I'm a college student moonlighting as a part-time computer tech. Today, I was sent to remove the FBI Virus from a home user's computer, something I have done for several other people. This time, though, I was unsuccessful. I'm a firm believer in booting infected computers from an uninfected drive. So, I have Malwarebytes on a DVD running Windows PE, so I can boot from it at client's homes. As you know, the FBI Virus blocks all user access to the computer when booting to the regular desktop, and sometimes--as in this case--prevents booting into Safe Mode, too. I also have BitDefender 2012, which boots from a Linux disk. Finally, I have Microsoft Security Essentials loaded on a laptop. Usually, Malwarebytes takes 1.5 to 2 hours to scan a computer, but it only needed 19 minutes to scan this client's computer. It failed to find any infected files, though. I then ran BitDefender. It also needed an unusually short time (17 minutes) to scan, and it also failed to find any infected files. So, I removed the hard drive from the client's system and hooked it up to my laptop via my USB port and ran Security Essentials on its partitions. I had to stop the scan after 515,000 files scanned in 2 hours. The client had an old Dell OS disk, but it was unable to find the version of Windows on the machine (it said it could not work on systems prior to Vista, and the client was using Windows XP). I was able to gain command line access using this disk, but not much else. I also could use a DOS utility on one of my own disks to give me some command line access, but accessing NTFS partitions required me to load a utility that couldn't run with anything else. I went to the command line and searched for files known to be associated with FBI Virus. I could not find any. I also checked file attributes, to ensure I saw all hidden files. I attempted to run explorer from the command prompt, but the system returned to the command line without any indication after I launched the command. I also attempted to run system recovery from the CLI, but it also returned to the prompt without comment. I attempted to get into Task Manager from the desktop, but FBI Virus blocked my keystrokes. I've never had this happen, that I could not find any trace of an infection that I could see was there. What do you make of it? What else could I have tried? Sorry, I don't have any log files. Thank you.
