Live Security Suite is a dangerous fake anti-malware application that appears as a legitimate malware removal tool in an attempt to swindle users of their money. This rogue software is related to the well-known Live Enterprise Suite, which is also a malicious application. Live Security Suite reaches users systems via Trojans that get downloaded from malicious websites. Once installed, Live Security Suite loads up as a start-up application and launches into a series of fake malware scans, generating endless reports of a large amount of malicious activity being detected on the user’s system. Fake pop-ups are also generated from the Windows Taskbar, warning of malware that does not exist. The aim of all these fake warnings is to scare the user into purchasing a license for the ‘full’ version of Live Security Suite by claiming that the currently installed ‘trial’ version cannot fully clean the detected ‘threats’. However, the so-called ‘full’ version is just as incapable of scanning or cleaning the user’s system as the ‘trial’ version is. Check here Live Security Suite to get all the infos you need to remove this threat from your PC.

Live Security Suite

Once you detect the malicious activity described above, it suggests an infection of Live Security Suite. You should take immediate measures to remove this rogue program. In order to remove Live Security Suite, you need to stop its processes, delete its files and folders and remove its registry entries.

File Removal Procedures

The first step in Live Security Suite removal is to stop the following processes:

  • LiveSS.exe
  • services.exe

The next step in Live Security Suite removal is the deletion of the following files and folders:

Windows XP:

  • c:\Documents and Settings\All Users\Desktop\Live Security Suite.lnk
  • c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite
  • c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite\Live Security Suite Home Page.lnk
  • c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite\Live Security Suite.lnk
  • c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite\Purchase Licence.lnk
  • c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite\Purchase License.lnk
  • c:\Program Files\Live Security Suite
  • c:\Program Files\Live Security Suite\activate.ico
  • c:\Program Files\Live Security Suite\Explorer.ico
  • c:\Program Files\Live Security Suite\LiveSS.exe
  • c:\Program Files\Live Security Suite\unins000.dat
  • c:\Program Files\Live Security Suite\uninstall.ico
  • c:\Program Files\Live Security Suite\working.log
  • c:\Program Files\Live Security Suite\db
  • c:\Program Files\Live Security Suite\db\DBInfo.ver
  • c:\Program Files\Live Security Suite\db\ia080614.db
  • c:\Program Files\Live Security Suite\db\lists.ini
  • c:\Program Files\Live Security Suite\db\WMILib.dll
  • c:\Program Files\Live Security Suite\Languages
  • %UserProfile%\Application Data\Live Security Suite
  • %UserProfile%\Application Data\Live Security Suite\settings.ini
  • %UserProfile%\Application Data\Live Security Suite\uill.ini
  • %UserProfile%\Application Data\Live Security Suite\unins000.exe
  • %UserProfile%\Application Data\Live Security Suite\Uninstall Live Security Suite.lnk
  • %UserProfile%\Application Data\Live Security Suite\db
  • %UserProfile%\Application Data\Live Security Suite\db\config.cfg
  • %UserProfile%\Application Data\Live Security Suite\db\Timeout.inf
  • %UserProfile%\Application Data\Live Security Suite\db\Urls.inf
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Live Security Suite.lnk
  • %UserProfile%\Desktop\Live Security Suite.lnk
  • %UserProfile%\Desktop\LiveSS.exe.txt
  • %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
  • %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
  • %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
  • %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
  • %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe

Windows Vista/7:

  • c:\%USER%\My Documents\Desktop\Live Security Suite.lnk
  • c:\%USER%\Start Menu\Programs\Live Security Suite
  • c:\%USER%\Start Menu\Programs\Live Security Suite\Live Security Suite Home Page.lnk
  • c:\%USER%\Start Menu\Programs\Live Security Suite\Live Security Suite.lnk
  • c:\ :\%USER%\Start Menu\Programs\Live Security Suite\Purchase Licence.lnk
  • c:\ :\%USER%\Start Menu\Programs\Live Security Suite\Purchase License.lnk
  • c:\Program Files\Live Security Suite
  • c:\Program Files\Live Security Suite\activate.ico
  • c:\Program Files\Live Security Suite\Explorer.ico
  • c:\Program Files\Live Security Suite\LiveSS.exe
  • c:\Program Files\Live Security Suite\unins000.dat
  • c:\Program Files\Live Security Suite\uninstall.ico
  • c:\Program Files\Live Security Suite\working.log
  • c:\Program Files\Live Security Suite\db
  • c:\Program Files\Live Security Suite\db\DBInfo.ver
  • c:\Program Files\Live Security Suite\db\ia080614.db
  • c:\Program Files\Live Security Suite\db\lists.ini
  • c:\Program Files\Live Security Suite\db\WMILib.dll
  • c:\Program Files\Live Security Suite\Languages
  • %UserProfile%\Application Data\Live Security Suite
  • %UserProfile%\Application Data\Live Security Suite\settings.ini
  • %UserProfile%\Application Data\Live Security Suite\uill.ini
  • %UserProfile%\Application Data\Live Security Suite\unins000.exe
  • %UserProfile%\Application Data\Live Security Suite\Uninstall Live Security Suite.lnk
  • %UserProfile%\Application Data\Live Security Suite\db
  • %UserProfile%\Application Data\Live Security Suite\db\config.cfg
  • %UserProfile%\Application Data\Live Security Suite\db\Timeout.inf
  • %UserProfile%\Application Data\Live Security Suite\db\Urls.inf
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Live Security Suite.lnk
  • %UserProfile%\Desktop\Live Security Suite.lnk
  • %UserProfile%\Desktop\LiveSS.exe.txt
  • %UserProfile%\Local Settings\AppData\Microsoft\Internet Explorer\iGSh.png
  • %UserProfile%\Local Settings\AppData\Microsoft\Internet Explorer\iMSh.png
  • %UserProfile%\Local Settings\AppData\Microsoft\Internet Explorer\iPSh.png
  • %UserProfile%\Local Settings\AppData\Microsoft\Windows\pguard.ini
  • %UserProfile%\Local Settings\AppData\Microsoft\Windows\services.exe

After the above steps have been completed, Live Security Suite no longer resides on your hard disk.

Registry Removal Procedures

Removal of files and folders alone is not sufficient to completely delete Live Security Suite. The following registry keys and settings should also be deleted for complete Live Security Suite removal:

  • HKEY_CURRENT_USER\Software\Live Security Suite
  • HKEY_LOCAL_MACHINE\SOFTWARE\Live Security Suite
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Suite_is1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
  • HKEY_CURRENT_USER\Software\Microsoft\FTP “SearchDir” = “C:\Program Files\Live Security Suite\”
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PrS” = “http://gen-avpay.com/choose/?productid=GENAV3&uid=0&machineid=c3f92274b4b15694ae2311bd2316c727″
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “uniname” = “Live Security Suite_is1″
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Live Security Suite”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AVPath” = “\\.\root\SecurityCenter:AntiVirusProduct.instanceGuid=”653E64F8-62B6-4F96-B22D-4FFC6E44130E””
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent “URLSS[2.0.3.0]”

CHANGE THESE KEYS TO 1:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallDisableNotify” = “0”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirstRunDisabled” = “0”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “UpdatesDisableNotify” = “0”

Conclusion

Manual Live Security Suite removal is not recommended for inexperienced users as one wrong move during the process could cause irreversible damage to your operating system. Therefore the best course of action to take would be to use a web-based repair service such as www.onlinecomputerrepair.org or a legitimate antivirus program such as Spyware Doctor with Antivirus to ensure that Live Security Suite removal is done in a safe and efficient manner.

Be Sociable, Share!