I check all running processes regular on the computer systems that I use to make sure that the system is safe and that nothing slipped by the defenses.
While that works well, I usually spot processes started by third party programs after installation. Most of the time, they are not needed at all and waste only system resources.
I noticed the LiveUpdate.exe process recently on a Windows PC and was not really sure what to make of it at first. I immediately thought of Windows Live, but since I never heard of the executable before, it was almost certain that it had nothing to do with Microsoft's service.
It is thankfully relatively easy to find out more about a process running on your system.
What is LiveUpdate.exe
The first thing that I usually do is open the Windows Task Manager with Ctrl-Shift-Esc, right-click the process in question, and select properties from the context menu.
The location of the service on the system is displayed here, so that I know its folder location and as part of this usually also the program that installed it on my system.
Note: The process LiveUpdate.exe only shows up if you select to "Show processes from all users" in the Task Manager.
If it is a service, you can get similar information by loading services.msc on your system using the run box or command prompt. The process in this case was a service, and the Services Manager revealed additional information about it.
I knew now that it was created by the software company IObit, likely to power the updating of company products on my system similar to how Firefox or Google Chrome are handling the updating.
Now that I knew that, I started to investigate the matter further. I noticed that I did not have any IObit products installed on my system anymore, which led to the conclusion that LiveUpdate.exe was a leftover that -- for whatever reason -- was not removed during the uninstallation of the last IObit product that made use of it.
Disabling  and removing LiveUpdate.exe
Since there was no IObit program left on the system, it did not really make that much sense to have the updater running in the background at all times.
First thing I did was to change its startup type from automatic to disabled in the Services Manager. I also made sure that the service itself was stopped.
Next thing I did was to delete the service. I have explained how this is done on the linked article. Here is a quick rundown of the commands:
- Tap on the Windows-key and type cmd.
- Right-click cmd.exe in the results and select Run as Administrator from the context menu.
- Type sc delete LiveUpdateSvc and tap on the enter-key.
- This removes the service from Windows.
- You should receive a [SC] DeleteService SUCCESS message.
I checked that the service was indeed deleted, and proceeded to its directory on the system:C:\Program Files (x86)\IObit\LiveUpdate.
I deleted the full directory, and the IObit directory as well, since no products of said company were installed on the system.
It is very likely that you will find orphaned keys in the Registry that point to Live Update. You can run a search for them if you want, but they should not cause any issues on the system. It is alternatively possible to run a program like CCleaner to find orphaned files in the Registry.
 
No comments:
Post a Comment