Troubleshoot Win 10 No Safe Mode, Login to black screen

bradcarvey

Level 1
Thread author
Verified
May 1, 2017
20
Webroot found 2 trojan horse virus and remove them. Rebooted found more and removed them, then rebooted, to a black screen. 500 Gbyte SSD Scandisk extreme pro.

I can boot into advanced options, but startup options is not available (no safe mode).

Used my rescue disk to enter cmd line and used things like scannow, chkdsk and diskprt to test the disk. Not errors listed.

Used rescue disk to try to reset windows while saving my data... Get an error about a missing partition, but diskprt shows an 8 Gbyte partition and an approximately 480 Gbyte partition, which contains my installation and data.

Used windows 10 install disk to reset the os, got a missing partition error.

I used a similar SSD and did a clean install of Windows, to verify that the bios and hardware are ok. Having trouble getting the ASUS Sabertooth x79 audio working. Driver issues.

I ran Anvi Rescue Disk "Scan", it did not find any Threats on the windows 10 disk.
I then ran "Repair" and it found problems, with everything except Windows Firewall.
 
  • Like
Reactions: shmu26

bradcarvey

Level 1
Thread author
Verified
May 1, 2017
20
Wow. It never occurred to me that Webroot caused the problem. I assumed they would notify the users, if something like this happened. I will check with them and let you know what they say. BTW, I have been using them for 3-4 years and never had a problem.

Apparently, it happens on Windows 10 and not Windows 8.1. My Windows 8.1 computer has not had any issues, but I will uninstall Webroot immediately and replace it with something else.

Brad Carvey
 
Upvote 0

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
It's sad to see this, i used to beta for them, now I won't touch them with a 10ft pole.
I wish you the best in resolving this and when you get it all sorted and are 100% hold off on
buying a solution and PM me I may have something for you ;) Good Luck
 
Upvote 0

bradcarvey

Level 1
Thread author
Verified
May 1, 2017
20
Another Wow. I have been going in circles with webroot for 30 minutes. Apparently, there is a recover file available. I never got an email about the issue and after 30 minutes, I still couldn't download the file, even though there are several links in their blog to get to the download. But, they lead to submitting a support ticket or to a page that is selling what I already bought or to a forum.
Anyway, I assume tomorrow, I will receive an email with instructions to download and use the recover file. That's if I am lucky.
I will let you know what happens.

Brad Carvey
 
Upvote 0

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
Another Wow. I have been going in circles with webroot for 30 minutes. Apparently, there is a recover file available. I never got an email about the issue and after 30 minutes, I still couldn't download the file, even though there are several links in their blog to get to the download. But, they lead to submitting a support ticket or to a page that is selling what I already bought or to a forum.
Anyway, I assume tomorrow, I will receive an email with instructions to download and use the recover file. That's if I am lucky.
I will let you know what happens.

Brad Carvey
Like I said, PM me once your squared away, I have an extra Emsisoft AM Key it's light and very effective, I will gladly give it to you
free of charge, that and VoodooShield free and you will be very secure. If you message Dan over at Wilders he will hook you up with a trial of the Pro version of VoodooShield.
I don't do this often, but I want to help get you back up and secure.
We look after our own here ;)
 
Upvote 0

bradcarvey

Level 1
Thread author
Verified
May 1, 2017
20
A friendly piece of advice if you get this sorted out it would be a good idea to start making system images. Macrium Reflect or Aomei Backupper both have a free and reliable version. ;)
I have several macs and I use Time Machine. I believe "File History" was similar to Time Machine and disk images were not needed.
 
  • Like
Reactions: shmu26 and frogboy
Upvote 0

bradcarvey

Level 1
Thread author
Verified
May 1, 2017
20
I got a response from Webroot. They assume that I am an IT at a company, based on the advice. They assume that I need to fix multiple machines. They want me to test it on a few machines, and if it works then write a script to run it on lots of machines.

This was in my email.
"Please follow the instructions to download and execute the utility. We advise that you run this on a few machines first to validate success. Once validated, feel free to explore automated deployment, scripting, running from the console, etc."

