Jump to content

I am in dire straits, computer lock out


Go to solution Solved by AdvancedSetup,

Recommended Posts

  • Replies 58
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Hello @Allenmrrill Sorry for the delay, I was caught up in another project.   Please go ahead and create a bootable USB thumb drive with Windows 10 to boot from Use the Media Creat

Create the Windows 10 USB thumb drive with the Window Media tool. I think you have already done that. Then download the FRST program onto the good computer Then insert the USB thumb drive in

Posted Images

  • Root Admin

Create the Windows 10 USB thumb drive with the Window Media tool. I think you have already done that.

Then download the FRST program onto the good computer

Then insert the USB thumb drive into the good computer and copy the FRST program onto the USB thumb drive too

Then boot up the Bad computer with the USB thumb drive.

Then find, and access the FRST64.EXE program - probably on D:

 

  • Confused 1
Link to post
Share on other sites
  • Root Admin
Posted (edited)

No, FARBAR is a single EXE file that you need to download. Then AFTER you create the USB thumb drive Windows 10 installer, you copy the FRST64.exe to that USB drive.

How to Create Installation Media for Windows 10 | Microsoft

 

Windows Media Creation Tool

https://aka.ms/windows10

 

FARBAR - FRST program

Please download Farbar Recovery Scan Tool and save it to your desktop.

Then, AFTER you have finished creating the Windows 10 USB installer on the USB thumb drive, copy FRST64.EXE to that same USB drive.

Then remove the USB disk. Put it into the bad computer and boot from that USB disk. You may need to go into the BIOS / UEFI settings to access the boot menu to show the USB boot option.

 

 

 

Edited by AdvancedSetup
updated information
Link to post
Share on other sites

Wow... feeling really stupid. Trying to make sense of this sh!t. Trying to figure out how I am to use win10 to build. See what you are saying now. I don't load the farbar to the usb but have to use the usb to burn it. If I am wrong you can give up.

 

Link to post
Share on other sites
  • Root Admin

I've been doing forum support now for 13 years and have helped thousands of users. 

We're offering a free service here to assist everyone not just you as an individual so perhaps if you don't understand maybe there are others and having a video may help others too.

Thanks

 

Link to post
Share on other sites

okay so i did do it right. 

however my file was incorrect cause of a copy.

 

it was.........frst64 (2).exe

sorry for the headache. 

 

hit me when ever cause i only sleep 5 hours out of every 48

 

 when you wanna get it done and i will get on.

FRST.txt

Edited by AdvancedSetup
removed phone due to privacy concerns
Link to post
Share on other sites
  • Root Admin

Thank you for the log @Allenmrrill

The good news is that there are no obvious signs of an infection or encryption going on. It would appear that something else is probably preventing the computer from starting up properly.
Another good thing is that there appear to be some Restore Points on the system that you can try to recover to which should restore the computer back to a working condition again.

==================== Restore Points  =========================

  • Restore point date: 2021-03-25 06:18
  • Restore point date: 2021-03-26 11:26
  • Restore point date: 2021-04-02 21:25
  • Restore point date: 2021-04-05 21:48

 

If  you can start the computer into Safe Mode you may be able to do it that way. If it won't go into Safe Mode then you can boot from the USB Windows installer disk you made and use that.

From SAFE MODE:

Start your PC in safe mode in Windows 10

Choose Troubleshoot from the Choose an Option screen

image.png

Under Troubleshoot choose Advanced options

image.png

Under Advanced options choose System Restore

 

image.png

 

image.png

Place a check mark on the Show more restore points to see all available restore points

 

image.png

 

Then try working from newest restore point to oldest restore point and see which one if any of them work for you or not

 

If you cannot get into Safe Mode from the PC then boot from the USB Windows 10 install disk you made

 

Click on the Next button

image.png

That will bring up the following screen - Click on the Repair your computer link

image.png

 

Then go through the options as shown above for Safe Mode and perform the System Restore

Let me know how that works out

Thank you

 

 

 

Link to post
Share on other sites
  • Root Admin

I'm simply trying to get you back into the computer. If you're afraid or don't want to get back in then you can format the drive and reinstall Windows clean.

 

The following is not approved or recommended by Malwarebytes - this is just a video I saw online and is not an endorsement. You choose if you want to use it or not.

How to reset forgotten password in Windows 10

https://www.virustotal.com/gui/file/860615004cc89afb126122dc610903fa1a21b9769e5431568d0c5adcf22fe1cd/detection

 

Approved Microsoft methods, but rarely seem to work for most users.

