Threat Database Rogue Anti-Spyware Program Live Security Professional

Live Security Professional

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 95
First Seen: July 31, 2013
Last Seen: November 7, 2022
OS(es) Affected: Windows

Live Security Professional is a rogue security program. This means that Live Security Professional is designed to look and act like a real anti-malware application but, rather than actually being able to remove malware, Live Security Professional is designed to scam inexperienced computer users. The Live Security Professional fake anti-virus application is a severe threat to your computer's security which should be removed immediately with the help of a reliable anti-malware program. It is also important to remember that Live Security Professional has no way of detecting or removing malware from a computer. Because of this, ignore all of Live Security Professional's instructions or warnings in order to prevent further malware attacks or loss of your money and private information.

Live Security Professional Doesn’t Provide Any Kind of Security to Your PC

Live Security Professional belongs to the WinWeb Security and is used to steal money from inexperienced computer users by making them believe that their computer was infected with numerous Trojans and viruses. Live Security Professional will usually enter a computer through social engineering tactics or through typical malware delivery avenues (such as attack websites or malicious email attachments). Once Live Security Professional is installed on the infected computer, Live Security Professional makes changes to the infected computer's settings that allow Live Security Professional to display fake warning messages and system alerts. The Live Security Professional infection is designed to scare the computer user into believing that there is a severe virus infection on the affected machine. Live Security Professional pretends to be a real security program and displays numerous fake error messages and alerts claiming to have found severe infections. When the computer user tries to use Live Security Professional to fix these supposed malware threats, this fake security program claims that it is necessary to pay for a 'full version' of this rogue security application.

Do Not Waste Your Money Buying the Live Security Professional Useless Program

Live Security Professional's 'full version' is just as useless as its supposed free version, so the best advise ESG security researchers have to offer is to avoid purchasing this bogus security application as well as any of its various clones that include System Security, Antivirus Security, Total Security 2009, Security Tool, Trojan.RogueAV.a.gen, System Adware Scanner 2010, FakeAlert-KW.e, Advanced Security Tool 2010, System Tool 2011, Security Shield, MS Removal Tool, Total Security, System Security 2011, Essential Cleaner, Security Shield Pro 2011, Personal Shield Pro, Security Shield 2011, Security Sphere 2012, Advanced PC Shield 2012, Futurro Antivirus. If Live Security Professional has been installed on your PC, Live Security Professional should be removed immediately with the help of a reliable anti-malware application. ESG security researchers strongly recommend that computer users avoid paying for this fake security application.

SpyHunter Detects & Remove Live Security Professional

File System Details

Live Security Professional may create the following file(s):
# File Name MD5 Detections
1. file.exe 72e4b6f95e45c578874fc67034fc4e89 4
2. %AllUsersProfile%\Application Data\rundll32.exe
3. %AllUsersProfile%\Application Data\[RANDOM NUMBERS AND CHARACTERS].js
4. %AllUsersProfile%\Application Data\[RANDOM NUMBERS AND CHARACTERS].pad
5. %Temp%\tratra.lnk
6. %AllUsersProfile%\Application Data\[RANDOM NUMBERS AND CHARACTERS].dat
7. %StartMenu%\Programs\Startup\regmonstd.lnk
8. %AllUsersProfile%\Application Data\[RANDOM NUMBERS AND CHARACTERS].txt
9. %AllUsersProfile%\Application Data\sdaksda.txt
10. ej1rw.js 242e7a56b8841a23f5dcbad8b74f4087 0
11. ej1rw.pad 323c6483f2f9ec9b26e38f4fd0053f95 0

Registry Details

Live Security Professional may create the following registry entry or registry entries:
Regexp file mask
%ALLUSERSPROFILE%\Application Data\rundll32.exe
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\ShowedCheckBrowser Yes
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500 3
HKEY_CURRENT_USER\Software\Microsoft\WindowsCurrentVersion\Internet Settings\Zones\2\2500 3
HKEY_CURRENT_USER\Software\Live Security Professional
HKEY_CURRENT_USER\Software\Microsoft\WindowsCurrentVersion\Internet Settings\Zones\1\2500 3
HKEY_CURRENT_USER\Software\Microsoft\WindowsCurrentVersion\Internet Settings\Zones\3\2500 3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "ctfmon32.exe" = "C:\DOCUME~1\ALLUSE~1\APPLIC~1\rundll32.exe C:\DOCUME~1\ALLUSE~1\APPLIC~1\[RANDOM NUMBERS AND CHARACTERS].dat,XFG00"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\NoProtectedModeBanner 1
HKEY_CURRENT_USER\Software\Microsoft\WindowsCurrentVersion\Internet Settings\Zones\4\2500 3
Software\Live Security Professional


The following messages associated with Live Security Professional were found:

Live Security Professional
Live Security Professional has blocked cmd.exe! Threat detected!
Threat detected!
Security Alert! Your computer was found to be infected with privacy-threatening software. Private data may get stolen and system damage may be severe.
Recover your PC from the infection right now, perform a security scan.


Most Viewed