# Lost user profile, someone remotely taking data



## EdEddEddie5810 (May 14, 2020)

Greetings again Tech Guy people!!! I haven't been on here in a ****'s age. I have told pretty much everyone I've encountered over the last twenty years
or so when talking about anything 'puter related, that "techguy.org" is the place to go for any and all computer or tech related questions... Ha! Darn good to be back in here...
(ok, let me settle down and get right to it.)
...and by the way, I need download link for the utility to see inside my 'puter - OH, nevermind, it popped open. I will post it below...
I have a few issues that aren't too tough to conquer, I hope. First is I realized someone was inside my computer & had me locked out of a few admin controls. So, like the good explorer I am, I went "in search of..." As a result of following his/her little bread crumb trail, I accidentally "misplaced" my owners/admin files from User Accounts. So there's that, & regain control over ALL my settings, and then I need help to find the mole (have tried CMD options but only tells me if they happen to be logged in @ that moment in time,) and seal off their little tunnel back inside my laptop. I'd like to possibly add a VPN, if that will make it more difficult for someone to sneak in, and at very least input a way to kill remote access into my system. And if y'all have suggestions over and above that, I certainly wouldn't refuse the kindness of strangers and all.
Thanks a million Tech guys (and gals) and I'm looking forward to working again with my fave techies in the world!! Woot Woot!!! Also, hope e1 is getting through this
pandemic nightmare! Best wishes to all y'all!
EdEdd&Eddie


Tech Support Guy System Info Utility version 1.0.0.9
OS Version: Microsoft Windows 10 Home, 64 bit, Build 18363, Installed 20200507192901.000000-420
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz, Intel64 Family 6 Model 122 Stepping 1, CPU Count: 2
Total Physical RAM: 4 GB
Graphics Card: Intel(R) UHD Graphics 600, 1024 MB
Hard Drives: C: 57 GB (27 GB Free);
Motherboard: ASUSTeK COMPUTER INC. E406MAS, ver 1.0, s/n KB46NBCV00HM5XMB
System: American Megatrends Inc., ver _ASUS_ - 1072009, s/n KBN0CV10479947B
Antivirus: Windows Defender, Enabled and Updated


----------



## Cookiegal (Aug 27, 2003)

Before we proceed with any troubleshooting please advise the name of your previous username here at TSG. I assume you weren't able to access it because you forgot the password? If that's the case I can merge the old one into the new one.


----------



## EdEddEddie5810 (May 14, 2020)

Cookiegal said:


> Before we proceed with any troubleshooting please advise the name of your previous username here at TSG. I assume you weren't able to access it because you forgot the password? If that's the case I can merge the old one into the new one.


Hiya CookieGal, long time!
I have long since lost all my old logins and passwords to pretty much everything; emails, FB, tech support sites and others. Have had a few different phone numbers over the years, so I'm not sure what to say. I guess check my name? Otherwise, I believe it's long gone....sorry. my name is (please delete my last name?) xxxxx is my real name...no phone or email that would still be active...afraid that's all I have. Thanks for the assist & sorry I couldn't be of more help.
The lost profile I was referring to in my post was a user account (I think the "owner's" account) on my laptop.
Anyway, I'm looking forward to working with you folks again.
Bye for now. 
~ed


----------



## Cookiegal (Aug 27, 2003)

OK, thanks. I'm sure someone will be along to assist you.


----------



## EdEddEddie5810 (May 14, 2020)

Hi CookieGal,
Sorry to bother you, but it's been like 4 days or so since I posted my plea for help & I haaven't heard back yet.
Not trying to be a nuisance and I totally understand this has been a busy and trying time for the whole planet pretty much. It really IS great to be back in this site again & I've short-cutted techguy & will never delete you folks from my 'puter! My last laptop kinda fell into a bonfire. Anyway....
Thank you for your time and patience. Look forward to chatting soon.
Sincerely,
Edward

P.S. I think my last screen name was something like "novicesomething" or "beginnersomething" but the last login woulda been from an IP in newberg, oregon, or tualatin, oregon, or yakima, washington. Sometime around 2015 or 2016 woulda been my last login.
I know, it's not much to go on but I got locked out of all my old accounts...again, and of course I didn't used to write anything down.
Thank you again.
Edward


----------



## EdEddEddie5810 (May 14, 2020)

Cookiegal said:


> OK, thanks. I'm sure someone will be along to assist you.


just checking in. thanks again.


