Hi, I just installed Windows 10 Home on a spare PC to test out a hack that says I can install gpedit onto Home. The Windows install went fine and I installed Chrome too. Then I plugged in the Ethernet and I immediately went to that web page describing the hack and copy and paste the command line code. Then I clicked Start, the menu did not pop up. I pressed it again and still it didn't pop up. So I pressed CTRL-ALT-DEL and signed out. Then I signed back in and the Start button functioned properly. I hope I terminated whatever evil code there is in time before it gained persistence. Maybe. I don't know. The web page by the way was : https://www.techspot.com/guides/1719-group-policy-editor-windows-home/ and after testing it, the gpedit settings doesn't seem to have any effect. Was it an attack? I know Windows authenticates itself and go fetch display drivers (initiated traffic) and some other drivers when you first connect it to the net. And the second thing I did that initiated traffic was by going to that site. The Start button shouldn't malfunction that way, especially on a newly installed Windows. If it was an attack, how did they find the ip address? Were they watching to find Windows Update messages? How would they be able to see that traffic ? I had a previous encounter when I did Windows Update from a standard account. And when I switched to the admin account to check something, the Start button didn't work. Paranoid old me went to do an image restore.
Why do you think that you were hacked? Entering the code must have caused an issue that was fixed by rebooting. I can guarantee that you weren't hacked. If ever something doesn't work as expected, then almost certainly you have not been hacked. I can not stress this enough. I recommend watching the following video. https://www.youtube.com/watch?v=N0DR2aAiLBk
I think I am hacked because the attacker is demonstrating a RAT. Not all hackers are out to exfiltrate data, there are those that just want to cause trouble.
How so? I'm confused as to why you think your computer would be hacked, just because you couldn't open the Start Menu. That is most definitely not an indication of being hacked. When you pasted the command into an Admin level Command Prompt, did if finish running?
Yes it finished running. And I wanted to hit the Start menu to type in gpedit to test it out. And also, the keyboard's Windows key didn't work. Until I signed out and signed in again.
I can assure you that there was absolutely nothing suspicious about what happened. Running those commands must have caused some temporary issues. However, as you noted, everything was fine when you rebooted. You most definitely were not hacked. If you continue to believe otherwise, I guess there's nothing else I can do to convince you.
