• Donate
    TheWindowsForum.com needs donations to stay online!
    Love TheWindowsForum.com? Then help keep it alive by sending a donation!

i got hacked, plz help

WELCOME TO THEWINDOWSFORUM COMMUNITY!

Our community has more than 63,000 registered members, and we'd love to have you as a member. Join us and take part in our unbiased discussions among people of all different backgrounds about Windows OS, Software, Hardware and more.

Nightrider

New Member
Sep 4, 2020
1
0
So, ive finished building a new pc and after installing several drivers, i started installing a few programs. One of them is: Adobe Acrobat Pro DC v2019.021.20061 Final + Keygen (thats the name of the torrent). I turned off Windows Defender, while installing it. the software never really finished installation as i suspected something weird going on during installation and i shutdown the pc. That weird thing is that i got and sms that someone tried to enter my instagram(the sms was in Korean and im not korean). Later on i got a similar sms for facebook too.

So i disconnected it from the internet(is was connected with an ethernet cable) and tried to shut it down but at first i could not shut down as there were 3 setups installing still though i forced it to shut down. Then i changed all the important passwords like paypal and bank account etc(fortunately the are untouched). I also noticed that that there was a printscreen software and each time i turned on the pc a program to shut down the pc was installed too but i uninstalled them both. Also the browser opens a redirecting page on its own every few seconds. Also, i cant access Task manager as it says that this action is blocked by the administrator. Additionally Windows defender doesnt detect any threat (i did a full scan). And finally many files got an aadditional extension .geno

Im thinking about reformating the computer and resetting the router to factory settings as i believe it will solve the problem. Or is there a solution without deleting everything from the pc?
 
Last edited:
So, ive finished building a new pc and after installing several drivers, i started installing a few programs. One of them is: Adobe Acrobat Pro DC v2019.021.20061 Final + Keygen (thats the name of the torrent). I turned off Windows Defender, while installing it. the software never really finished installation as i suspected something weird going on during installation and i shutdown the pc. That weird thing is that i got and sms that someone tried to enter my instagram(the sms was in Korean and im not korean). Later on i got a similar sms for facebook too.

So i disconnected it from the internet(is was connected with an ethernet cable) and tried to shut it down but at first i could not shut down as there were 3 setups installing still though i forced it to shut down. Then i changed all the important passwords like paypal and bank account etc(fortunately the are untouched). I also noticed that that there was a printscreen software and each time i turned on the pc a program to shut down the pc was installed too but i uninstalled them both. Also the browser opens a redirecting page on its own every few seconds. Also, i cant access Task manager as it says that this action is blocked by the administrator. Additionally Windows defender doesnt detect any threat (i did a full scan). And finally many files got an aadditional extension .geno

Im sorry to hear it

Im thinking about reformating the computer and resetting the router to factory settings as i believe it will solve the problem.

I think best idea is to do fresh windows install, download your softwares from uploaders you trust.

Let us know if you need more help.
 
Last edited:
Im sorry to hear it



I think best idea is to do free windows install, download your softwares from uploaders you trust.

Let us know if you need more help.
The reality is you really don't know what may have been altered in your system including rootkits.
Your experience proves you really need to use virustotal for anything that might possibly be questionable.
Hang around, get some cred and you can figure out what are trusted sources. This kind of play does have some drawbacks. How do they say "If it was that easy, everyone would be doing it". Never not be ready to wipe your system clean at any time. It can be the cost of playing this game. It never hurts to know what you are doing or at least be open to learn too.
 
Best to wipe that drive, reformat it and reinstall Windows. You have no idea what got installed on your machine and it's safer to just go with a clean install. I always make a back-up after I install Windows, drivers and any critical updates. That way I can just start back from there if things go horribly wrong. Virtual Machine's are your friend when using unknown software, use it to test it before installing. At least use a firewall to block internet during install, and/or use a sandbox, not as secure but at least it's something. Sounds like your biggest worry is that your Facebook and Instagram accounts (and possibly others) may have been compromised before you pulled the plug. Sure hope you used a different PC to reset all those passwords. Yeah, resetting you router is a good idea too. Good Luck.
 
It's probably a rootkit, if you do an offline scan with Windows Defender you might catch it. But as other suggested you are safer with a full wipe.

The main thing with rootkits is that are undetectable when you are infected, and your system takes a lot of time to shutdown or doesn't shutdown at all. (At each shutdown the rootkit reruns itself into your system)
 
Ok....
But you should also check about your routers or family PC which are connected to the net where the possible infected pc was connected.

As a hacker I wouldn't stop just on your pc, I would check any hardware I find on the net and also would left backdoors on as many as possible hardware on the net...
 
Well if you are that paranoid you can routinely run cmd > netstat to see all the connections that system is making to the outside world. Always change default passwords on routers and if you get hacked that badly, wipe (don't reformat) the hard drive and reinstall the O/S and treat any data you backed up as suspect.
The real problems are IoT devices and possible hacked phones that connect to your network, tougher to protect. I maintain a separate router for IoT and phones because the hardware was free for me Not sure if it's necessary if you have to pay for add'l hardware.
 
The best way is
1. take your harddisk out and scan virus with norton on another PC.
2. save data on that PC.
3. format harddisk and reinstall windows.
4. get bata back to this harddisk again.
 
Back