Question My laptop was hacked. Help please?

Jun 1, 2021
3
0
10
0
I let a relative borrow my laptop for a bit, when i got it back and tried to turn it on, it'd boot up and immediately a screen would show up saying something along the lines of "You computer has been disabled" I was told that this relative allowed a scammer to control the computer remotely, he was downloading a bunch of stuff and when they started protesting, the person did something and that announcement showed up. I can't do anything in the bios, when i try to click on things that message appears. I'm sure nothing can be done. I want to know if this information is stored on the hard drive or motherboard or what? i'll just replace whatever needs to be replaced to get my computer back to working order. I'm pretty sure a program won't work, i literally can't do anything on it besides see that white screen. I have tried to do a CMOS reset, disconnecting the CMOS battery and waiting for about 20 minutes before reconnecting it and that didn't do anything. What component stores this kind of info, so that i can get rid of it?
 

USAFRet

Titan
Moderator
Mar 16, 2013
143,075
8,364
174,690
22,107
i'll just replace whatever needs to be replaced to get my computer back to working order.
Full wipe and reinstall.


What component stores this kind of info, so that i can get rid of it?
Its just software on the drive.
Deleting ALL partitions in the process above, it will be gone.
 
Reactions: DaftCat

InvalidError

Titan
Moderator
Disconnect the HDD/SSD and see if you still get the message. If you do, then your BIOS got screwed with and you need to have the board factory-reflashed.

If the nag screen is a boot sector type thing that goes away with the drive, then I'd get a new SSD, re-install Windows on it, then use an external drive enclosure to salvage whatever data you may need/want to salvage from the original drive, then wipe the original drive. Maybe even install the drive's vendor tools to force a firmware update just to make sure the firmware hasn't been tampered with.
 
Reactions: DaftCat

rickypicky5

Commendable
I let a relative borrow my laptop for a bit, when i got it back and tried to turn it on, it'd boot up and immediately a screen would show up saying something along the lines of "You computer has been disabled" I was told that this relative allowed a scammer to control the computer remotely, he was downloading a bunch of stuff and when they started protesting, the person did something and that announcement showed up. I can't do anything in the bios, when i try to click on things that message appears. I'm sure nothing can be done. I want to know if this information is stored on the hard drive or motherboard or what? i'll just replace whatever needs to be replaced to get my computer back to working order. I'm pretty sure a program won't work, i literally can't do anything on it besides see that white screen. I have tried to do a CMOS reset, disconnecting the CMOS battery and waiting for about 20 minutes before reconnecting it and that didn't do anything. What component stores this kind of info, so that i can get rid of it?
I agree with the others, a full wipe and reinstall is the best and safest way to resolve this issue, assuming you can get your computer to boot from a USB thumb drive.
 
Reactions: DaftCat
Jun 1, 2021
3
0
10
0
Full wipe and reinstall.



Its just software on the drive.
Deleting ALL partitions in the process above, it will be gone.
Thank you. i've ordered a usb thumb drive already, i heard that this wouldn't work but i'm definitely willing to try. This is the easiest article to follow. i appreciate the help.
 
Jun 1, 2021
3
0
10
0
Disconnect the HDD/SSD and see if you still get the message. If you do, then your BIOS got screwed with and you need to have the board factory-reflashed.

If the nag screen is a boot sector type thing that goes away with the drive, then I'd get a new SSD, re-install Windows on it, then use an external drive enclosure to salvage whatever data you may need/want to salvage from the original drive, then wipe the original drive. Maybe even install the drive's vendor tools to force a firmware update just to make sure the firmware hasn't been tampered with.
Thank you as well. I just did this, it doesn't show the screen anymore, though it doesn't get further than "No boot device detected" of course. If the USB thing doesn't work then i'll try this. Are you saying that i'd need a new motherboard if swapping HDD doesn't work?
 

InvalidError

Titan
Moderator
Thank you as well. I just did this, it doesn't show the screen anymore, though it doesn't get further than "No boot device detected" of course. If the USB thing doesn't work then i'll try this. Are you saying that i'd need a new motherboard if swapping HDD doesn't work?
The point of removing the HDD was to confirm that this was a boot sector malware or something else of that nature, not a persistent BIOS virus that may have been impossible to get rid of without a BIOS guru friend or manufacturer assistance.

Now that we know the thing resides on the HDD, all you need to do is re-install Windows either by wiping the whole HDD or putting in a new HDD/SSD to re-install there. The rest of the laptop is most likely fine.
 

ASK THE COMMUNITY

TRENDING THREADS