Live security platinum

[junkhead]

Hi,

I just got infected with Live Security Platinum and was hoping to ask for some help. I was infected with LSP a while back and was able to follow the guides to get rid of it but this one keeps coming back. My question is should I try and ask for HijackThis help or should I wait to see if Malwarebytes (Mb) updates their definitions or whatever to get rid of it? The reason I'm asking is because I've ran a fully updated Mb on safe mode and LSP keeps coming back and from what I can see there appears to be a new version out so I don't know if Mb has updated their definitions yet. I also tried to run Rkill and then Mb as stated in the following guide - http://malwaretips.com/blogs/live-security-platinum-virus/ but my computer shuts down during the process of running Rkill in safe mode and then when it starts back up LSP is right back in the mix. Any help and/or suggestions? Thanks a bunch.

[junkhead]

Oh jeez, I missed the 'I'm infected- What do I do now' sticky. I'll go ahead and do that, sorry if it means I'm going to double post.

[junkhead]

Sorry for adding replies to my own thread, I was late in reading the 'What do I do now?' sticky. Also, the sticky didn't say whether it mattered if the DDS was run in safe mode or not and my computer is already in safe mode so I ran it in safe mode.

I have run CCleaner after the initial Mb scan didn't fix the LSP infection and I've also run the registryfix.reg file when following the guide linked to in my first post, just in case those matter when reading the DDS logs. Thanks a bunch again for any help.

Attach.zip

DDS.txt

[junkhead]

Sorry again if I'm screwing things up by adding (a shitload of) replies to my own post but I read another post where the person replying asked for a Malwarebytes log so I'm adding one to this thread as well to save time if it would be needed in my case as well. Thanks again.

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.10.09

Windows 7 x64 NTFS (Safe Mode/Networking)

Internet Explorer 8.0.7600.16385

John :: JOHN-PC [administrator]

8/10/2012 11:57:27 PM

mbam-log-2012-08-11 (00-01-06).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 193675

Time elapsed: 2 minute(s), 50 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 3

C:\Windows\Installer\{fcc0c071-915d-ad9d-bb1d-4c676108313d}\U\00000008.@ (Trojan.Dropper.BCMiner) -> No action taken.

C:\Windows\Installer\{fcc0c071-915d-ad9d-bb1d-4c676108313d}\U\000000cb.@ (Rootkit.0Access) -> No action taken.

C:\Windows\Installer\{fcc0c071-915d-ad9d-bb1d-4c676108313d}\U\80000032.@ (Rootkit.0Access) -> No action taken.

(end)

[junkhead]

Sorry for replying to my own thread again but I'm just trying to update what the problems are. I installed and ran Superantispyware and it looked to have gotten rid of the LSP problem but when I tried to update and run Microsoft Security Essentials it said it wasn't installed. I then tried to install it by going to the MSE website but it said it was installed so I uninstalled MSE and went to the MSE website to re-install it and it installed. Then when MSE updated and ran I got the following error message- "Windows has encountered a critical problem and will restart automatically in one minute. Please save your work now." The first time I ever got that message was after running the registry file in the guide linked to above and was trying to run Rkill as the next step. It would constantly restart and Rkill would never finish. Then after restarting MSE gave a warning that I had a critical trojan that could receive instructions from an attacker. I deleted the files and was thinking about running system restore to try and repair whatever is causing the 'critical problem' messages but now they keep on happening, even in safe mode so I'm going to wait and see if anyone is able to help. Thanks again.

[Gammo]

Hi junkhead and welcome at the Malwarebytes forum!

We appologise for the delay in responding to your request for help. Please let us know if you still need our help. If you do, please perform the following steps below so we can have a look at the current condition of your machine.

We need to create an OTL Report

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• Check the box that says Scan All Users.
  
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
    

[Maurice Naggar]

@junkhead

Are you still with us? Have you resolved your issue ?

If we do not hear back from you soon, this thread will be closed.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!