- Follow via:
- RSS
- Email Alert
Question
-1
Votes
Someone has hacked into my computer and set themselfs as the true Administr
Someone has hacked into my computer and set themselves up as the true Administrator and controls my computer my permission rights are limited. I have tried every antivirus program there is, nothing has worked not even a restore back to factory state. I am using AT@T 2wire gateway. please help
Updated - 3rd Jul 2011
Answers (14)
3
Votes
Why would an AV help if someone "hacked" your OS?
How about reinstalling your operating system?
Updated - 2nd Jul 2011
Replies
I think the guy is just trying to use this forum to find out how to bust into someone's Admin account.
at78rpm
5th Jul 2011
1
Vote
And what OS is this?
If it's a Windows have you tried starting in Safe Mode?
Col
Col
2nd Jul 2011
Replies
windows 7 home premium
Icandoit234
3rd Jul 2011
Well I suppose the obvious thing to ask is
What stopped you reloading these 5 computers?
I find it very hard to believe that they got physically destroyed by a simple Software Crack. All that would have happened is that the OS got corrupt and needed reloading. This is a common occurrence with Business computers.
Col
What stopped you reloading these 5 computers?
I find it very hard to believe that they got physically destroyed by a simple Software Crack. All that would have happened is that the OS got corrupt and needed reloading. This is a common occurrence with Business computers.
Col
OH Smeg
6th Jul 2011
2
Votes
I agree
Hi,
your safest option is to format and reload that system with a clean load. Otherwise maybe safemode or Booting from a "live CD to change all the account password and remove any root kits/malware on it, but you never know if your truly cleaned everything out. Best be is the wipe and reload.
your safest option is to format and reload that system with a clean load. Otherwise maybe safemode or Booting from a "live CD to change all the account password and remove any root kits/malware on it, but you never know if your truly cleaned everything out. Best be is the wipe and reload.
3rd Jul 2011
Replies
I AM A DISABLED VETERAN AND SERVED DURING WAR. I DONT KNOW ALOT ABOUT HACKING. ALL I KNOW I HAVED HAD LEXMARK AND HP INCLUDING AT&T AND ANTIVIRUS COMPANIES TAKE CONTROL OF MY COMPUTER AND AGREED WITH ME THAT ADMINISTRATOR RIGHTS WHERE REMOVE. I WAS TOLD TO RESTORE THE COMPUTER TO FACTOR STATUS, BY PUSHING F11 I DID THAT AND NOTHING CHANGED. WHEN THE COMPUTERS UNDER WARRANTY WAS SENT FOR REPAIR THEY WHERE SENT BACK IN THE SAME CONDTION.
Icandoit234
6th Jul 2011
0
Votes
Some suggestions............
Before you format Windows 7..............
1) Someone has hacked into my computer and set themselves up as the true Administrator and controls my computer my permission rights are limited:
Go to Control Panel and see what your account type is. Create a new "Administrator" account, log on to that and delete old account (make sure you transfer all data & settings).
2) I have tried every antivirus program there is, nothing has worked not even a restore back to factory state:
Antivirus is required only if your infected with viruses. Turn on Windows Defender and Windows Firewall. Uninstall ALL unwanted programs such as IE toolbars, Smiley programs and freeware. These could be Trojan Horses that send your data to hackers.
3) I am using AT@T 2wire gateway:
Log on to 2Wire web interface and see the connected computers. If you see any other computer connected, reset your Ethernet gateway and reconfigure it (don't loose the DSL connection settings). Make sure you change default "username" and "password".
1) Someone has hacked into my computer and set themselves up as the true Administrator and controls my computer my permission rights are limited:
Go to Control Panel and see what your account type is. Create a new "Administrator" account, log on to that and delete old account (make sure you transfer all data & settings).
2) I have tried every antivirus program there is, nothing has worked not even a restore back to factory state:
Antivirus is required only if your infected with viruses. Turn on Windows Defender and Windows Firewall. Uninstall ALL unwanted programs such as IE toolbars, Smiley programs and freeware. These could be Trojan Horses that send your data to hackers.
3) I am using AT@T 2wire gateway:
Log on to 2Wire web interface and see the connected computers. If you see any other computer connected, reset your Ethernet gateway and reconfigure it (don't loose the DSL connection settings). Make sure you change default "username" and "password".
4th Jul 2011
Replies
nmap, you can't get into User Accounts if you don't have Admin privileges on the machine.
dana.brinkman@...
7th Jul 2011
2
Votes
Hiren's Boot CD
Try to use to restart your system by Hiren's Boot CD (14.0 avaible now) and reset all admin accounts passwds 
4th Jul 2011
Replies
I AM A DISABLED VETERAN AND SERVED DURING WAR. I DONT KNOW ALOT ABOUT HACKING. ALL I KNOW I HAVED HAD LEXMARK AND HP INCLUDING AT&T AND ANTIVIRUS COMPANIES TAKE CONTROL OF MY COMPUTER AND AGREED WITH ME THAT ADMINISTRATOR RIGHTS WHERE REMOVE. I WAS TOLD TO RESTORE THE COMPUTER TO FACTOR STATUS, BY PUSHING F11 I DID THAT AND NOTHING CHANGED. WHEN THE COMPUTERS UNDER WARRANTY WAS SENT FOR REPAIR THEY WHERE SENT BACK IN THE SAME CONDTION.
Icandoit234
6th Jul 2011
While I appreciate the fact you had a job in the armed forces, it's completely irrelevant to the issue at hand.
