Live Security Suite

Live Security Suite Descripción

El Live Security Suite es una falsa aplicación de seguridad que se propaga a través de troyanos, sitios web malignos o descargas ilegales. El Live Security Suite se instala sin el conocimiento del usuario, y una vez dentro del sistema, crea una entrada de inicio en el registro. Para asustar a los usuarios y venderles su versión completa inexiste, el Live Security Suite muestra falsos análisis, avisos y alertas de seguridad afirmando que el sistema está infectado con malware peligroso. Los usuarios deben hacer caso omiso de estos avisos y quitar al Live Security Suite de sus sistemas lo más pronto posible.urity Suite Informe Técnico

Nosotros actualizaremos esta sección cuando nuevos detalles sobre Live Security Suite sean reportado por nuestros clientes y nuestro Centro de Investigación de Amenazas.

Información Técnica

Detalles del Sistema de Archivos

Live Security Suite tiene típicamente los siguientes procesos en la memoria:
# Nombre Recuento de Detección
1 %UserProfile%\Application Data\Live Security Suite\unins000.exe N/A
2 c:\Program Files\Live Security Suite\db\WMILib.dll N/A
3 c:\Program Files\Live Security Suite\LiveSS.exe N/A
4 %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe N/A
5 c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite\Live Security Suite Home Page.lnk N/A
6 c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite\Purchase License.lnk N/A
7 c:\Program Files\Live Security Suite N/A
8 c:\Program Files\Live Security Suite\unins000.dat N/A
9 c:\Program Files\Live Security Suite\db N/A
10 %UserProfile%\Application Data\Live Security Suite N/A
11 %UserProfile%\Application Data\Live Security Suite\db\config.cfg N/A
12 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Live Security Suite.lnk N/A
13 %UserProfile%\Desktop\Live Security Suite.lnk N/A
14 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png N/A
15 c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite N/A
16 c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite\Purchase Licence.lnk N/A
17 c:\Program Files\Live Security Suite\db\lists.ini N/A
18 c:\Program Files\Live Security Suite\Explorer.ico N/A
19 c:\Program Files\Live Security Suite\working.log N/A
20 c:\Program Files\Live Security Suite\Languages N/A
21 %UserProfile%\Application Data\Live Security Suite\uill.ini N/A
22 %UserProfile%\Application Data\Live Security Suite\db\Urls.inf N/A
23 %UserProfile%\Application Data\Live Security Suite\db N/A
24 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png N/A
25 %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini N/A
26 c:\Documents and Settings\All Users\Desktop\Live Security Suite.lnk N/A
27 c:\Documents and Settings\All Users\Start Menu\Programs\Live Security Suite\Live Security Suite.lnk N/A
28 c:\Program Files\Live Security Suite\db\ia080614.db N/A
29 c:\Program Files\Live Security Suite\activate.ico N/A
30 c:\Program Files\Live Security Suite\uninstall.ico N/A
31 c:\Program Files\Live Security Suite\db\DBInfo.ver N/A
32 %UserProfile%\Application Data\Live Security Suite\settings.ini N/A
33 %UserProfile%\Application Data\Live Security Suite\db\Timeout.inf N/A
34 %UserProfile%\Application Data\Live Security Suite\Uninstall Live Security Suite.lnk N/A
35 %UserProfile%\Desktop\LiveSS.exe.txt N/A
36 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png N/A

Detalles del Registro

Live Security Suite crea las siguientes entradas de registro:
RegistryKey
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PrS" = "http://gen-avpay.com/choose/?productid=GENAV3&uid=0&machineid=c3f92274b4b15694ae2311bd2316c727"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallDisableNotify" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent "URLSS[2.0.3.0]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Suite_is1
HKEY_CURRENT_USER\Software\Live Security Suite
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Live Security Suite"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AVPath" = "\\.\root\SecurityCenter:AntiVirusProduct.instanceGuid="{653E64F8-62B6-4F96-B22D-4FFC6E44130E}"
HKEY_LOCAL_MACHINE\SOFTWARE\Live Security Suite
HKEY_CURRENT_USER\Software\Microsoft\FTP "SearchDir" = "C:\Program Files\Live Security Suite\"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "uniname" = "Live Security Suite_is1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirstRunDisabled" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "UpdatesDisableNotify" = "0"

Más Detalles Sobre Live Security Suite

Se encontraron los siguientes mensajes asociados con Live Security Suite:
Intercepting programs that may compromise your privacy and harm your system have been detected on your PC. Click here to remove it immediately with Live Security Suite.
Internet Explorer has closed this webpage to help protect your computer.
A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage.
Live Security Suite has detected harmful software in your system. We strongly recommended you to register Live Security Suite to remove these threats immediately.
Live Security Suite has found %Found% viruses on your computer. It is recommended to disinfect files as soon as possible.
Malicious spyware that can harm your system has been detected on your PC. Click here to remove this riskware immediately with Live Security Suite.
Privacy Violation alert!
Live Security Suite detected a Privacy Violation. A program is secretly sending your private data to an untrusted internet host. Click here to block this activity by removing the threat (Recommended).
Self restoring Trojan virus that can lead to total system crash has been detected on your PC. Click here to remove this harmful virus immediately with Live Security Suite.
Spyware activity alert!
Spyware.BrowserDeath activity detected. This kind of spyware is attempts to steal passwords from Internet Explorer, Mozilla Firefox, Opera and other programs, including logins and passwords from online banking sessions, eBay, PayPal, etc.
System files modification alert!
Some critical system files of your computer were modified by malicious program. It may cause system instability and data loss. Click here to block unauthorized modification by removing threats (Recommended).
Tracking cookies that steal your passwords, accounts and credit card information have been detected in your system. Click here to remove them immediately with Live Security Suite.
Your PC is still infected with dangerous viruses. It is strongly recommended to activate antivirus protection to prevent data loss and to avoid the theft of your credit card details. Click here to activate protection.

Artículos Relacionados