[FireFighter254]

Security settings for the C:\ drive is exactly the same as in my screenshots earlier. There is now a "Local Disk (Y):"  I don;t know where that came from.

 

It will not let me access the Disk Mgmt

[Advertisements]

 

Above is trying to access Disk Mgmt

 

Below, is doing the same procedure you asked me before but under my normal user account:

 

"Special Permissions" not shown in window below is ticked.

 

Also, the SID 1001 is my regular User Account...just FYI

 

 

Below, it is showing another SID has ownership:

 

 

 

Here are my SID's running cmd promt in my reg user account:

 

 

 

 

 

 

Then, once I signed into my regular user account, I noticed a new folder on the desktop called "Speclean'. I am assuming this is from the checkdsk we ran? Just in case, I am posting the two log files contained within below for you to see:

 

[2014.04.27 16:13:53.732] - INFO: EGUI Cleaning
[2014.04.27 16:13:53.732] - INFO: [Win32/Conficker] detecting...
[2014.04.27 16:13:53.732] - INFO: [Win32/Conficker] not detected.
[2014.04.27 16:13:53.732] - INFO: [Win32/Dummy] detecting...
[2014.04.27 16:13:53.732] - INFO: Checking [HKCU\SOFTWARE\ESET]...
[2014.04.27 16:13:53.732] - INFO: [Win32/Dummy] not detected.
[2014.04.27 16:13:53.732] - INFO: [Win32/Necurs] detecting...
[2014.04.27 16:13:53.732] - ERROR: Offline registry is not initialized.
[2014.04.27 16:13:53.732] - ERROR: Could not initialize cleaner!
[2014.04.27 16:13:53.732] - INFO: [Win32/Necurs] not detected.
[2014.04.27 16:13:53.732] - INFO: [Olmarik/Olmasco] detecting...
[2014.04.27 16:13:53.842] - INFO: INF_PASI1 - 0x00000000...
[2014.04.27 16:13:53.842] - INFO: INF_PASI2 - 0x80000025...
[2014.04.27 16:13:53.842] -
[2014.04.27 16:13:53.842] - INFO: Kernel module initialized successfully.
[2014.04.27 16:13:53.842] -
[2014.04.27 16:13:53.842] - --------------------------------------------------------------------------------
[2014.04.27 16:13:53.842] - INFO: Checking active infection...
[2014.04.27 16:13:53.842] -
[2014.04.27 16:13:53.842] - INFO: INF_PASGSH3 - 0xC00002F0...
[2014.04.27 16:13:53.842] - --------------------------------------------------------------------------------
[2014.04.27 16:13:53.842] - INFO: Checking inactive infection...
[2014.04.27 16:13:53.842] -
[2014.04.27 16:13:53.857] - INFO: CHECKING DISK NO - 00 | TYPE - 7 | SIZE - 0x74706DAF (931GB)
[2014.04.27 16:13:53.857] - INFO: EFI detected...
[2014.04.27 16:13:53.857] - INFO: -> PARTITION NO - 00 | TYPE - 0xEE | BOOTABLE - 0 | STARTING LBA - 0x00000001 | SIZE - 0xFFFFFFFF (2047GB)
[2014.04.27 16:13:53.857] -
[2014.04.27 16:13:53.857] - INFO:   00000001: passed...
[2014.04.27 16:13:53.857] - INFO:   00000002: passed...
[2014.04.27 16:13:53.857] - INFO:   00000004: passed...
[2014.04.27 16:13:53.873] - INFO:   00000400: passed...
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - ERROR:  ERR_BICVC01...
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - --------------------------------------------------------------------------------
[2014.04.27 16:13:53.873] - INFO: [Olmarik/Olmasco] not detected.
[2014.04.27 16:13:53.873] - INFO: [Win64/Sirefef] detecting...
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - INFO: Current Shell HKLM [explorer.exe].
[2014.04.27 16:13:53.873] - INFO: Current SubSystems [%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16].
[2014.04.27 16:13:53.873] - INFO: INF_GSP01 FFFFFFFFC0000061...
[2014.04.27 16:13:53.873] - INFO: INF_CLDI01...
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - INFO: EA_ATTRIBUTE [$KERNEL.PURGE.ESBCACHE] - [D9385FF91D8116F1B3ACCA30BBA0C1A3].
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - INFO: [Win64/Sirefef] not detected.