----------



## Johnny b (Nov 7, 2016)

Have you tried using the 'System Restore' function?

* How to Use System Restore in Windows 7, 8, and 10 *
https://www.howtogeek.com/howto/windows-vista/using-windows-vista-system-restore/


----------



## Cookiegal (Aug 27, 2003)

It's OK Eddie. I sent you an email with a possible previous account but we're not going to dwell on it at this point.

I'm going to move this to the Windows 10 forum where you may get more help with it but I would also try the restore as suggested by Johnny b above. Choose a date just before this started happening and it may restore everything to the way it was.


----------



## EdEddEddie5810 (May 14, 2020)

Hi gang,
Thank you for all your help and my apologies for not tracking things better over the years. I have made changes to my tracking methods & this will not be happening again moving forward. Also, yes that was the correct account that I had back in 2010 when my daughter was born. Great work on tracking that down with what little information I gave you to go on!!! Thumb's way up!!
I already did a system restore after accidentely removing one of MY accounts thinking it was my "intruder."
All that did was slow him/her down, and they're back & even more of my admin tools are "greened" out," so I think I'm going to have to manually go in & see WHO it is first & then take measures to ensure access is permanantely denied.

I await your command. I'm going to leave this window open indefinitely until we sort this out so I don't get locked out. You guys ROCK!!
~ed


----------



## Cookiegal (Aug 27, 2003)

I think it would be best and safer for you to reinstall Windows 10 and start fresh and change all passwords using a clean machine before doing that. We can't know if they've hidden a keylogger or something else for sure so that would be my recommendation but of course you would lose anything you have on the computer like photos, documents, emails etc. unless you have them backed up somewhere (which you should have).


----------



## EdEddEddie5810 (May 14, 2020)

I will double-check & offload whatever's left saveable to thumbdrives & check back here to see what steps to follow. This is a new (cheap) laptop, that came with windows10 S-mode. Not sure if that's pertinent info or not.
It shouldn't affect anything.? When it gets reloaded, maybe we can look at installing some protection to avoid this kind of stuff in the future?
I'm saving stuff now. I'll check back in a bit.
Thank you so much,
~ed


----------



## Johnny b (Nov 7, 2016)

Hi Ed.

Did you experience this problem after a Windows update?

Here's something else to check out if you did.

*Warning: New Windows 10 Update Bug Is Deleting User Data And Preventing Login *
https://www.forbes.com/sites/jasone...date-bug-that-removes-your-files-and-profile/


----------



## EdEddEddie5810 (May 14, 2020)

I honestly cannot recall exactly when it occured. I noticed a hollowed out icon, and started seeing tell-tale signs of intrusion. I started taking steps to delete this intruder. I think I may have made my system a bit more vulnerable, because after I changed some things and did a restore, it didn't take long and they were back in & even more of my controls were "greened" out, indicating I had no more control over those functions.
I have saved everything saveable, and I'm ready to re-install win10 onto my laptop. Hopefully this works, and we can take steps to load the new install with protection to prevent this intruder from re-gaining access.
Fingers are at the ready..... You lead and I'll follow, what are my steps? I will copy and paste everything into a word doc, so I can follow along with the steps as we reload stuff.
what's next?
~ed


----------



## Johnny b (Nov 7, 2016)

I'll let one of the experts guide you through a reinstall 

Good luck.


----------



## Cookiegal (Aug 27, 2003)

I'm not one of those experts. All I can do is point you to this article:

https://forums.techguy.org/threads/doing-a-completely-clean-reinstall-of-windows-10.1235377/


----------



## EdEddEddie5810 (May 14, 2020)

Ok, thanks a bunch. Isn't it usually just various hotlinks sent, referencing different articles posting throughout
the various forums depending on the topic?
I didn't take my usual steps with a new 'puter. Usually, I locate you folks, create a shortcut and begin the
process of loading various different programs through TG, (since I trust just about everything in here & the people are usually my main reason for coming back here. Thanks again for the assist.
~ed

(Oh yeah, just like the one you just posted, (well I mean that I just noticed...) LOL


----------



## Cookiegal (Aug 27, 2003)

You're welcome. Please let us know how it goes.


----------

