Live Security Platinum

Bought my ex-wife a new computer last week.  I downloaded MSE for her.

She called and was frantic that a program by the name of "Live Security Platinum" had more or less taken over her computer...Ha ha.

I had her do a hard reboot then go to programs and delete.

It seems to be gone she says.

Why didn't MSE prevent this virus???

 

Question Info


Last updated May 16, 2018 Views 176,737 Applies to:
Answer

http://www.bleepingcomputer.com/virus-removal/remove-live-security-platinum.

You gave her excellent advice.   The latest rounds of fake AV programs change their characteristics and signatures multiple times per day to help avoid detection...in this case it was probably successfully bypassing MSE and your action (hopefully) prevented the infection.

 

But I suggest you have her delete temporary internet files, scan with MSE, and also consider using Malwarebytes Free,  Superantispyware Portable and TDSS Killer to be sure it's gone.

 

Go to www.malwarebytes.org and download, install, update and run the free version – just follow the prompts.  The prompt  asks if you want to Start trial or Decline.  To get the free version (without real-time scanning or web site blocking features) you need to choose Decline.  You may need to rename the installation file to 123.exe or something similar to prevent the malware from disabling/blocking the installation.  Or you might want to download the installation file to a flash drive or CD and then install Malwarebytes on the infected computer.

 

And/or

Try Superantispyware Portable at: http://www.superantispyware.com/portablescanner.html

SuperAntiSpyware  Portable is "designed" to be downloaded onto a flash drive (or CD) and you could then insert the drive into your computer and run it from there.  If you do that you may need to scan the flash drive for malware after using it on the infected computer.  Superantispyware is a very good scanner but will also identify and remove cookies which are not considered to be malware.

And/or

Try TDSS Killer: http://support.kaspersky.com/faq/?qid=208283363   This can be run from a flash drive.

 

I'm not employed by Microsoft and have no interest in promoting MSE other than to try and answer your question. 

No antimalware program can provide 100% protection. All AV vendors (whether free or paid versions) fight a constant battle to stay ahead of the authors of malware and keep their databases updated and current...in fact we sometimes receive complaints on these forums regarding failure of other AV programs to adequately protect computers…see these threads: http://answers.microsoft.com/en-us/protect/forum/protect_scanning/how-do-i-get-rid-of-the-smart-internet-protection/2d19448c-7cc7-451d-88c6-c9db9b2f7a3e#e5a340d7-0ee2-4335-a357-291d1989f26e, http://answers.microsoft.com/en-us/protect/forum/protect_scanning/pack-win107-2121/7e7385e1-c5db-4d1a-9aa5-b0279af0849c and http://answers.microsoft.com/en-us/protect/forum/protect_scanning/smart-hdd-virus/f0f6f6b9-1568-4188-80f3-4c338702b645. MSE is not perfect but it seems to be doing as good a job against malware as any of the AV programs.

 

Watch out for fake virus alerts

Rogue security software, also known as "scareware," is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions.

How does rogue security software get on my computer?

Rogue security software designers create legitimate looking pop-up windows that advertise security update software. These windows might appear on your screen while you surf the web.

The "updates" or "alerts" in the pop-up windows call for you to take some sort of action, such as clicking to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, the rogue security software downloads to your computer.

Here's a comprehensive list of suggestions on handling such "attacks" by Stephen Boots, MSE Forum Moderator:

 

Unfortunately, these type of malware attacks are difficult to keep up with because they trick you into letting them install. They usually come from an infected web site, and usually through an advertisement. You get a pop-up from the infection and you click it to close the pop-up - which allows the infection to install.  They can also be delivered in a "drive-by" fashion with no action needed by the user due to the system being unpatched, no matter what security software is running.

 

 

When you encounter one of these fake virus pop-ups while browsing, immediately do the following:

-Do not touch any browser window to close it or browse further.
-Immediately press Ctrl-Shift-Esc and bring up Task Manager and forcibly end all instances of iexplore.exe, if using Internet Explorer, or the executable for the browser you are using.
--or--
-Go to Start/Shut Down and restart the PC without touching any browser windows.
-If you used task manager to close browser instances, reboot the machine.
-Then go to Control Panel/Internet Options and delete all temporary Internet Files and cookies. If you are using an alternate web browser, open the browser settings to do the same - delete the local cached files and cookies.
-Perform a full scan with your antimalware program.

The above steps should prevent the infection from taking hold.


 

Besides using an antimalware program, the following recommendations will assist in protecting the PC from infection:

-Make sure that the Windows Firewall is enabled.

-Make sure that all important/critical updates, including service packs for the operating system and programs are installed from Microsoft Update (Windows Update).

-Make sure Internet Explorer is at version 8 or higher and updated with all patches.

-In Internet Explorer 8 or 9, use the SmartScreen Filter.

-Make sure that IE Internet Security settings are at least set to medium-high (default).

-Enable the pop-up blocker in IE.

-On Vista and Windows 7 make sure thatUser Account Control (UAC) ON  and not running with elevated privileges.

-Make sure that Windows Automatic Updates are set to at least notify, but the preferred setting is to download and install automatically. If you update manually, be sure to update as soon as possible after being notified of available updates.

-Make sure that installed applications, especially Adobe Acrobat, Adobe Flash, and Java are at their latest versions. Many vendors are regularly updating and patching for security holes.

-Never click through links from unknown sources and use caution even if they are from a "trusted" source.

-Never open unsolicited email attachments.

 

Regards...

 

 

http://voices.washingtonpost.com/securityfix/2009/09/what_to_do_when_rogue_anti-vir.html#more

 

http://ask-leo.com/why_dont_antimalware_tools_work_better.html

 

 

Microsoft Security Essentials – Installation Checklist and Frequently Asked Questions

 

 

 

 

 

MVP Consumer Security 2014-2016
Windows Insider MVP 2016-2018

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.