 

 

************************************************************************************

 

 

[2014.04.27 16:07:41.713] - INFO: EGUI Cleaning
[2014.04.27 16:07:41.728] - INFO: [Win32/Conficker] detecting...
[2014.04.27 16:07:41.728] - INFO: [Win32/Conficker] not detected.
[2014.04.27 16:07:41.728] - INFO: [Win32/Dummy] detecting...
[2014.04.27 16:07:41.728] - INFO: Checking [HKCU\SOFTWARE\ESET]...
[2014.04.27 16:07:41.728] - INFO: [Win32/Dummy] not detected.
[2014.04.27 16:07:41.728] - INFO: [Win32/Necurs] detecting...
[2014.04.27 16:07:41.728] - ERROR: Offline registry is not initialized.
[2014.04.27 16:07:41.728] - ERROR: Could not initialize cleaner!
[2014.04.27 16:07:41.728] - INFO: [Win32/Necurs] not detected.
[2014.04.27 16:07:41.728] - INFO: [Olmarik/Olmasco] detecting...
[2014.04.27 16:07:41.884] - INFO: INF_PASI1 - 0x00000000...
[2014.04.27 16:07:41.884] - INFO: INF_PASI2 - 0x80000025...
[2014.04.27 16:07:41.884] -
[2014.04.27 16:07:41.884] - INFO: Kernel module initialized successfully.
[2014.04.27 16:07:41.884] -
[2014.04.27 16:07:41.884] - --------------------------------------------------------------------------------
[2014.04.27 16:07:41.884] - INFO: Checking active infection...
[2014.04.27 16:07:41.884] -
[2014.04.27 16:07:41.884] - INFO: INF_PASGSH3 - 0xC00002F0...
[2014.04.27 16:07:41.884] - --------------------------------------------------------------------------------
[2014.04.27 16:07:41.884] - INFO: Checking inactive infection...
[2014.04.27 16:07:41.884] -
[2014.04.27 16:07:41.900] - INFO: CHECKING DISK NO - 00 | TYPE - 7 | SIZE - 0x74706DAF (931GB)
[2014.04.27 16:07:41.900] - INFO: EFI detected...
[2014.04.27 16:07:41.900] - INFO: -> PARTITION NO - 00 | TYPE - 0xEE | BOOTABLE - 0 | STARTING LBA - 0x00000001 | SIZE - 0xFFFFFFFF (2047GB)
[2014.04.27 16:07:41.900] -
[2014.04.27 16:07:41.900] - INFO:   00000001: passed...
[2014.04.27 16:07:41.900] - INFO:   00000002: passed...
[2014.04.27 16:07:41.900] - INFO:   00000004: passed...
[2014.04.27 16:07:41.900] - INFO:   00000400: passed...
[2014.04.27 16:07:41.900] -
[2014.04.27 16:07:41.900] - ERROR:  ERR_BICVC01...
[2014.04.27 16:07:41.900] -
[2014.04.27 16:07:41.900] - --------------------------------------------------------------------------------
[2014.04.27 16:07:41.900] - INFO: [Olmarik/Olmasco] not detected.
[2014.04.27 16:07:41.900] - INFO: [Win64/Sirefef] detecting...
[2014.04.27 16:07:41.900] -
[2014.04.27 16:07:41.900] - INFO: Current Shell HKLM [explorer.exe].
[2014.04.27 16:07:41.900] - INFO: Current SubSystems [%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16].
[2014.04.27 16:07:41.916] - INFO: INF_GSP01 FFFFFFFFC0000061...
[2014.04.27 16:07:41.916] - INFO: INF_CLDI01...
[2014.04.27 16:07:41.916] -
[2014.04.27 16:07:41.963] - INFO: EA_ATTRIBUTE [$KERNEL.PURGE.ESBCACHE] - [D9385FF91D8116F1B3ACCA30BBA0C1A3].
[2014.04.27 16:07:41.963] -
[2014.04.27 16:07:41.963] - INFO: [Win64/Sirefef] not detected.

