Sign in with
Sign up | Sign in
Your question
Closed

Fake FBI Virus has PC locked down...help please!

Tags:
Last response: in Windows 7
Share
June 20, 2013 5:12:34 PM

my son was using my Win 7 Alienware PC and now it has the fake fbi virus requesting money to unlock. I know I should be able to start in Safe mode and remove but the pc won't let me. I keep tapping F8 but it does nothing until i let it go. then it just boots to the lock screen. I also tried putting kapersky rescue disck 10 on usb but the pc isn't booting of usb. any suggestions?? Thanks, Eric

More about : fake fbi virus locked

a b $ Windows 7
June 20, 2013 7:02:49 PM

That is where you need to boot to the recovery disk you created with your virus program. See if it will recognize the virus and destroy it.
June 20, 2013 7:13:24 PM

clutchc said:
That is where you need to boot to the recovery disk you created with your virus program. See if it will recognize the virus and destroy it.


I tried but it won't boot from CD or USB.
Related resources
a b $ Windows 7
June 20, 2013 7:19:19 PM

If you disconnect your HDD data cable, can you boot to the recovery disk?
June 24, 2013 8:39:25 AM

I've removed this one several times actually. Combofix will be able to remove this, but even if you get into safe mode you will still get the fake fbi virus to cover your whole screen. I highly suggest using hirens rescue cd and then run combofix. You said you can't boot from cd or usb make sure you go into BIOS and check your boot options.
a b $ Windows 7
June 24, 2013 11:23:06 AM

To workaround this select Safe Mode with Command prompt and at the prompt, type
net user /new fred fred2013
then hit Enter. Restart into Normal Mode and choose Fred from the login screen and use the password fred2013 to allow yourself access. In Control Panel>User Accounts, give the fred account administrative privileges, using your password when prompted.

Download and run ComboFix (being careful to ensure that is what you're downloading - it's full of traps) and hopefully, it will deal with this threat. Before restarting after the CF log appears, bring up the Open box and type
combofix /uninstall
and press Enter. It will appear to be installing but is actually uninstalling. restart after all that and run your own AV to clear up.
!