Below is a screenshot of the Live Security Platinum:
As far as I am aware, Live Security Platinum is being transmitted via fake online virus scanners and pop-up notifications claiming that you need to update your antivirus software. There was a huge decrease in scareware traffic in the past few months. Only a few scareware families were actively distributed and they were insignificant comparing to the number of successfully installed banking trojans and worms. It seems that cyber crooks decided to 'push' other malware, mostly Cridex worm and password stealing trojans Ursnif and Fareit. Besides, there's a new password stealing trojan called Tinba alias Suzy. It belongs to a completely new malware family. This indicates that password stealing trojans and similar malware is taking the lead. Anyway, rogue security programs are still in the game.
Once installed, Live Security Platinum pretends to scan your computer for malicious software. It throws hundreds of fake virus warnings to make you think that you are infected. This rogue security program belongs to the Rogue:Win32/Winwebsec malware family. The previous version of this malware was named Smart Fortress 2012. It re-associates certain file extensions with this software, making it impossible to run task manager, registry editor or even command prompt. The nasty bug may modify Windows host file and change Windows proxy settings. Besides, Live Security Platinum stays active in safe mode. To 'unlock' the allegedly infected computer the user is instructed to pay almost 90 bucks.
Fake security alerts:
When running, this rogue security program blocks legitimate antivirus software and pretty much any other utility that can be used to delete or at least disable this malware. Live Security Platinum hijack web browsers too. It displays a fake securuty warning claiming that the website you are about to visit is not safe and may contain malicious code.
Last, but not least, if you don't remove this malware from your computer or remove it partly, it may continue to operate on your computer and can be used to commit online banking and credit card fraud. What is more, the rogue program can be bundled with TDSS rootkit. It may redirect Google search results to infected or misleading websites.
Live Security Platinum runs from "All User\Application Data" data folder in Windows XP and C:\ProgramData folder in Windows 7. A randomly named folder can be located very easily, unless of course it's hidden. But this isn't a problem either. Here's a quick guide on how to see hidden files and folder in Windows. Simply rename the malicious folder or malicious executable inside the malcious folder and reboot your computer. The rogue security program won't run because it won't find the associated files. Please, note that you still need to scan your computer with anti-malware software to completely remove the rogue antivirus program from your computer.
Another option is to reboot your computer in Safe Mode with Networking, remove Live Security Platinum core components and then run recommend anti-malware software.
And the probably the most easiest way to remove the virus from your PC is to use the debugged registration key to register the rogue program. The rogue antivirus program will disable all restrictions and you will be able to download recommended anti-malware software and run a full system scan without any problems.
To remove this virus and associated malware from your computer, please follow the removal instructions below. If you need help removing this virus, please leave a comment below. Safe surfing folks!
Source: http://deletemalware.blogspot.com
Live Security Platinum removal in Safe Mode with Networking:
1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key.
NOTE: Login as the same user you were previously logged in with in the normal Windows mode.
2. Go to the Start Menu. Select Control Panel → Add/Remove Programs.
If you are using Windows Vista or Windows 7, select Control Panel → Uninstall a Program.
3. Search for Live Security Platinum in the list. Select the program and click Remove button.
If you are using Windows Vista/7, click Uninstall up near the top of that window.
When it asks you to reboot, please do so. After the computer reboots and you are back at your Windows Desktop (Normal Mode), please continue with the next step.
4. Launch Internet Explorer. In Internet Explorer go to: Tools->Internet Options->Connections tab.
Click Lan Settings button and uncheck the checkbox labeled Use a proxy server for your LAN. Click OK.
5. Download recommended anti-malware software (Spyware Doctor) and run a full system scan to remove this virus from your computer.
NOTE: don't forget to update anti-malware software before scanning your computer.
Quick Live Security Platinum removal guide:
1. Open Live Security Platinum scanner. Click the "Registration" button (top right corner). Enter the following debugged registration key and click "Activate" to register the rogue antivirus program. Don't worry, this is completely legal since it's not genuine software.
Once this is done, you are free to install recommended anti-malware software and remove Live Security Platinum from your computer properly.
2. Download recommended anti-malware software (Spyware Doctor) and run a full system scan to remove this virus from your computer.
NOTE: don't forget to update anti-malware software before scanning your computer.
Associated Live Security Platinum files and registry values:
Files:
Windows XP:
- C:\Documents and Settings\All Users\Application Data\[SET OF RANDOM CHARACTERS]\
- %UserProfile%\Desktop\Live Security Platinum.lnk
- %UserProfile%\Start Menu\Programs\Live Security Platinum\
- %UserProfile%\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk
- C:\ProgramData\[SET OF RANDOM CHARACTERS]\
- %UserProfile%\Desktop\Live Security Platinum.lnk
- %UserProfile%\Start Menu\Programs\Live Security Platinum\
- %UserProfile%\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "[SET OF RANDOM CHARACTERS]"
- HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum\
No comments:
Post a Comment