 

Edited by FireFighter254, 27 April 2014 - 09:08 PM.

[FireFighter254]

 

Above is trying to access Disk Mgmt

 

Below, is doing the same procedure you asked me before but under my normal user account:

 

"Special Permissions" not shown in window below is ticked.

 

Also, the SID 1001 is my regular User Account...just FYI

 

 

Below, it is showing another SID has ownership:

 

 

 

Here are my SID's running cmd promt in my reg user account:

 

 

 

 

 

 

Then, once I signed into my regular user account, I noticed a new folder on the desktop called "Speclean'. I am assuming this is from the checkdsk we ran? Just in case, I am posting the two log files contained within below for you to see:

 

[2014.04.27 16:13:53.732] - INFO: EGUI Cleaning
[2014.04.27 16:13:53.732] - INFO: [Win32/Conficker] detecting...
[2014.04.27 16:13:53.732] - INFO: [Win32/Conficker] not detected.
[2014.04.27 16:13:53.732] - INFO: [Win32/Dummy] detecting...
[2014.04.27 16:13:53.732] - INFO: Checking [HKCU\SOFTWARE\ESET]...
[2014.04.27 16:13:53.732] - INFO: [Win32/Dummy] not detected.
[2014.04.27 16:13:53.732] - INFO: [Win32/Necurs] detecting...
[2014.04.27 16:13:53.732] - ERROR: Offline registry is not initialized.
[2014.04.27 16:13:53.732] - ERROR: Could not initialize cleaner!
[2014.04.27 16:13:53.732] - INFO: [Win32/Necurs] not detected.
[2014.04.27 16:13:53.732] - INFO: [Olmarik/Olmasco] detecting...
[2014.04.27 16:13:53.842] - INFO: INF_PASI1 - 0x00000000...
[2014.04.27 16:13:53.842] - INFO: INF_PASI2 - 0x80000025...
[2014.04.27 16:13:53.842] -
[2014.04.27 16:13:53.842] - INFO: Kernel module initialized successfully.
[2014.04.27 16:13:53.842] -
[2014.04.27 16:13:53.842] - --------------------------------------------------------------------------------
[2014.04.27 16:13:53.842] - INFO: Checking active infection...
[2014.04.27 16:13:53.842] -
[2014.04.27 16:13:53.842] - INFO: INF_PASGSH3 - 0xC00002F0...
[2014.04.27 16:13:53.842] - --------------------------------------------------------------------------------
[2014.04.27 16:13:53.842] - INFO: Checking inactive infection...
[2014.04.27 16:13:53.842] -
[2014.04.27 16:13:53.857] - INFO: CHECKING DISK NO - 00 | TYPE - 7 | SIZE - 0x74706DAF (931GB)
[2014.04.27 16:13:53.857] - INFO: EFI detected...
[2014.04.27 16:13:53.857] - INFO: -> PARTITION NO - 00 | TYPE - 0xEE | BOOTABLE - 0 | STARTING LBA - 0x00000001 | SIZE - 0xFFFFFFFF (2047GB)
[2014.04.27 16:13:53.857] -
[2014.04.27 16:13:53.857] - INFO:   00000001: passed...
[2014.04.27 16:13:53.857] - INFO:   00000002: passed...
[2014.04.27 16:13:53.857] - INFO:   00000004: passed...
[2014.04.27 16:13:53.873] - INFO:   00000400: passed...
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - ERROR:  ERR_BICVC01...
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - --------------------------------------------------------------------------------
[2014.04.27 16:13:53.873] - INFO: [Olmarik/Olmasco] not detected.
[2014.04.27 16:13:53.873] - INFO: [Win64/Sirefef] detecting...
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - INFO: Current Shell HKLM [explorer.exe].
[2014.04.27 16:13:53.873] - INFO: Current SubSystems [%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16].
[2014.04.27 16:13:53.873] - INFO: INF_GSP01 FFFFFFFFC0000061...
[2014.04.27 16:13:53.873] - INFO: INF_CLDI01...
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - INFO: EA_ATTRIBUTE [$KERNEL.PURGE.ESBCACHE] - [D9385FF91D8116F1B3ACCA30BBA0C1A3].
[2014.04.27 16:13:53.873] -
[2014.04.27 16:13:53.873] - INFO: [Win64/Sirefef] not detected.

