Windows 10 forum


w10 hacked - working on it

I initially posted about my problem in another thread. The general thought was that I have been hacked. What happens is pretty simple. The computer boots up. When I press enter to start I get 2 boxes. One to call somebody and one to enter the key to w10. When I call I get somebody who wants 290.00 for 'an expert' to fix the problem (that one is kindofa tip off). Anyway.....

I have been trying to figure out where to go to fix whatever. First I tried to run microsoft sweeper but it couldn't find the boot drive. Then I figured out how to get to a command line. I thought I would try and run msconfig but that didn't work. I have now downloaded several different rescue disks. These are cd/dvd's that hold a number of utilities to allow the user to fix stuff. I am still messing with these.

If I could figure out where my startup programs are stored I suspect I could fix this thing but have no idea how to do that. If anybody has thoughts on that one I would appreciate it. What I think has happened is that whoever did the deed left something on my computer that boots itself up but I have no idea what it is, or where its at.

Any thoughts are appreciated. Thank you.............

Discussion is locked
You are posting a reply to: w10 hacked - working on it
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: w10 hacked - working on it
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

All Answers

Collapse -
Or it's a startup item. Not an infection.

In reply to: w10 hacked - working on it

Collapse -

In reply to: Or it's a startup item. Not an infection.

Thanks for the reply!

I would do as you suggest but I cannot boot up. What I can do is access the file system, work from a command line, and, in theory, edit files. I can run firefox from an xp window in memory which, at least, tells me I am connected to the net. I think I will goto firefox site and move ALL the .xpi files just for the heck of it.

I tried for safe mode but failed and tried everything I could find. I just can't get to it.

I have put programs on a thumb drive. I plugged in the drive and it flashes a red light (telling me that the computer saw it). However, when I goto my computer, on the bad machine, it doesn't show me the drive so I can't run the programs I put on it. I have also gone to the program directory and renamed firefox to old_firefox so it can't run. I did the same with skype for for the heck of it.

I am going to reboot just to see what happens. I expect nothing <G>

Collapse -
It sounds like you have partial access.

In reply to: problem

I'd log out of this account and into your spare admin account.

(Hint. Win+X)

Collapse -
something else

In reply to: It sounds like you have partial access.

I googled the phone number of the hackers. Its 1-877-256-3313 There are lots of returns on this one and how to remove their crap but I can't get to it or get the machine to recognize the thumb drive, otherwise I could have at it. Its interesting however <G>

Anything to do with this machine is really going to have to be done in command mode I fear.

This is my wife's machine. I doubt there is a spare admin account unless its automatic but I really have no idea what (hint. Win+X)

Collapse -

In reply to: something else

I was hoping you would try the command so you may be left with command line only. From there I can run control panel, create a new user account, make it admin to see if I can log into the other new account for easier go at it.

But I take it you won't press Win+X so no way to see what's up. I understand folk being gun shy when their machine is hacked.

Collapse -
I continue

In reply to: Or it's a startup item. Not an infection.

I can now get to a blue screen with the following options:
switch user
change password
task manager

I can also get to the task manager but still can't run programs from thumb drive

I would have edited my last but I don't think I can

Collapse -

In reply to: I continue

I pressed the control/alt/delete which got me the blue screen option in the previous posting. Then I got to the task manager. From there I was able to get to the command line. That allowed me to find my thumb drive and move all the programs/utilities to the download folder. I then installed a couple of programs that folks think were good to remove my problem. Once I moved and installed I was able to run said programs with the command line (cd ../ cd Downloads/ run whatever). I am currently running the fix thing with spyhunter. If that doesn't work I also have superantispyware and a couple of others.

Hopefully I will get some success out of it all. I think one of my problems is confusion. All of my own machines are Ubuntu and I have this machine on my kvm and its a bit confusing but I continue to make headway.

Collapse -
Spyhunter is considered scareware or malware.

In reply to: continuing

Now that you are installing bad software, I don't think I can help you out of the bind.

Post was last edited on July 23, 2016 12:54 PM PDT

Collapse -

In reply to: Spyhunter is considered scareware or malware.

I downloaded spyhunter, and ran it, and it fixed my problems. I am now running a couple of other malware programs. I checked on spyhunter and found that virtually everybody said that spyware was a safe program. The main problem, with that one, is that they sneak up on you and force you to buy to allow it to fix what it found. In addition it also wants to keep your credit card info for 'subscription' which, I think, means that it charges you for some kind of regular service. I got rid of all the subscriptions, etc. Oh, the people who take care of their billing also charged me for something that I had ordered back in 2011! I have told them that they either take off the bogus charges or I will have visa remove the entire bill. We will see.

I will probably go with malawarebytes for my security.

In other words I have now got rid of the mess I had and am in the process of checking everything over and over again until I am sure this computer is functioning properly.

I have been messing with this stuff for a very long time so am experienced. This deal was different in that, to fix my problem, I had to start pressing keys until I found something that took me someplace. The three button boot sequence worked well. To get to a command screen also took some doing. I could do it with shift f8 (repeatably during boot) and could also do it by getting into the task manager and then doing a 3 key boot which would take me to another option which allowed me to goto the command mode (cmd).

As far as I know I have now fixed my problem. I want to thank everybody who helped as I was at a complete loss.

Collapse -
It's controversial and they are in court now.

In reply to: spyhunter

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Sublime suburban chariot

High on style and technology, the 2019 Volvo XC90 is an incredibly satisfying everyday crossover.