How to Remove Antivirus Live | Antivirus Live Removal Guide



Antivirus Live is a rogue antivirus application that usually is installed without the permission of the owner of the computer. Simple web browsing may be enough when visiting the wrong site for this to introduce itself onto the machine via a trojan or even aggressive advertising within the page that tricks or confuses the user into installing it. It’s other tactics are fairly aggressive as well as it tries to disable your legitimate antivirus or antimalware software and prevent it from installing as well as hijacking the web browser so that you can only visit their page to purchase the software. After all, they claim to be able to fix all of the problems on your computer. Read on for how to remove Antivirus Live.


Basically this rogue will pop up all sorts of warnings about security problems with your computer and in reality IT is the biggest problem. It hijacks web browsing by configuring internet explorer to browse through a proxy. So first you may wish to change that in the internet explorer settings (tools, internet options), connection settings tab, then LAN settings and then uncheck the “use proxy server” checkbox. (Click okay on your way out fo all of these property sheets.

Bleeping computer has a utility called rkill.com that will kill off the running processes for this (and other rogues.) That is necessary to be able to get malwarebytes antimalware installed. You can download it here. If you wish you may also try to kill off the process other ways such as through the task manager, or process explorer. The filename has some random letters/numbers and then sysguard.exe so it may appear as cseasysguard.exe for example.

After it is killed off you should be able to download and install malwareybytes antimalware (from the virus removal toolkit page) or superantispyware. You should remove everything that they find including the files listed below.

The following files and folders should be deleted:

%userprof%\Local Settings\Application Data\RANDOM\
%userprof%\Local Settings\Application Data\RANDOM\RANDOMsysguard.exe

After a complete removal run another full scan with either malwarebytes antimalware or superantispyware and then follow up with a trusted antivirus product such as AVG/Avira or maybe trendmicros online housecall.

   Send article as PDF   

Similar Posts