 

 

************************************************************************************

 

 

[2014.04.27 16:07:41.713] - INFO: EGUI Cleaning
[2014.04.27 16:07:41.728] - INFO: [Win32/Conficker] detecting...
[2014.04.27 16:07:41.728] - INFO: [Win32/Conficker] not detected.
[2014.04.27 16:07:41.728] - INFO: [Win32/Dummy] detecting...
[2014.04.27 16:07:41.728] - INFO: Checking [HKCU\SOFTWARE\ESET]...
[2014.04.27 16:07:41.728] - INFO: [Win32/Dummy] not detected.
[2014.04.27 16:07:41.728] - INFO: [Win32/Necurs] detecting...
[2014.04.27 16:07:41.728] - ERROR: Offline registry is not initialized.
[2014.04.27 16:07:41.728] - ERROR: Could not initialize cleaner!
[2014.04.27 16:07:41.728] - INFO: [Win32/Necurs] not detected.
[2014.04.27 16:07:41.728] - INFO: [Olmarik/Olmasco] detecting...
[2014.04.27 16:07:41.884] - INFO: INF_PASI1 - 0x00000000...
[2014.04.27 16:07:41.884] - INFO: INF_PASI2 - 0x80000025...
[2014.04.27 16:07:41.884] -
[2014.04.27 16:07:41.884] - INFO: Kernel module initialized successfully.
[2014.04.27 16:07:41.884] -
[2014.04.27 16:07:41.884] - --------------------------------------------------------------------------------
[2014.04.27 16:07:41.884] - INFO: Checking active infection...
[2014.04.27 16:07:41.884] -
[2014.04.27 16:07:41.884] - INFO: INF_PASGSH3 - 0xC00002F0...
[2014.04.27 16:07:41.884] - --------------------------------------------------------------------------------
[2014.04.27 16:07:41.884] - INFO: Checking inactive infection...
[2014.04.27 16:07:41.884] -
[2014.04.27 16:07:41.900] - INFO: CHECKING DISK NO - 00 | TYPE - 7 | SIZE - 0x74706DAF (931GB)
[2014.04.27 16:07:41.900] - INFO: EFI detected...
[2014.04.27 16:07:41.900] - INFO: -> PARTITION NO - 00 | TYPE - 0xEE | BOOTABLE - 0 | STARTING LBA - 0x00000001 | SIZE - 0xFFFFFFFF (2047GB)
[2014.04.27 16:07:41.900] -
[2014.04.27 16:07:41.900] - INFO:   00000001: passed...
[2014.04.27 16:07:41.900] - INFO:   00000002: passed...
[2014.04.27 16:07:41.900] - INFO:   00000004: passed...
[2014.04.27 16:07:41.900] - INFO:   00000400: passed...
[2014.04.27 16:07:41.900] -
[2014.04.27 16:07:41.900] - ERROR:  ERR_BICVC01...
[2014.04.27 16:07:41.900] -
[2014.04.27 16:07:41.900] - --------------------------------------------------------------------------------
[2014.04.27 16:07:41.900] - INFO: [Olmarik/Olmasco] not detected.
[2014.04.27 16:07:41.900] - INFO: [Win64/Sirefef] detecting...
[2014.04.27 16:07:41.900] -
[2014.04.27 16:07:41.900] - INFO: Current Shell HKLM [explorer.exe].
[2014.04.27 16:07:41.900] - INFO: Current SubSystems [%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16].
[2014.04.27 16:07:41.916] - INFO: INF_GSP01 FFFFFFFFC0000061...
[2014.04.27 16:07:41.916] - INFO: INF_CLDI01...
[2014.04.27 16:07:41.916] -
[2014.04.27 16:07:41.963] - INFO: EA_ATTRIBUTE [$KERNEL.PURGE.ESBCACHE] - [D9385FF91D8116F1B3ACCA30BBA0C1A3].
[2014.04.27 16:07:41.963] -
[2014.04.27 16:07:41.963] - INFO: [Win64/Sirefef] not detected.