This was in my support ticket:

Select the most convenient option based upon your environment and scenario.
  1. Using RMM or other deployment tools:
  2. Using the console advanced agent command "Download and run a file"
    • From within the Endpoint console (my.webrootanywhere.com), click the Group Management tab
    • In the Groups column, select the Group that contains the endpoints you want to issue commands to
    • In the All Endpoints panel, do either of the following to display information about an endpoint:
      • Select the checkbox to choose any endpoint, or
      • Select the checkbox at the top to select all endpoints.
    • When you select one or more checkboxes, additional commands in the command bar become active and ready for use.
    • In the command bar, click the Agent Commands down arrow.
    • In the ADVANCED COMMANDS section select "Download and run a file"

    IMPORTANT:
    This method is dependent on the check-in time of the agent, and policy. To ensure that the utility executes locally the endpoint will need to poll to receive the agent command and download the utility.

    If the Webroot SecureAnywhere tray icon is visible you may Right-Click and choose and “Refresh configuration”, or the poll can be issued via a CMD prompt. To poll via command line option, use the appropriate command for the OS.
    • For 32bit Operating Systems, type: "C:\Program Files\Webroot\WRSA.exe" -poll
    • For 64bit Operating Systems, type: "C:\Program Files (x86)\Webroot\WRSA.exe" –poll
  3. Manually
Never used a RMM. Can someone recommend a free one that will work for my situation?
RMM sounds like it needs to remote into my broken system. I tried to remote in, with remote desktop, but I have that option disabled.
With RMM do I created a boot disk, with RMM on it and then run it on the corrupted disk?
Option 3 sounds good, but I assume they think I can boot into my system. Or can I boot into a recover disk and run it from there.

I will as Webroot support and let you know, what happens or if anyone here has advice, then I will try what is recommended here.
 
  • Like
Reactions: shmu26 and frogboy
Upvote 0

bradcarvey

Level 1
Thread author
Verified
May 1, 2017
20
Like I said, PM me once your squared away, I have an extra Emsisoft AM Key it's light and very effective, I will gladly give it to you
free of charge, that and VoodooShield free and you will be very secure. If you message Dan over at Wilders he will hook you up with a trial of the Pro version of VoodooShield.
I don't do this often, but I want to help get you back up and secure.
We look after our own here ;)
How do I send a PM personal message?
 
Upvote 0

Amelith Nargothrond

Level 12
Verified
Top Poster
Well-known
Mar 22, 2017
587
And you will see your PM notifications (named conversations) here:

60651a35d69f4c59a10bc58466ff89ed.png
 
  • Like
Reactions: BugCode and frogboy
Upvote 0

bradcarvey

Level 1
Thread author
Verified
May 1, 2017
20
Wishing you the best of luck
I admire your patience and persistence
Tough problem!
I, too, used to run Webroot, but it ain't what is used to be.

I don't know about patience, but I am persistent.

I started using computers in 1969. I did my first computer animation on an analog computer in 1969. I built my first computer in the mid 70s and have experience, with every kind of computer since the Sinclair, which I had the worlds most sophisticated one in the world. When Timex started making the Sinclair, they came to me for advice on using it and showing off it's capabilities.

I am not an IT guy, but I do have a lot of background, with computers and software. I have never joined a group, looking for help. I have always been able to fix my issues on my own. I would never take one of my computers to a repair shop. I would not trust a shop with my password and my data.

After trying everything I could think of, I looked for a group that I thought would be useful and not full of "experts". I decided on Malware Tips, because of the way people were treated and the quality of the responses. "I choose wisely".

I wouldn't normally say anything about myself, but this is such a great group that I think you might find a few things about me interesting. My favorite color is Green.... I have a Prime Time Emmy for "Outstanding achievement in Engineering", I created the opening title sequence for "Men in Black" (Dragonfly) and my brother Dana Carvey, based his "Wayne's World" Garth character on his brother Brad.

Brad Carvey
 
Upvote 0

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I don't know about patience, but I am persistent.

