Re: win xp admin nightmare

From: Carey Frisch [MVP] (mrxp2004_at_nospamyahoo.com)
Date: 06/25/04 

Date: Fri, 25 Jun 2004 11:08:12 -0500

HP Pavilion computers have a hidden partition which contains the files necessary
to restore your PC to its original factory condition. Please read and follow these
instructions carefully:

HP Pavilion Desktop PCs - Performing a Full System Recovery in Microsoft Windows XP
http://h10025.www1.hp.com/ewfrf/wc/famiDocument?product=12455&cc=us&lc=en&dlc=en&docname=bph07145

Note: HP offers both a "destructive" and "non-destructive" method....use the
           "non-destructive" method.

Note: You must return your HP computer to the exact same hardware configuration
as it was originally. Disconnect all peripheral hardware devices except for the monitor,
keyboard and mouse.

HP Instant Support Professional Edition
http://instantsupport.hp.com/euserv/jsp/hpinstantsupport.jsp 

-- 
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Be Smart!  Protect your PC!
http://www.microsoft.com/security/protect/
----------------------------------------------------------------------------------
"vern" <nospam@nospm.net> wrote in message:
 news:k_XCc.11120$w3.4494@fe2.texas.rr.com...
| Spent 5 hrs last night on a clients HP machine with win xp, trying to
| take back control of the system. She is convinced that she was
| sabataged by an angry son-in-law, which is probably true. She uses
| this for her buisness and does not have a backup of her data (she is
| doing this today), but she doesn't even know where everything is
| because files and folders have been moved by the son-in law, so a
| format and re-install is not an option yet. Here are some of the
| symtoms and problems:
| 
| 1. Installed AVG and scanned, found 2 versions of downloader and one
| backdoor. 2 of these were deleted by AVG and one was quarintined
| 
| 2. tried to install adaware to the default directory twice and failed
| both times, installed to c:\lavasoft ok. Cleaned all the stuff it
| found ok.
| 
| 3. Updated and ran Spybot which was previously installed, found and
| cleaned 132 items.
| 
| 4. Tried to run Trend Micro on line scan and it would just hang at
| installing the engine, no error messages.
| 
| 5. She has several malware folders in her program files folder,
| memwatcher, Internetoptimizer, ictbar and others. tried to delete
| these and received access denied message.
| 
| 6. booted to safe mode and tried to delete again and received the
| same nessage.
| 
| 7. Checked permissions and ownership of these folders and found that
| the owner was  S-1-5-21-2190867815-etc. with all options to change it
| were disabled. She is supposedly logged on as administrator and no
| other user accounts show up in user manager.
| 
| 8. Went to the parent folder and took ownership of it and all
| subdirerctories, this apparently worked on some folders and not on
| others, they are still owned by S-1-5-21-... is this a deleted admin
| user? if so, does anyone know how to get rid of it.
| 
| 9. Although she is logged on as "administrator" she apparently
| doesn't have full admin rights, when you check the individual file
| permissions (even on the ones that she owns) she can't change them
| because they are greyed out.
| 
| I've seen lots of messed up systems but never anything like this. If
| we can get full admin control I think I can get it cleaned up.
| 
| Another problem is she doesn't have any restore disks or operating
| system cd. This is a HP machine less than one year old. They (HP)
| created a restore partition (FAT32) with the I386 folder on it, does
| anyone have experience with doing a clean install form this HP
| partition, I'm not sure I trust it.
| 
| any help would be much appreciated.
| 
| Vern Davenport

Relevant Pages

  • Re: How to Expand HDD on SBS 2003 SP2
    ... and there is a 125mb partition that i suppose Dell created. ... Yet i couldnt try the install it with Dell CDs because i dont have ... a full backup before I try anything like this. ... Backup> Learn how to restore the server. ...
    (microsoft.public.windows.server.sbs)
  • RE: Installing special folders on mounted partitiond during setup.
    ... From other OS on the first partition create folders: ... Mount the partitions to the empty folders. ... Install windows using unattended setup with command line parameter: ...
    (microsoft.public.windowsxp.setup_deployment)
  • Re: Help me please - partitions and start up issues!
    ... A basic manual came with the notebook explaining the basics, ... restore disks, but it has a built-in restore feature and a program ... partition for system restore files totalling about 8 GB. ... files and folders" is checked and "Hide protected operating system ...
    (microsoft.public.windowsxp.perform_maintain)
  • Re: Help me please - partitions and start up issues!
    ... What came in the box with regard to disks and a manual? ... restore disks, but it has a built-in restore feature and a program that ... partition for system restore files totalling about 8 GB. ... files and folders" is checked and "Hide protected operating system files ...
    (microsoft.public.windowsxp.perform_maintain)
  • Re: Help me please - partitions and start up issues!
    ... Reason for FAT32 now discovered. ... restore disks, but it has a built-in restore feature and a program ... partition for system restore files totalling about 8 GB. ... files and folders" is checked and "Hide protected operating system ...
    (microsoft.public.windowsxp.perform_maintain)