Mar 04

Remove Pc-winlive.com hijacker (Removal Instructions)

Hijackers Add comments

Threat Description:

Speaking about Pc-winlive.com website, we ought to mention that it is a hijacker, i.e. a domain pushing insecure software. Pc-winlive.com is associated with the campaign of Windows Defender 2010 scareware promotion. It’s integrated with the rogue antivirus software’s billing system and thus serves for the purpose of selling this nasty tool. Pc-winlive.com is visited if a random alert generated by Windows Defender 2010 is pushed. So it just redirects your browser and makes you to go online places you definitely don’t feel like visiting. Pc-winlive.com describes the sponsoring rogue antivirus software as fast, safe, easy to use and trusted by millions. But in fact, Windows Defender 2010 is a corrupt application that intrudes on your machine without asking if you mind or not. It can’t and doesn’t help you protect your computer at all. So if you get directed to Pc-winlive.com, don’t forget to check your system for viruses and other malware using reliable security software that does work. By no means should you purchase anything which is being pushed on Pc-winlive.com. You may otherwise end up wasting your money and putting your system at risk. Below are a couple of helpful tips on how to prevent Pc-winlive.com from redirecting your web browser.

Determine if your system is infected with Pc-winlive.com hijacker and related threats:

Download Pc-winlive.com Infection Free Scanner with Remover

Pc-winlive.com Screenshot:

Pc-winlive.com

How to remove this threat manually:

Pc-winlive.com manual uninstall procedure:

Get rid of the related corrupt files:

  • %Documents and Settings%\[UserName]\Application Data\av.exe
  • %Documents and Settings%\[UserName]\Application Data\WRblt8464P

Delete the associated registry entries:

  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
  • HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
  • HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1″
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1″

Please note that Pc-winlive.com manual removal is a procedure of high complexity and should be performed with extreme caution. Lack of the required skills and even the slightest deviation from the instructions may cause irreparable system damage. To ensure trouble-free deletion, it is recommended to use the automatic removal tool below:

Download Pc-winlive.com Removal Tool

Leave a Reply