SOLVED Random drives and users appearing after hack

Joined
May 29, 2024
Messages
4
Reaction score
0
I got hacked in May and have been trying to remove the hacker and their files since then. Now, I’m seeing two random drives and desktop folders in my Quick Access that I don’t have on my PC.

I’ve tried everything I could think of to remove the hacker, but they still manage to get in. Last night, while I was in Device Manager, my page started constantly refreshing on its own.

I’ve turned off every remote access setting I could find, but I still can’t get rid of them. It’s been 2 months, and I’m at a loss. My computer is showing as a public computer, even though I’m the only user and haven’t added any other accounts. What should I do?
 
Joined
Nov 23, 2017
Messages
19
Reaction score
2
It seems like the hacker might still have some sort of access to your system. Here are a few steps you could try:
  1. Change your passwords for everything, especially for your Windows account and any email accounts linked to it. Use a different device to do this if possible.
  2. While working on the issue, disconnect your PC from the internet to prevent further access by the hacker.
  3. Go to Control Panel > User Accounts > Manage another account and see if there are any accounts you don’t recognize. Delete them if there are any.
  4. Boot into Safe Mode with Networking and run a full scan with a reputable antivirus and antimalware software. You might also try tools like Malwarebytes and HitmanPro.
  5. If nothing else works, back up your important data, format your drive, and do a clean reinstall of Windows. Make sure to download the Windows installation media from the official Microsoft website on a clean device.
Keep us posted on your progress! :)
 
Joined
May 9, 2024
Messages
7
Reaction score
1
You might also want to check your router. A compromised router can allow hackers to re-enter your system even after you've cleaned it so do a factory reset on your router. Also:
  • Make sure to change the default login credentials for your router.
  • Use a strong password.
  • Check for any firmware updates for your router and install them.
  • Ensure your Wi-Fi network is secured with WPA3 encryption.
  • If your router doesn't support WPA3, use WPA2
  • Use network monitoring tools to check for unusual activity on your network. This can help you identify if there are any unauthorized devices connected.
 
Joined
May 9, 2024
Messages
6
Reaction score
1
I highly recommend taking additional security measures:
  • Wherever possible, enable 2FA for your accounts. This adds an extra layer of security even if someone has your password.
  • If you have access to another computer, change all your important passwords from there, and avoid logging into your compromised system until it's fully secured.
  • Use Windows Defender Offline to perform a thorough scan of your system. This tool runs before Windows starts, which can help in detecting and removing malware that hides itself when the OS is running.
 
Joined
Aug 5, 2024
Messages
3
Reaction score
1
Also look in Task Scheduler for any suspicious tasks that might be running without your knowledge. Disable and remove anything you didn’t set up.And if you continue to have issues, it might be worth seeking professional help. A cybersecurity expert can provide more advanced diagnostics and solutions.
 
Joined
May 29, 2024
Messages
4
Reaction score
0
Thanks, everyone, for the suggestions! I followed a combination of your advice, and it looks like I might finally be getting rid of the hacker. Here's what I did:
  • I disconnected my PC from the internet to prevent further unauthorized access.
  • booted into Safe Mode with Networking and ran full scans using Malwarebytes and Windows Defender. They found some malware that had been missed before.
  • deleted suspicious user accounts and removed unknown tasks from Task Scheduler.
  • I did a factory reset on my router, updated the firmware, and changed the default login credentials. Also, i upgraded to WPA3 encryption.
  • I backed up my important data, formatted my drive, and did a clean reinstall of Windows. This was a bit time-consuming but seems to have made a big difference.
So far, everything seems to be running smoothly and I haven't noticed any further signs of intrusion. Thanks again for all your help! I’ll keep monitoring things closely just to be sure.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top