 

Edited by FireFighter254, 27 April 2014 - 09:08 PM.

[SleepyDude]

Hi,

 

Sorry had a busy day at work and couldn't post...

 

Did the chkdsk finish successfully?

 

Can you access the Disk Manager using the Administrator account?

[FireFighter254]

Yes, it finished. I posted a few posts above. No, it will not let me in

[FireFighter254]

It won't let me in Disk Mgmt, Event Viewer or Computer Mgmt. Anything else I can get into it seems.

 

Sorry you had a long day at work.

[SleepyDude]

It won't let me in Disk Mgmt, Event Viewer or Computer Mgmt. Anything else I can get into it seems.

 

Ok.

Sorry you had a long day at work.

 

Not at all, is better than no job.

 

The thing doesn't look good, you could be facing the need of a complete reinstall if the permissions are completely messed up!

 

I will do some testing here... Can you download and burn a CD eventually using a different computer? The machine that is broken have a cd / dvd player?

 

 

[FireFighter254]

 

It won't let me in Disk Mgmt, Event Viewer or Computer Mgmt. Anything else I can get into it seems.

 

Ok.

Sorry you had a long day at work.

 

Not at all, is better than no job.

 

The thing doesn't look good, you could be facing the need of a complete reinstall if the permissions are completely messed up!

 

I will do some testing here... Can you download and burn a CD eventually using a different computer? The machine that is broken have a cd / dvd player?

 

 

 

 

Oh no. How do I do that, since the OS was already installed on my machine when purchased?

 

Yes, I can download and burn CD on my wife's laptop.

[SleepyDude]

Oh no. How do I do that, since the OS was already installed on my machine when purchased?

 

If the Hard Drive isn't bad it should have one hidden partition with the information needed to restore the machine to factory defaults like when you start it the first time.

 

Yes, I can download and burn CD on my wife's laptop.

 

Ok. Let me prepare a link for you...

[SleepyDude]

Download the Windows 8 System Recovery Environment from the link below:

http://ovh.to/BhewhMt

 

Extract the ZIP file to obtain an ISO file, this file must be burned to a CD/DVD using the Burn Image option in your burning application.

If you don't know how to do it, let me know the program you use and I will try to find the specific instructions.

[FireFighter254]

Ok, I will download that, burn to CD and then run it on my laptop?

[FireFighter254]

I'm not sure what her burn app is, most likely only Win Media PLayer on her machine. She has Win 7. Booting her's up now

[SleepyDude]

I'm not sure what her burn app is, most likely only Win Media PLayer on her machine. She has Win 7. Booting her's up now

 

Windows 7 can Burn a CD from image by default check the instructions here.

[FireFighter254]

Thank you so much. Once I burn the file to the CD, what is my next procedure? Insert CD into my drive and reboot?

[SleepyDude]

Thank you so much. Once I burn the file to the CD, what is my next procedure? Insert CD into my drive and reboot?

 

I will tell you when I'm doing some testing...

 

The Windows 8 System Recovery Environment is something that every windows 8 user should create so it's something to keep even if we could solve this without using the disk.

[FireFighter254]

Understood