Readers like you help support MUO. When you make a purchase using links on our site, we may earn an affiliate commission. Read More.
An old man has added an admin account to my Windows system. I was having some problems with a hacker and I was thinking I could get rid them after doing so.
Well it worked all right for a week and then strangely my login password changed. And then all of a sudden I couldn't install anything or uninstall anything unless I had a password.
I cannot use Firefox as my main browser I had Sysinternals and they picked up a Mac address in the boot session & that is all I know. I have 64-bit Windows 7.
2014-03-29 16:47:48
i thank you for all your time & help it looks like i will have to reformat unless my tech can pull something out of the hat , i appreciate your time! thank you gary!
2014-03-29 15:06:14
If the problem involved a hacker, then I would suggest a re-install of the system. The hacker can change many things on the system. The only easy way is to get rid of the changes made by the hacker. The other is to use netstat and figure out which port he/she connects to and block that. Then, start returning your system to normal, by removing those changes.
2014-03-24 17:20:39
I you have a backup, then I would suggest you to re-install the operating system
2014-03-24 04:53:26
Or a simpler approach would be to Dban it. Just get an empty CD and download Dban which overides your whole binary system clean and then you download Windows systm on it. Look it up on google or simply go to Dban.org
2014-03-22 09:51:15
With a serious virus infection, the best route is always to rebuild the machine from scratch. Yes, it's a lot of work, but if your machine was compromised as you describe, even if you remove one virus or another, you will never know for sure that your machine is safe unless you wipe it clean and start again.
2014-03-22 07:08:30
there is a problem as I had added a admin account with p/word with in a week the p/word had changed & I cannot install or uninstall I have tried the win7 disc at boot for repair but no good I have 2 ext drives 1 with a backup which was before I had all this trouble but every time I try I get the p/word barrier look I know I am an old idiot for adding the admin but I thought I cold save myself some money wow!! what have I done!! gary
2014-03-22 08:51:34
How to disable the Local Administrator account in Windowshttp://support.microsoft.com/kb/281140
2014-03-21 20:45:07
try combofixhttp://www.bleepingcomputer.com/download/combofix/
2014-03-22 02:36:22
Combofix is not the average user. Please see our
Malware Removal Guide
.Download and install
Malwarebytes
. After you finish installing run the updater for it twice and then perform a full scan. Once the scan is completed, remove any and all infections it finds and then reboot.If any items were found please run another full scan. Once you're confident that Malwarebytes will not detect anymore malware, proceed to download and install
CCleaner
to remove any residual traces of the infection. We have a fantastic guide on
how to properly use CCleaner
.It's common for malware to not allow malware removers to execute while the malware is still alive, for obvious reasons of self interest. If you find that you can't open Malwarebytes or even install it, see if it'll work in
Safe Mode
. Safe Mode is a Windows boot option which only loads core, integral parts of the system. This is good for us because it usually means the malware won't be able to load too.Once you've completed these steps, please reply back with how things are going. I will check this thread until its resolved. Feel free to contact me directly at jeff . fbsh[@] gmail . com (remove the brackets and the spaces)
2014-03-21 20:35:28
Do you have any backups of your system prior to when your problems started? If you do, restore it to your hard drive.If you don't have any backups, reformat the HD and re-install Windows and all the applications.
2014-03-22 14:15:51
That's always a safe bet. I always make that recommendation to my clients when they bring in an infected system, only because I can never be sure I've removed every trace of the infection. Reinstalling the operating system is the only way to get it back to a known-clean state, as far as I know. And even then, your Master Boot Record (MBR) could still be infected. So in addition to a reinstall, I always rewrite the MBR (first obviously). I should be flashing the BIOS as well come to think of it..