“Live Security Platinum” is FakeAV SystemTool

June 10, 2012 by NightWatcher
Filed under: FakeAV 
: Solved!

Fix it immediately:

The Live Security Platinum is a Fake Antiviral software.
You must delete the Live Security Platinum immediately!
Delete the Live Security Platinum without delay!
Kill the process Live Security Platinum and remove Live Security Platinum from the Windows startup.

Malware Analysis of “Live Security Platinum”
Full path on a computer: %Common Appdata%\529C50C9212C2CDD013C3344D151FC4E\529C50C9212C2CDD013C3344D151FC4E.exe

Detected by UnHackMe:

Item Name: 529C50C9212C2CDD013C3344D151FC4E
Author: Unknown
Related File: %COMMON APPDATA%\529C50C9212C2CDD013C3344D151FC4E\529C50C9212C2CDD013C3344D151FC4E.EXE
Type: Registry RunOnce

Removal Results: Success
Number of reboot: 1

“Live Security Platinum” is known as:

FakeAV.SystemTool

“Live Security Platinum” hash:

  • MD5: b9a82202a1908bc43a3fc61cec49e5b0
How to quickly detect “Live Security Platinum” presence?

Registry:
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\529C50C9212C2CDD013C3344D151FC4E: “%Common Appdata%\529C50C9212C2CDD013C3344D151FC4E\529C50C9212C2CDD013C3344D151FC4E.exe”
Folders:
  • %Programs%\Live Security Platinum
  • %Common Appdata%\529C50C9212C2CDD013C3344D151FC4E
Files:
  • %Desktop%\Live Security Platinum.lnk
  • %Programs%\Live Security Platinum\Live Security Platinum.lnk
  • %Common Appdata%\529C50C9212C2CDD013C3344D151FC4E\529C50C9212C2CDD013C3344D151FC4E
  • %Common Appdata%\529C50C9212C2CDD013C3344D151FC4E\529C50C9212C2CDD013C3344D151FC4E.exe


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Tags: FakeAV, SystemTool

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.