tkajdi
2012-07-24, 23:15
Hi!
while atempting to download Acrobat reader my wife has accidentaly downloaded a program which identifies itself as "Live Security Platinum", one of those fake AV programes, which tries to make her pay ransom to stop taking control of the PC.
The computer is an IBM T60, runs on XP SP3 (MS Windows is genuine and constantly updated from the original SP1) and is otherwise well protected with FortiClient (Free Edition, the laptop is privately owned and not part of a Fortinet-secured network), but FC was not able to intercept or stop the malware, allthough attempts seem to be running, as FortiClient process icons keep multiplying in the Taskbar.
The only process/program we are able to start on the infected PC is MS Explorer.
Since yesterday we have attempted to install a download of S&D, but it was blocked by the malware, both from file and by running it from the web. Upon that we have purchased and downloaded an ISO from your website. The CD loads well, scans and reports fixes (we made four runs so far, max no. of fixes was 15), but we found no way to install the program as long as the laptop is booted from the CD, and as soon as the laptop is booted form the hard drive the malware takes control of the PC again.
I am writing this from an uninfected machine.
I very much appreciate your help.
Best regards,
tkajdi
http://forums.spybot.info/showthread.php?t=66371
while atempting to download Acrobat reader my wife has accidentaly downloaded a program which identifies itself as "Live Security Platinum", one of those fake AV programes, which tries to make her pay ransom to stop taking control of the PC.
The computer is an IBM T60, runs on XP SP3 (MS Windows is genuine and constantly updated from the original SP1) and is otherwise well protected with FortiClient (Free Edition, the laptop is privately owned and not part of a Fortinet-secured network), but FC was not able to intercept or stop the malware, allthough attempts seem to be running, as FortiClient process icons keep multiplying in the Taskbar.
The only process/program we are able to start on the infected PC is MS Explorer.
Since yesterday we have attempted to install a download of S&D, but it was blocked by the malware, both from file and by running it from the web. Upon that we have purchased and downloaded an ISO from your website. The CD loads well, scans and reports fixes (we made four runs so far, max no. of fixes was 15), but we found no way to install the program as long as the laptop is booted from the CD, and as soon as the laptop is booted form the hard drive the malware takes control of the PC again.
I am writing this from an uninfected machine.
I very much appreciate your help.
Best regards,
tkajdi
http://forums.spybot.info/showthread.php?t=66371