Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Locked out of desktop


  • Please log in to reply
7 replies to this topic

#1 Laniesun

Laniesun

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 14 September 2017 - 12:53 AM

I got a guy that called me and said he was from Microsoft and he needed to fix some errors on my desktop. He had me hold down the windows icon and hold down the r key simultaneously. Then told me to type MSCONFIG at which point he took control of my computer.he said he was transferring me to his supervisor to make the necessary changes.I told him I was on a fixed income and could not afford any changes. "At no charge to you ma'am" so when this "supervisor" asked for money I told him the otherguy had assured me there was no charge he got very abrupt and angry saying "who told you that" then angrily said you can use your computer and hung up. I was called 7 more times from the same# (202 765 1234) which I didnt answer. When i got on my computer a short time later they were trying to type me messages blocking my screen so i kept hitting the windows icon to log out and eventually did. After a few hours I tried together on my computer and have been locked out. It now requires a log in password. What can i do? I can't even get into safe mode.


Edited by hamluis, 14 September 2017 - 07:46 AM.
Moved from Win 7 to Gen Security - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 Laniesun

Laniesun
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 14 September 2017 - 12:56 AM

I'm sorry it now requires a "start up" password

#3 Hareen

Hareen

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hyderabad, India.
  • Local time:02:56 AM

Posted 14 September 2017 - 03:34 AM

I may not be exactly resourceful in this but are you referring to a boot time password??

 

Because there is no way you can remove a boot time password except for may be changing the BIOS!!



#4 Hareen

Hareen

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hyderabad, India.
  • Local time:02:56 AM

Posted 14 September 2017 - 03:38 AM

Upon reading I found that there is no other way to proceed; if there is no sys key,  except doing a new installation of Operating System.

 

Try collecting data from your hard disc (if it is very important ) by using any Linux Live editions. Then format the operating system.

 

Looking for better solutions from others.

 

Also, try entering some random passwords you can think of. Sometimes such childish actions can help.



#5 zainmax

zainmax

  • Banned
  • 344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:26 AM

Posted 14 September 2017 - 04:08 AM

There is something wrong with this story. Something similar, like there is in the first post, not possible to do and so isn't possible to change nothing. It's simply weird story.
My opinion - there is something wrong with this.



#6 JohnC_21

JohnC_21

  • Members
  • 20,476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:26 PM

Posted 14 September 2017 - 08:42 AM

Is this the box you get at startup? This is the Syskey password box.

 

syskey.png



#7 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 5,280 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:04:26 PM

Posted 14 September 2017 - 08:45 AM

This sounds like a classic ransomware infection.  I am escorting this thread over to the Ransomware forum.


Brian  AKA  Bri the Tech Guy (website address in my profile) Windows 10 Home, 64-bit, Version 1709, Build 16299

       

    Plus ça change, plus c'est la même chose
              

 


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,905 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:26 PM

Posted 14 September 2017 - 04:27 PM

From what you describe, it sounds like a common Tech Support scam. Microsoft does not make unsolicited phone calls, display pop-up alerts in your browser to call a support number or send unsolicited email messages to request personal or financial information or to fix your computer...see Beware of Phony Emails & Tech Support Scams

If the password box looks like the screenshot posted by JohnC_21, see these related topics for solution suggestions:Windows 8/8.1 users can refer to the instructions (methods 4-6 or Shift+F8) in How To Access Advanced Startup Options in Windows 8 or 8.1

Windows 10 users can refer to the instructions from Security Colleague Demonslay335 in this topic.

You can either boot the system to an external OS, or connect the drive to another computer, and use the trick with restoring the registry SAM from the REGBAK folder. We've done it successfully a dozen times on customer's machines.


Some types of malware will modify the Master Boot Record (MBR) so that it displays a message indicating your computer has been encrypted and that you will be unable to access your data unless you pay a ransom to get a password. If the password box looks similar to those below, then refer to the Encrypted Boot Ransomware Support Topic.

ransomware.jpg
.
the-nastiest-of-all-ransomware-mamba-enc
.
bios-pass.jpg
.
C8hC4oWXkAA-Rxg.jpg
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users