I was working with a client on Friday to remove a nasty malware called Antivirus Live. This rogue and fake antivirus program disables the browser from accessing the internet. It prevent users from launching or installing applications. The virus hijacks the computer with popups telling the user the computer is infected with many viruses, although they are not really there. The fake antivirus program recommends that a user buy their antivirus program to remove the viruses.
A year ago, I posted an article documenting how to remove the Antivirus Pro virus. It’s similar to Antivirus Live, in that it fakes the user there are viruses on the computer and recommend users to buy their own solution. Battling Antivirus Live is a bit more involved because the tools and processes I use before were ineffective with Antivirus Live. I ran Malwarebytes but it did not detect any malware or viruses.
So, I searched the internet for Antivirus Live and came across this website. It recommends that you use SuperAntiSpyware, MalwareBytes and Microsoft Security Essentials to remove Antivirus Live virus. The SuperAntiSpyware program turned out to be the super star. It was able to remove Antivirus Live as well as a few more. In the end, it found 67 items, in which 2 were viruses, and the rest were tracking cookies. I was disappointed with MalwareBytes. I’m not convinced with Microsoft Security Essentials either, but I left it on the computer.
If you ever face the Antivirus Live virus, just follow the instructions here.
One thing I forgot to mention. I had to boot into Windows Safe Mode (Press F8 on boot up) to perform all the drive scans. Otherwise, it would be impossible to launch any program in normal Windows mode since the computer is hijacked.