Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 300
  • Last Modified:

Windows 8 hacked.

PC laptop with Windows 8 hacked by a foreign "faux help service" left the machine locked.  Will only start to safe mode, has no system restore settings available, will not go online.

Any solutions to fix problems or best just do a factory restore?
0
DwEckert
Asked:
DwEckert
  • 5
  • 3
  • 2
  • +2
3 Solutions
 
John HurstBusiness Consultant (Owner)Commented:
If you can get to Metro and then PC Settings, you can "Refresh your PC" . This will keep your documents but will remove Applications that did not come with Windows 8. This should work, but you will have to reinstall some things.

.... Thinkpads_User
0
 
Dan CraciunIT ConsultantCommented:
You can probably fix it, but can't trust it anymore.

Factory reset, then restore data from backups.

HTH,
Dan
0
 
MysidiaCommented:
When you say "locked";  you mean the computer won't boot -- they have reconfigured the machine to deny access, or they are presenting some custom software that refuses entry?

My suggestion would be to copy any important documents or other materials off the machine and do the factory restore.

It may be possible to defeat the lockout, if you can run tools to analyze the startup settings.
However,  it will always be doubtful whether the machine is clean  and can be trusted anymore, or  whether a configuration with covert persisting  custom malware  has been setup.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
John HurstBusiness Consultant (Owner)Commented:
@DwEckert - To clarify the above, Windows 8 Refresh is new with Windows 8 and does a form of reinstall that keeps data. I have done one, and the results were very reliable.

.... Thinkpads_User
0
 
aadihCommented:
Please save your data and files from the safe mode, Just in case. Then, as Thinkpads_User advises: perform a Windows 8 refresh install.
0
 
DwEckertAuthor Commented:
thinkpads_user.

Can get to the Metro screen.  The click on Desktop goes to safe mode.  Tried Metro to PC Settings to "Refresh Your PC without effecting your files".  The first message said there was a problem refreshing your PC, no changes were made, check for solutions to the problem which takes it back to safe mode with no more answers.

Mysidia,  The computer will turn on & off, but only comes to safe mode.  No custom software that I can find to block entry.

There is no internet connection, either wifi or Ethernet.
0
 
Dan CraciunIT ConsultantCommented:
It doesn't really matter if "Refresh" is working or not.

The machine was compromised and cannot be trusted anymore.
Do a hard reset (factory restore), preferably with a format first.
0
 
John HurstBusiness Consultant (Owner)Commented:
Any solutions to fix problems or best just do a factory restore?

Since you can get to Metro but Windows 8 Refresh will not work, then at this point, you need to back up and do a factory restore. Refresh is pretty much the last hope in a Windows 8 system.

Assuming you do this:

1. Do the factory restore.
2. Update all Drivers.
3. Update all Windows 8 updates.
4. Now go to Metro Windows Store and Update to Windows 8.1. Do this before installing applications.
5. Now Install Applications.
6. Now do all final updates and you should be done.

.... Thinkpads_User
0
 
DwEckertAuthor Commented:
I fixed it.

In metro went to msconfig.  The settings had been changed to "selective startup".  Changed back to normal and rebooted.

Came on in to Metro, went to the full desktop.  Got on line with wifi.

Now I will do a full cleaning and update to 8.1.

Darn foreign help desk, scammers going after little grandmothers.  They should be shot.
0
 
John HurstBusiness Consultant (Owner)Commented:
When you finish cleaning up, do the following:

1. Ensure UAC is ON and working.
2. Install brand name, paid Antivirus.
3. Get EMET V 4.1 free from Microsoft and install it. EMET obfuscates addressing and keeps hackers at bay. I use it on every system now.

... Thinkpads_User
0
 
aadihCommented:
I fixed it. ~DwEckert.

Great. You did it. :-)
0
 
DwEckertAuthor Commented:
Good help, as always.  Good suggestions got me thinking about other possibilities which lead to the solution.

Thanks.
0
 
John HurstBusiness Consultant (Owner)Commented:
@DwEckert - Thank you very much and I was happy to help.

.... Thinkpads_User
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 5
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now