Hi, I have a client who JUST about got nailed by the little b******s that push a fake virus page to you then give you a number to call etc etc.
They called me JUST as they were ALSO on the phone with the scammer, and I got them to hang up before any serious damage could be done...especially to their VISA card!
However, the little buggers managed to put a start up password in Windows BEFORE you get to the users/login screen. This is where the fortunate part comes in. The client was WATCHING AND PAYING ATTENTION! (I know! How rare is that???)
The password used was 'inbound'.
So to use the computer, all you have to do is put in the password 'inbound' and you get to the login screen.
The faker created a homegroup and a hidden homegroup admin account for himself. I got rid of the homegroup and that user, but try as I might, I can't find out where you go to get rid of that password requirement.
(Win 7 home on an Asus i5 laptop)