• Locked out as admin, suspected hacking

    Viewing 3 reply threads
    • #314973

      Whoa, that looks like a major problem if everything has indeed been tampered with.

      Now, there have been reports of administrator access being disabled during an unattended automatic Windows upgrade, but that’s supposed to be during the 1803->1809 transition and not others.

      Basic admin unlock is a small (less than 10 minutes usually) job on an unencrypted system with no boot/setup password, but undoing significant tampering is a whole another barrel of worms. It’ll usually be easier to just wipe everything and reinstall, assuming you have known-good backups of your data or just don’t mind wiping that too.

      Given the assumption that the system has been tampered with, and with malicious intent, you by definition cannot trust any internal recovery procedure it may have – so will have to start with a factory restore media (either optical disk or USB; optical disks can be read-only so tamper-resistant, unlike most USB keys…) or go to a repair shop you trust.

      Assuming the tamperers might have been actually good at it, it’s the repair shop anyway – that situation could require a full firmware reflash procedure before the reinstall/recovery. This might not be available for models sold with Windows 10 Home, and it’d quite possibly be cheaper to just buy a new computer, anyway.

      (Phones are a bit more of a bother. Factory reflash usually is a repair shop procedure right away, but even that might not be enough.)


      So yeah… unless your roommates confess to it and you trust them to reverse what they’ve done, or something… and you’re convinced that it wasn’t just a random Windows update that happened to change things… (but that doesn’t apply to the phones and such anyway…)

      1 user thanked author for this post.
    • #315100

      This also sounds like a corrupted user account that you are seeing.  Have you seen any popups in the lower right corner of the desktop saying that you are using a temporary login?  Is the desktop background black?

      If so, you might want to start with system restore or googling how to use the registry to remove the temporary account and restore the backup account, which is yours,  rather than automatically assuming you have been hacked.  Windows automatically installs junk apps in a new account, and this sounds like a new user account, or a corrupted user profile, after an update.

      1 user thanked author for this post.
    • #315109

      If you do still want to perform a factory reset, most HP Laptops will boot to different options if you tap the ESC key before the windows boot process when you see a circle of dots.  Read the options.  F9 usually allows me to boot to another device (Windows 10 on a flash drive).  F11 usually is the factory recovery, but that is an older version of Windows which would need to update and update. My preferences is to download Windows 10 using the media creation tool and burn it to USB.  There is an option to select a USB device after the download.  Use a 16 GB flash drive or larger to be safe.

      1 user thanked author for this post.
      • #315115

        IMPORTANT: Remember to backup your personal/ work data prior to doing a reset, Either onto a USB flash or external hard-disk. (better safe than sorry)

        No problem can be solved from the same level of consciousness that created IT- AE
        1 user thanked author for this post.
    • #315514

      You could start with an online virus scan. This should spot anything obvious even if it can’t fit it.
      Use the “Scan Now” link at the bottom of this page. https://www.pandasecurity.com/uk/homeusers/solutions/free-antivirus/

      cheers, Paul

    Viewing 3 reply threads
    Reply To: Locked out as admin, suspected hacking

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: