[Dang19]

Combofix /u did bad things.
I downloaded AVG, scanned (got some minor results...deleted results) and then went to run and entered Combofix /u and got following message:
"327882r2f2jf2/hidec.exe" "Windows could not access the specified device, path, or file. You may not have the appropriate permissions to access the item."

Then comboFix automaticaly got uninstalled. I really think I do not have complete admin control. If I could get to the point where I could reboot with windows CD and reformat/reinstall clean I would be very happy.

As I said when I place a windows CD into the tray it does not get recognized. Meaning with Windows CD in the tray and then reboot I go directly to windows login and then desktop. If you just insert CD into the tray with windows running Autoplay does nothing. If I insert disc into tray and click on the D:\ in windows explorer it ask me to insert a CD (even though there is one already in there).

Regarding the admin account I was trying to delete, I followed the instructions but "Delete" did not show as an option. Likely because of shared primary admin account?

I am not sure where to go from here.

[Advertisements]

If I could get to the point where I could reboot with windows CD and reformat/reinstall clean I would be very happy.

So you now want to format your system?.. Have you change your boot setting from BIOS?.. if not, please refer below website on how to do it..

http://www.hiren.inf...bios-boot-cdrom


Then tell me about it..

[fenzodahl512]

If I could get to the point where I could reboot with windows CD and reformat/reinstall clean I would be very happy.

So you now want to format your system?.. Have you change your boot setting from BIOS?.. if not, please refer below website on how to do it..

http://www.hiren.inf...bios-boot-cdrom


Then tell me about it..

[Dang19]

I now understand the /u for combofix was an unistall switch. I rebooted and all is fine in respet to that. So...I think as far as a virus is concerned, I am out of the woods and now need to deal with the residual effects which seems to be the effect it had on (I am guessing here) admin rights. I believe there is some sharing going on of my main admin account.

So starting from the point of wanting to just reformat and reinstall here is where I am at..
I can not reboot with a window cd in the tray as it just boots to the windows login sceen.
I tried "format C:" from the windows recovery mode (no error, just ingored the command after I answered "yes" to "this can not be undone do you want to proceed?" message.
While in windows I am able to read any CD I put in the tray, it just says "insert disc..." and hangs until I say cancel.

I chose AVG by the way thank you and like it very much.

I have gone through all instructions mentioned and no luck at all. So the question is what now?
Should I buy a new HD and call it a day????

Thank you for all your help.

[fenzodahl512]

Hi Dang.. First of all, please tell me, have you change your Boot sequence through BIOS? Have you look and do as per webpage that I gave to you earlier?

I tried "format C:" from the windows recovery mode

May I know what do you mean by Windows Recovery mode?

[Dang19]

I did change my boot sequense in the biow as instructed.
I then inserted my Windows XP CD and rebooted the computer and as it booted it went drirectly to my windows login screen as if I hadn't put the CD in the tray at all.

Recovery Mode....When you had me install ComboFix it required istalling Windows Recovery which shows up when you start your computer. You choose either run Windows XP or Windows Recovery.

I have a Jump drive and I was considering using it as a boot device if I can't get the computer to recognize my CD. I am currently working on getting Knoppix to boot (with no luck yet).

But I am not doing anything that would interfere with your help as I know that will only make things harder to solve.

Thank you.

[fenzodahl512]

I'm not sure why.. Lets try this..


IMPORTANT!: Please create a fresh Restore Point before proceed with our fix. Please visit this webpage if you do not know how..

If you are using Windows Vista, please visit this webpage for more information.




NEXT


The steps that I am about to suggest involve modifying the registry. Modfying the registry can be dangerous so we will make a backup of the registry first.
Modification of the registry can be EXTREMELY dangerous if you do not know exactly what you are doing so follow the steps that are listed below EXACTLY. if you cannot perform some of these steps or if you have ANY questions please ask BEFORE proceeding.

Backing Up Your Registry

• Go Here and download ERUNT
  (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
• Install ERUNT by following the prompts
  (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
• Start ERUNT
  (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
• Choose a location for the backup
  (the default location is C:\WINDOWS\ERDNT which is acceptable).
• Make sure that at least the first two check boxes are ticked
• Press OK
• Press YES to create the folder.

For detailed instruction on how to back-up registry via ERUNT, please visit HERE




NEXT


Please download XP_CD-DVD-Fix.zip by Doug Knox and save it to your Desktop.. Please unzip it and run it.. Reboot your computer and then tell me more about your CD/DVD-ROM..

[Dang19]

Hello,

Sorry I haven't been around, I was on vacation.
I will start on your latest help item tomorrow, I just wanted to let you know I am still with you.

Thank you

[fenzodahl512]

Ok.. One quick question.. Apart from CD problem, how is your computer actually?

[Dang19]

The computer is for the most part good to go. There are a few things like the CD as an example I get memorey read errors on occasion and I still can't delete the other admin account as "delete" does not show up as an optioon. All the stuff I am experiencing is just little pains is all.

I just think reformatting would be the best course of action and I can't do that unless I can boot of the CD.

I am going to implement your last instructions right now.

Again, thank you very much.

[fenzodahl512]

Ok.. report back to me when you're done

[Dang19]

Hello,

I followed your instructions (completely) and nothing has changed. I rebooted with a Windows XP (PRO) CD and mad sure boot to CD was chosen in the bios and as the computer restarted it went directly to the Windows login sceen not reading the CD at all. When I got into Windows I went to Windows Explorer to see if I could read te data that was on the CD and got the same message as before "insert CD.".

I wonder if the boot.ini file was effected (I don't exactly know what I'm talking about here)?

Thank you

[fenzodahl512]

Hi,, after a through review in all your logs, I determined that your CD problem is not related with malware.. I believe your CD problem is either related with Windows/applications or the hardware itself.. Your latest log looks clean to me.. So, I suggest you to get further assistance at our Windows forum.. link below..


http://www.geekstogo...2003-NT-f5.html

[Dang19]

I will do as you suggest and thank you very much!
One last question, can a virus infect admin rights and by doing that shut off control of your CD/Flash/other drive devices?

[fenzodahl512]

I will do as you suggest and thank you very much!
One last question, can a virus infect admin rights and by doing that shut off control of your CD/Flash/other drive devices?

Its possible.. but I believe your computer is good now (apart from the cd problem).. Since you are worry about administrator rights, lets do this to see who has the admins right..


Please download THIS FILE and save it directly into C:\WINDOWS folder.. Then do below..

Please copy everything inside the quote box below (starting with @) and paste it into notepad. Go up to "File > Save As", click the drop-down box to change the "Save As Type" to "All Files". Save it as remtask.bat on your desktop.

(SWWHOAMI /listusers )>>"%USERPROFILE%\Desktop\result.txt"

Double-click remtask.bat A window will open and close quickly, this is normal.

A new textfile result.txt will be created on your Desktop.. Post its content on your next reply..

If you do not sure how to make a batch file, please visit HERE for the tutorial.

[Dang19]

I don't think everything is in the "code" block?
All I see is "(SWWHOAMI /listusers )>>"%USERPROFILE%\Desktop\result.txt""