Need Some Help, Got The Live Security Platinum Trojan. F-Secure Didn't Stop It

  I have F-Secure through my internet provider Centurylink. This "Live Security Platinum" trojan got into my computer and blocked the F-Secure security software from working. This trojan took over my whole computer and even though the Centurylink security program (F-Secure) tried to work it didn't and the "Live Security Platinum" trojan stopped the F-Secure program like it was nothing.

 

  I finnaly got rid of the trojan with the free Malwarebytes security program in safe mode. Malwarebytes took it out in one sweep.

 

  My question is, why isn't my F-Secure security program provided to my through Centurylink blocking these types of trojans and when they do get in why isn't the F-Secure program not able to remove this trojan?

 

  Please advise.

Comments

  • Hi Junkee,

    Our Labs is working round the clock for gathering and analyzing hundreds of thousands of malicious samples every day to add detections into our virus definition database. New viruses are found daily and although heuristic scanning can significantly improve the detection of new viruses, technology used by virus authors continually changes as they try to avoid detection.

    Find more details on F-Secure Labs:
    http://www.f-secure.com/en/web/labs_global/what-is-labs
     
    Computers can be infected in many ways. For example:
    - Downloading files/drivers from an unreliable web sites.
    - Copying infected files from floppy or USB drives.
    - Opening email from unknown and suspicious senders.

    The following recommendations will assist in protecting your computer from infection:
    - Make sure that your security program is turned ON.
    - Make sure that all important/critical updates, including service packs for the operating system and programs are installed from Microsoft Update (Windows Update).
    - Make sure that installed applications, especially your web browser, Adobe Acrobat, Adobe Flash, and Java are at their latest versions. Many vendors are regularly updating and patching for security holes.
    - Never click through links from unknown sources and use caution even if they are from a "trusted" source.
    - Never open unsolicited email attachments.
    - Practice safe web browsing.

    Thanks.


    Best Regards,
    Jayson

  • celavey
    celavey Posts: 34 Observer

    This usually happens when the threat is new to the AV you are using. I just hope it won't happen to me. Is there a way to prevent this in the future? image

  • Junkee
    Junkee Posts: 3

    Yes there is something you can do about it before it happens.

     

    I'm very sorry I have to say this on the F-Secure forum and in front of all the F-Secure personal.

     

    The solution is to Download Malwarebytes free security script. Maybe Microsofts free security script can do it but I am unsure. I do know Malwarebytes cleans it right out. If your computer gets infected the Malwarebytes script has a function to get past the trojans jamming up access and get the trojan removed.

     

    No, I'm not going to get rid of F-Secure. I just run Malwarebytes along side it. I had one tech at Centurylink tell me the two programs run Ok side by side.

     

    I sure hope F-Secure can get on top of this trojan and any others before I get infected with the Live Security Platinum trojan again and getting re infected is known to happen.

     

    Good Luck!

  • Dear F-Secure Customers,

     

    you can use our own F-Secure EasyClean for detecting and removing the malware. Download location is available below:

     

    http://www.f-secure.com/en/web/labs_global/removal/easy-clean/

     

    You will need to boot the machine into “Safe Mode with Networking” and execute EasyClean. Please note that live internet connection is required in order to have a higher success rate.

     

    If EasyClean fails to detect or remove the malware, please try the following manual removal steps:

     

    1. Boot the machine into Safe Mode.

    2. Click Start > Run then type in msconfig.

    3. Go to Startup tab, uncheck the random name entry (eg. pjsldim9.exe or RKax6mrugjcJY7.exe) and click Apply. Click Ok and select "Exit without restarting”.
    4. Next, uncheck "Show hidden files and folders" and "Hide protected operating system files (Recommended)" from Folder Options (Control Panel > Folder Options).
    5. Next, go to the following folder and delete the random named.exe file:

             i.            For WinXP, go to

    1. C:\Documents and Settings\<infected user account>\Local Settings\Temp
    2. C:\Documents and Settings\<infected user account>\Application Data

           ii.            For Win Vista/7, go to

    1. C:\Users\<infected user account>\AppData\Local\Temp
    2. C:\ProgramData

    6. Once done, restart the machine and see if infection still appears.

     

    Note: The random name.exe might only exist in either Temp or Application Data folder and not both together. If only one folder has the random name.exe, it is normal.

     

    If you are still having issues even after using EasyClean or manual removal, please open a support ticket by sending an email to xxxx@f-secure.com and our support engineers should be able to guide you further.

     

     

    [Moderator edit, this email address is no longer in use, please refer to the web form:

    http://www.f-secure.com/en/web/home_global/support/contact/request]

  • Junkee
    Junkee Posts: 3

    OK, I will download and see how it preforms. I like the safemode removal. Looking forward to having it on my computer.

     

    Thank You!

This discussion has been closed.
Feedback on New Design