Change or reset your Windows password
https://support.microsoft.com/en-us/windows/change-or-reset-your-windows-password-8271d17c-9f9e-443f-835a-8318c8f68b9c

Reset your Windows 10 local account password
https://support.microsoft.com/en-us/windows/reset-your-windows-10-local-account-password-86912508-e584-37cc-86eb-6e9b0542b5ba

 

Edited by AdvancedSetup
updated information
Link to post
Share on other sites

i am lost... these pages mess me up..

 

Thank you Advance Setup; i was successful in restoring everything as well as the Virus i have been fighting. My hacker says Hello... LOL what a nut he is...

But in the thick of it you were very professional and very understanding. I dont know how to give you an achievement award so i will settle with the work is its own award... I think that sucks but it is to hard to communicate in this forum. if you have any idea how to get rid of this virus that malware bytes can even control or find let me know... thanks again... 

Link to post
Share on other sites
  • Root Admin

Well, now that you're into the computer and is running again let me get new logs and we'll see what we can do to fix it.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Thank you

 

 

Link to post
Share on other sites
  • Root Admin

Please go to Control Panel, Programs, Programs and Features  and temporarily uninstall the following

AVG AntiVirus FREE

Then restart the computer and run the following scans for me.

 

 

 

Please run the following steps and post back the logs as an attachment when ready.
Temporarily disable your antivirus or other security software first. Make sure to turn it back on once the scans are completed.
Temporarily disable Microsoft SmartScreen to download software below if needed. Make sure to turn it back on once the scans are completed.
If you still have trouble downloading the software please click on Reveal Hidden Contents below for examples of how to allow the download.

 

Spoiler
 
 
 
 

 

 

 

 

 

 

 

Spoiler

 

 

 

 

 

 

 

When downloading with some browsers you may see a different style of screens that may block FRST from downloading. The program is safe and used hundreds of times a week by many users.

Example of Microsoft Edge blocking the download

image.png

image.png

image.png

 

 

 

 

 

 

 

 



STEP 01

  • If you already have Malwarebytes installed then open Malwarebytes and click on the Scan button. It will automatically check for updates and run a Threat Scan.
  • If you don't have Malwarebytes installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and select Scan and let it run.
  • Once the scan is completed make sure you have it quarantine any detections it finds.
  • If no detections were found click on the Save results drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If there were detections then once the quarantine has completed click on the View report button, Then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know in your next reply that the scanner would not run.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Double-click to run the program
  • Accept the End User License Agreement.
  • Wait until the database is updated.
  • Click Scan Now.
  • When finished, if items are found please click Quarantine.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Attach or Copy its content into your next reply.

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here each time
  • Please attach the Additions.txt log to your reply as well.
  • On your next reply, you should be attaching frst.txt and additions.txt to your post, every time.

 

STEP 04

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

Please let me know the results of this scan.

The log is named MSERT.log 

the log will be at  %SYSTEMROOT%\debug\msert.log   which in most cases is

C:\Windows\debug\msert.log

Please attach that log with your next reply.

 

STEP 05

 

 

Let me have you run a different scanner to double-check. I don't expect it to find anything, but no harm in checking.

I would suggest a free scan with the ESET Online Scanner

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

  • It will start a download of "esetonlinescanner.exe"
  • Save the file to your system, such as the Downloads folder, or else to the Desktop.
  • Go to the saved file, and double click it to get it started. 
  • When presented with the initial ESET options, click on "Computer Scan".
  • Next, when prompted by Windows, allow it to start by clicking Yes 
  • When prompted for scan type, Click on Full scan 
  • Look at & tick  ( select )   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on the Start scan button.
  • Have patience.  The entire process may take an hour or more. There is an initial update download.
  • There is a progress window display.
  • You should ignore all prompts to get the ESET antivirus software program.   ( e.g. their standard program).   You do not need to buy or get or install anything else.
  • When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.
  • Click The blue “Save scan log” to save the log.
  • If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at the bottom).
  • Press Continue when all done.  You should click to off the offer for “periodic scanning”.

 

Note: If you do need to do a File Restore from ESET please follow the directions below

[KB2915] Restore files quarantined by the ESET Online Scanner version 3

https://support.eset.com/en/kb2915-restore-files-quarantined-by-the-eset-online-scanner

 

Thanks

 

Link to post
Share on other sites

this shot is where it has been setting its structure.... it then start to build a WINDOWS platform...Windows being all capitals. S-1-5-21..... it locked in and builds a ton (4 GIG) of data that hides as script on the back of all the programs it can find... it some times surf the web and takes screen shots to intergrate itself into...

Screenshot (17).png

Screenshot (16).png

Screenshot (18).png

Screenshot (19).png

Screenshot (20).png

Screenshot (21).png

Screenshot (22).png

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.