Livesoftrock.com

By GoldSparrow in Browser Hijackers

Translate To:

Livesoftrock.com is a misleading domain that promotes the fake security program Antivirus Soft. The trial version of Antivirus Soft may enter a system via a stealthy Trojan. Once inside, Antivirus Soft will run a fake scan that will detect dangerous malware on the system and advise the user to purchase the full version of Antivirus Soft in order to remove the malware. Victims will then be frequently directed to Livesoftrock.com which is the official or payment page for Antivirus Soft. Do not purchase anything on Livesoftrock.com it is a malicious websites

File System Details

Livesoftrock.com may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random]sftav.exe
Name: %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random]sftav.exe Type: Executable File
2.	[random]sysguard.exe
Name: [random]sysguard.exe Type: Executable File
3.	[random]sftav.exe
Name: [random]sftav.exe Type: Executable File
4.	%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random]sysguard.exe
Name: %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random]sysguard.exe Type: Executable File

Registry Details

Livesoftrock.com may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]"

HKEY_CURRENT_USER\Software\AvScan

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"

1 Comment

Don 14 years ago Reply

Research the Livesoftrock.com /Antivirus Soft issue before you do anything.
1) could not get onto the web because the virus blocked me.
2)Spydoctor is a paid program, so when you download it, you still have to pay for it before you can try to fix your computer.
3) Microsoft and Spyblaster did not detect anything so it would not fix the issue.
4) You cant use the task manager to help because everything you try to run is shut down.
5) Shuts down regedit and msconfig as well.

1) Start in safe mode with a copy of hijackthis and run it.
2) Delete anything you dont recognize. Delete anything with proxy server on it.
3) Restart your computer
4) QUICKLY START HIJACK again. before anything else has a chance to boot.
Run hijack again
5) Go into browser tools / internet options /connections /LAN settings / uncheck proxy server.

Several of the recommended fix I found on line did not work. I dont think it was researched to see if it actually worked.

I have been running ok for 7 hours now.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Livesoftrock.com

File System Details

Registry Details

1 Comment

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen