything you try to run is shut down.
5) Shuts down regedit and msconfig as well.
1) Start in safe mode with a copy of hijackthis and run it.
2) Delete anything you dont recognize. Delete anything with proxy server on it.
3) Restart your computer
4) QUICKLY START HIJACK again. before anything else has a chance to boot.
Run hijack again
5) Go into browser tools / internet options /connections /LAN settings / uncheck proxy server.
Several of the recommended fix I found on line did not work. I dont think it was researched to see if it actually worked.