Shouting in CAPS LOCK doesn't help either. I suggest you take your pile of dead computers to a local PC repair place, tell them to recover your data from the hard drives then reinstall the lot with clean Windows. You should be able to sell the 4 older ones for more than it costs to recover the data and reinstall the newest one.
Shouting in CAPS LOCK doesn't help either. I suggest you take your pile of dead computers to a local PC repair place, tell them to recover your data from the hard drives then reinstall the lot with clean Windows. You should be able to sell the 4 older ones for more than it costs to recover the data and reinstall the newest one.
spawnywhippet
7th Jul 2011
3
Votes
What OS?
There are several tools on the internet that can reset the admin password and let you regain access to your system. However I would be more worried about how this happened in the first place than the reseting of the password. You either have huge gaping holes in your security, ie no admin password and someone has set one, or there is more to the story than you told.
4th Jul 2011
-1
Votes
never mind
never mind
Updated - 7th Jul 2011
3
Votes
True Administrator?
I'm curious: how did you try doing a "restore back to factory state" if you didn't have Administrative privileges? And if you've tried "every anti-virus" thing out there, let's hope you're kidding, because installing one over another is toxic -- not to mention iffy for anyone not granted Admin privileges.
5th Jul 2011
Replies
Restore to Factory state
is from the hidden restore partition or from the recovery discs
no administrative priv. necessary as winders isn't even running
is from the hidden restore partition or from the recovery discs
no administrative priv. necessary as winders isn't even running
Who Am I Really
6th Jul 2011
0
Votes
The Shoe Dude
Someone, please, if we're supposed to help this person fix his issues, why is TR letting someone spam this? Come on, kick his/her/it's butt out of here. Please?
5th Jul 2011
Replies
This is a public Forum.
The PTB at TR can not stop people posting to it but they can remove crap like that when it's reported to them. So if you see somehtign not Flagged Flag it yourself.
Col
The PTB at TR can not stop people posting to it but they can remove crap like that when it's reported to them. So if you see somehtign not Flagged Flag it yourself.
Col
HAL 9000
5th Jul 2011
2
Votes
Password Reset
If your admin password has been hacked, do a Google search for system password recovery, download the bits, burn the CD and load it. It will then start Linux on your system and guide you through the reset process. Once it is reset, BUY A ROUTER before you connect to the Internet. Consider using Microsoft Security Essentials to avoid the trojans and rootkits.
5th Jul 2011
2
Votes
REPLY
1. Boot from Windows 7 DVD and access the command prompt.
2. Find the drive letter of the partition where Windows is installed. In Windows 7, it is D: in most cases because the first partition contains Startup Repair. To find the drive letter, type C: (or D:, respectively) and search for the Windows folder. Note that Windows PE (RE) usually resides on X:.
3. Type the following command (replace ???c:??? with the correct drive letter if Windows is not located on C:):
copy c:\windows\system32\sethc.exe c:\
This creates a copy of sethc.exe to restore later.
4. Type this command to replace sethc.exe with cmd.exe:
copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe
5. Reboot your computer and start the Windows installation where you forgot the administrator password.
6. After you see the logon screen, press the SHIFT key five times.
7. You should see a command prompt where you can enter the following command to reset the Windows password:
net user your_user_name new_password
If you don???t know your user name, just type net user to list the available user names.
8. You can now log on with the new password.
2. Find the drive letter of the partition where Windows is installed. In Windows 7, it is D: in most cases because the first partition contains Startup Repair. To find the drive letter, type C: (or D:, respectively) and search for the Windows folder. Note that Windows PE (RE) usually resides on X:.
3. Type the following command (replace ???c:??? with the correct drive letter if Windows is not located on C:):
copy c:\windows\system32\sethc.exe c:\
This creates a copy of sethc.exe to restore later.
4. Type this command to replace sethc.exe with cmd.exe:
copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe
5. Reboot your computer and start the Windows installation where you forgot the administrator password.
6. After you see the logon screen, press the SHIFT key five times.
7. You should see a command prompt where you can enter the following command to reset the Windows password:
net user your_user_name new_password
If you don???t know your user name, just type net user to list the available user names.
8. You can now log on with the new password.
6th Jul 2011
Replies
That is rather slick, I would not have ever thought of that particular tactic. That is easily the coolest exploit I have seen to date. Kudoes man.
migrax
migrax
migrax
6th Jul 2011
1
Vote
IF this is true
Disconnect the network cable! It is possible your computer is being reinfected as it is being cleaned.
Your safest bet is to format the hard drive and then reinstall from your system disks, sorry. Some of the other suggestions will work, but may not truly clear the virus. Now start reinstalling software. I would be very cautious about any files you have saved/copied from the infected computer.
Sorry.
Your safest bet is to format the hard drive and then reinstall from your system disks, sorry. Some of the other suggestions will work, but may not truly clear the virus. Now start reinstalling software. I would be very cautious about any files you have saved/copied from the infected computer.
Sorry.
6th Jul 2011
-1
Votes
Windows 7
You are not true administrator on windows 7 it not hacked it microsoft only trustedinstaller is true administrator
6th Jul 2011
1
Vote
Pushing F11
I believe by pushing F11 they are refering to the fact that is you start your computer on most HP and E-Machine computers while holding the F11 key it will launch restore from the restore partition allowing you to reinstall your windows. Pressing it while windows is running will do nothing except launch your application/browser into full screen mode.
migrax
migrax
6th Jul 2011