I started using computers in 1969. I did my first computer animation on an analog computer in 1969. I built my first computer in the mid 70s and have experience, with every kind of computer since the Sinclair, which I had the worlds most sophisticated one in the world. When Timex started making the Sinclair, they came to me for advice on using it and showing off it's capabilities.

I am not an IT guy, but I do have a lot of background, with computers and software. I have never joined a group, looking for help. I have always been able to fix my issues on my own. I would never take one of my computers to a repair shop. I would not trust a shop with my password and my data.

After trying everything I could think of, I looked for a group that I thought would be useful and not full of "experts". I decided on Malware Tips, because of the way people were treated and the quality of the responses. "I choose wisely".

I wouldn't normally say anything about myself, but this is such a great group that I think you might find a few things about me interesting. My favorite color is Green.... I have a Prime Time Emmy for "Outstanding achievement in Engineering", I created the opening title sequence for "Men in Black" (Dragonfly) and my brother Dana Carvey, based his "Wayne's World" Garth character on his brother Brad.

Brad Carvey
Thanks for sharing!
 
Upvote 0

bradcarvey

Level 1
Thread author
Verified
May 1, 2017
20
Like I said, PM me once your squared away, I have an extra Emsisoft AM Key it's light and very effective, I will gladly give it to you
free of charge, that and VoodooShield free and you will be very secure. If you message Dan over at Wilders he will hook you up with a trial of the Pro version of VoodooShield.
I don't do this often, but I want to help get you back up and secure.
We look after our own here ;)

I wrote you a pm and when I tried to send it (Start a Conversation), I got an error that I could not start a conversation with _CyperGhosT_

Brad Carvey
 
Upvote 0

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I got a response from Webroot. They assume that I am an IT at a company, based on the advice. They assume that I need to fix multiple machines. They want me to test it on a few machines, and if it works then write a script to run it on lots of machines.

This was in my email.
"Please follow the instructions to download and execute the utility. We advise that you run this on a few machines first to validate success. Once validated, feel free to explore automated deployment, scripting, running from the console, etc."

This was in my support ticket:

Select the most convenient option based upon your environment and scenario.
  1. Using RMM or other deployment tools:
  2. Using the console advanced agent command "Download and run a file"
    • From within the Endpoint console (my.webrootanywhere.com), click the Group Management tab
    • In the Groups column, select the Group that contains the endpoints you want to issue commands to
    • In the All Endpoints panel, do either of the following to display information about an endpoint:
      • Select the checkbox to choose any endpoint, or
      • Select the checkbox at the top to select all endpoints.
    • When you select one or more checkboxes, additional commands in the command bar become active and ready for use.
    • In the command bar, click the Agent Commands down arrow.
    • In the ADVANCED COMMANDS section select "Download and run a file"

    IMPORTANT:
    This method is dependent on the check-in time of the agent, and policy. To ensure that the utility executes locally the endpoint will need to poll to receive the agent command and download the utility.

    If the Webroot SecureAnywhere tray icon is visible you may Right-Click and choose and “Refresh configuration”, or the poll can be issued via a CMD prompt. To poll via command line option, use the appropriate command for the OS.
    • For 32bit Operating Systems, type: "C:\Program Files\Webroot\WRSA.exe" -poll
    • For 64bit Operating Systems, type: "C:\Program Files (x86)\Webroot\WRSA.exe" –poll
  3. Manually
Never used a RMM. Can someone recommend a free one that will work for my situation?
RMM sounds like it needs to remote into my broken system. I tried to remote in, with remote desktop, but I have that option disabled.
With RMM do I created a boot disk, with RMM on it and then run it on the corrupted disk?
Option 3 sounds good, but I assume they think I can boot into my system. Or can I boot into a recover disk and run it from there.

I will as Webroot support and let you know, what happens or if anyone here has advice, then I will try what is recommended here.
Their instructions are absurdly complicated. You are not trying to manage a fleet of networked computers for a large corporation.
Write them back, or get on their forum, and ask them for something normal that you can do.
 
Upvote 0

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top