Live Security Platinum is a typical fake antivirus program that rotates in the Web and tends to infect random PC users. It is very easy to get this infection but One should sweat to remove it. We receive numerous queries from our customers regard this virus deletion. GridinSoft Trojan Killer anti-malware Lab has thoroughly analyzed this application and ready to tell you about the behavior of this badware on the compromised computer and give you some helpful recommendations on how to easy and effectively deal with this nasty thing. Millions of computers worldwide are contaminated of this parasite which can paralyze the whole computer function. This fake AV blocks execution (running) of legitimate security programs (no matter which application you prefer to use). Go on reading to suss out the main Live Security Platinum elimination principles.
As we have already said above, this unwanted guest can prevent you from running any decent programs. In such way it protects itself from being detected and removed. Process Killer (pkiller.exe) is an effective tool that can help you to kill Live Security Platinum rogue process. You may download it from the address http://trojan-killer.net/download/pkiller.exe . Save it to some folder at your computer and rename the file to iexplore.exe . Then run iexplore.exe – this will render harmless the malicious process of the above-mentioned parasite. The next thing you should do is to delete the virus using the legitimate security program. We recommend you to give preferences to GridinSoft Trojan Killer – the powerful anti-virus that will neutralize all malicious files, registry entries and all other remnants of Live Security Platinum scareware.
Live Security Platinum malware remover:
%AppData%\NPSWF32.dll
%AppData%\Protector-[rnd].exe
%AppData%\result.db
Delete Live Security Platinum registry entries:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Inspector %AppData%\Protector-[rnd].exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4
HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\UID [rnd]
HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe
No comments:
Post a Comment