Hello all,
I have an unusual challenge and I am looking for hints on how to get out of this situation, and I have not seen a similar topic here.
It all started after the discovery of hosts.hjack in system32. After a few days of cleaning up, I found that I should have changed the admin account passwords for one time, etc. It was a very-bad idea at a very bad, late hour. I set up a new password and installed Bitlocker, the free version - I will mention right away that the program did not communicate creating a recovery key on the usb - if I remember correctly (!). And as far as I remember the password for Bitlocker, I had to mistake the password for the admin account in the letter when writing and I cannot log into the system at the moment. For this I turned on some additional protection option, that I have to enter the login from now on, but for China I do not know what the option is, and because the login was too clichéd, like an administrator or something, I forgot this one as well. Of course, I can't recover the admin account password (guest account is disabled) due to how I suppose , the OS disk lock (non-partitioned disk) was activated due to a change in the order of booted devices in the bios, or other interference on my part, which Bitlocker automatically considers a threat. But I don't know for sure, I just suppose.
I am not sure if this is the case for one reason: I don't know if Bitlocker is installed on the OS disk in the absence of other partitions / disks maybe lock such an OS disk in the event of detecting changes during booting, etc. treatments. From the error code that I get when running the command line on the repair console from usb win7, i.e. the code "0x80070057 The parameter is incorrect" I conclude that Bitlocker does not work like that (description on microsoft.com), and that I have already seen a blackscreen alert in the bios about Bitlocker blocked the drive - and I haven't had one, the option to log into the system appears normally (which does not save me). However, this does not give me anything, because the commands in the line "X: \> Sources> dir C:" or "X: \> Sources> E:" (or other drive letters), i.e. trying to find or enter disk files end in "access denied." And I don't know where it comes from, whether it's an invalid Bitlocker lock, or a disk error (in Bitlocker or Win OS kernel), or a wrong command (I don't know the command line that much). I would like to add that an attempt to manage Bitlocker using the command line (launched from the USB repair console), i.e. the command "manage-bde -unlock -certificate -ct d40eb48491195122c765658d0c4ae1f42f5a59c3 -pin E:" (or blindly entered other letters, C :, D : ...) end with the listed parameter error (0x80070057). Probably the certificate is wrong, but I have never set up a Microsoft account, or I just don't know it, so I don't have my own recovery key from where to download.
I suppose Bitlocker can't lock my OS drive and boot to the login window from it, but I'm not sure and I'm afraid to try to recover the password by copying the "sethc.exe" file in Windows \ system32 or other methods, including more so I have these command line access denied messages. Where can these errors come from? I will add that the Win7 USB Repair Tool (created on another Win7) reports that it cannot repair thissystem due to the fact that it is a "different version", whatever that is supposed to mean (probably the point is that the Windows recovery USB tool is saved on a brandless USB, which I read on the net, and I do not currently have a company with such capacity). I did not reset Bios, I did not touch any options in Bitlocker after installing it. I never created that damn password reset disk under Win7 which is a shame I also don't have the original Win 7 board even though I bought this OS. And the recorder is out of order out of spite, but I'll fix the board with the elevator. I'm running Win 7 Prof with SP1, the OS drive was normally showing me as 'C' and the Bitlocker version is 6.1.7600. It is also possible that I turned off the system recovery option and this also makes it difficult for me, but I do not know it 100%. If I tried to break the noise under the elevator, I have a password except 1/2 of letters, but apparently incomplete, I have the entire password to Bitlocker. Honestly, I'm running out of ideas on what to do with it, I would be grateful for any hints.
Thanks in advance for any help.
I have an unusual challenge and I am looking for hints on how to get out of this situation, and I have not seen a similar topic here.
It all started after the discovery of hosts.hjack in system32. After a few days of cleaning up, I found that I should have changed the admin account passwords for one time, etc. It was a very-bad idea at a very bad, late hour. I set up a new password and installed Bitlocker, the free version - I will mention right away that the program did not communicate creating a recovery key on the usb - if I remember correctly (!). And as far as I remember the password for Bitlocker, I had to mistake the password for the admin account in the letter when writing and I cannot log into the system at the moment. For this I turned on some additional protection option, that I have to enter the login from now on, but for China I do not know what the option is, and because the login was too clichéd, like an administrator or something, I forgot this one as well. Of course, I can't recover the admin account password (guest account is disabled) due to how I suppose , the OS disk lock (non-partitioned disk) was activated due to a change in the order of booted devices in the bios, or other interference on my part, which Bitlocker automatically considers a threat. But I don't know for sure, I just suppose.
I am not sure if this is the case for one reason: I don't know if Bitlocker is installed on the OS disk in the absence of other partitions / disks maybe lock such an OS disk in the event of detecting changes during booting, etc. treatments. From the error code that I get when running the command line on the repair console from usb win7, i.e. the code "0x80070057 The parameter is incorrect" I conclude that Bitlocker does not work like that (description on microsoft.com), and that I have already seen a blackscreen alert in the bios about Bitlocker blocked the drive - and I haven't had one, the option to log into the system appears normally (which does not save me). However, this does not give me anything, because the commands in the line "X: \> Sources> dir C:" or "X: \> Sources> E:" (or other drive letters), i.e. trying to find or enter disk files end in "access denied." And I don't know where it comes from, whether it's an invalid Bitlocker lock, or a disk error (in Bitlocker or Win OS kernel), or a wrong command (I don't know the command line that much). I would like to add that an attempt to manage Bitlocker using the command line (launched from the USB repair console), i.e. the command "manage-bde -unlock -certificate -ct d40eb48491195122c765658d0c4ae1f42f5a59c3 -pin E:" (or blindly entered other letters, C :, D : ...) end with the listed parameter error (0x80070057). Probably the certificate is wrong, but I have never set up a Microsoft account, or I just don't know it, so I don't have my own recovery key from where to download.
I suppose Bitlocker can't lock my OS drive and boot to the login window from it, but I'm not sure and I'm afraid to try to recover the password by copying the "sethc.exe" file in Windows \ system32 or other methods, including more so I have these command line access denied messages. Where can these errors come from? I will add that the Win7 USB Repair Tool (created on another Win7) reports that it cannot repair thissystem due to the fact that it is a "different version", whatever that is supposed to mean (probably the point is that the Windows recovery USB tool is saved on a brandless USB, which I read on the net, and I do not currently have a company with such capacity). I did not reset Bios, I did not touch any options in Bitlocker after installing it. I never created that damn password reset disk under Win7 which is a shame I also don't have the original Win 7 board even though I bought this OS. And the recorder is out of order out of spite, but I'll fix the board with the elevator. I'm running Win 7 Prof with SP1, the OS drive was normally showing me as 'C' and the Bitlocker version is 6.1.7600. It is also possible that I turned off the system recovery option and this also makes it difficult for me, but I do not know it 100%. If I tried to break the noise under the elevator, I have a password except 1/2 of letters, but apparently incomplete, I have the entire password to Bitlocker. Honestly, I'm running out of ideas on what to do with it, I would be grateful for any hints.
Thanks in advance for any help.
