Author Topic: Two 'how to' questions here for the experts?  (Read 11005 times)

0 Members and 1 Guest are viewing this topic.

Offline Cantgetitright1

  • Newbie
  • *
  • Join Date: Dec 2012
  • Posts: 4
  • Karma: 0
    • View Profile
Two 'how to' questions here for the experts?
« on: December 29, 2012, 02:15:08 pm »
Hi all. Just joined.
Can anyone help with these two issues?

(equipment is IBM Thinkcentre, WIN XP PRO svc pk 3, pent4, 504 ram, (32 bit, as opposed to 64?)

(For the pc -challenged, would you write clear 'INSTRUCTION STEPS:' unless you're referring me somewhere else? Thnx!)

(One of two)
ISSUE: admin user permission warnings continue to prevent all editing actions
A: HOW DO I GO ABOUT RESETTING OR GETTING  A NEW ADMIN PW?
B: HOW DO I GO ABOUT  OBTAINING ALL PERMISSIONS: (PC OWNER rights & SPECIAL permissions)

(C) How do I get special pemissions enabled for the current user (me) when all suggested user solutions aren't written correctly regarding the EXACT placement of text and symbols to use inside of the CMD /command prompt?
=================
(Two of two)
(equipment isa Dell Dimension, family86 model, 504MB Ram, pent4, svc pk
3, dual partitions as follows: win 98 on one partition with FAT32 file sys, and win xp pro on the other, with NTFSas the main file sys.)

ISSUE: application cannot enable or turn on needed services. Further examination shows no drives showing in Device Manager. How to do I fix this when system restore won't work in normal/safe mode? (I can still boot up the pc, but c drive (and other drives) cannot be seen?)

A: HOW TO RESTORE MMC? (microsoft management consolel)
B: HOW TO RESTORE DEVICE MANAGER:

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Two 'how to' questions here for the experts?
« Reply #1 on: December 29, 2012, 04:04:35 pm »
Quote
ISSUE: admin user permission warnings continue to prevent all editing actions
Where are you getting these errors? Post a screen shot of the error so I can see :wink:

Quote
SSUE: application cannot enable or turn on needed services. Further examination shows no drives showing in Device Manager. How to do I fix this when system restore won't work in normal/safe mode? (I can still boot up the pc, but c drive (and other drives) cannot be seen?)

You dont see any drives in the device manager? If so then that is a side effect of a virus rootkit called TDSS. Download and run tdsskiller.exe and have it check your system.
http://support.kaspersky.com/5350

Shane

Offline Cantgetitright1

  • Newbie
  • *
  • Join Date: Dec 2012
  • Posts: 4
  • Karma: 0
    • View Profile
Re: Two 'how to' questions here for the experts?
« Reply #2 on: January 01, 2013, 01:14:07 pm »
FIRST ISSUE:
Sorry I cannot do a screen shot.

The permission restriction messages occur when attempting to save data to an external source: it happened when I tried to save to a cdrom (CDR) and also happened when I tried to save to a flash-drive.

Some files actually were able to be copied, like downloading a fix program from the web directly to the drive, but transfers from the "c" drive to external? forget it- it's not happening.   

(All I want to know is how, step by step, to overide all these restrictions, and make this pc MINE again, once and for all by enabling ALL pemissions (especilly SPECIAL) permissions, and HOW to effectively set a master ADMIN password for my self. (I'm already an administrator, but no luck so far with saving data.)

SECOND ISSUE:
I already ran kasperski tddsskiller 2.8 by saving the portable vsn from the web to a flash drive and then running it on the infected computer, but it doesn't act right, never finishes the scan (goes on forever) and then winxp says there's an error,'try downloading your product again -files are corrupted'.

SO how does one recover/RESTORE the MMC, which is where the problem is, and won't ENABLE the necessary services to allow the pc to run, the drives to show, or the correct pc configuration to set up?

Thanks for your time and attention, Shane.

PS: Here's a related question I need the answer to that might actually lead to a work-around for me if I can't do anything else with the infected computer:

Q: Can i successfully remove the HD from the compromisd machine, then put that HD in a 'clean', or working pc, and then access, view, and save the data files to an external source?
best reg.
cgr

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Two 'how to' questions here for the experts?
« Reply #3 on: January 01, 2013, 02:10:53 pm »
Quote
Q: Can i successfully remove the HD from the compromisd machine, then put that HD in a 'clean', or working pc, and then access, view, and save the data files to an external source?
best reg.
Yes you can :-)

The fact that tdsskiller never finishes tells me that there is a good chance you have a rootkit.

Did you try tdsskiller in safe mode?

I have also had some good success with malwarebytes anti rootkit tool
http://www.malwarebytes.org/products/mbar/

And if those both fail we could use combofix.exe as a last resort. :wink:

Shane

Offline Cantgetitright1

  • Newbie
  • *
  • Join Date: Dec 2012
  • Posts: 4
  • Karma: 0
    • View Profile
Re: Two 'how to' questions here for the experts?
« Reply #4 on: January 02, 2013, 12:06:23 pm »
OK Shane, Im doing all the talking and writing here, but feel I have yet to receive specific clear instructions to the questions below.

(If you have the time, and know the answers, would you kindly just answer them directly please, if you can? Thanks a million!)

STEP-BY-STEP: IBM pc:
1. How to obtain Special Permissions for the current admin user?
2. How to reclaim ALL permissions for the current user?

STEP-BY-STEP: DELL pc:
1.How to replace/restore the MMC  (microsoft management console) when system restore won't work?

Another site suggested kasperski's rescue disk on the infected pc.

Thanks

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Two 'how to' questions here for the experts?
« Reply #5 on: January 02, 2013, 01:54:20 pm »
That is because your not doing what I asked yet.

If the system is still infected then any repairs or fixes I give you will fail. So the first step is to run the tools that I asked. Once done and verified we can answer your questions.

There is a process to get things working. You have to work with me on this  :wink:

Quote
1. How to obtain Special Permissions for the current admin user?
2. How to reclaim ALL permissions for the current user?

You can use my repair file permissions tool and reg permissions tool. That will give permission to everything for you. Again if there is a virus changing the permissions it will fail.
First 2 repairs in this tool
http://www.tweaking.com/content/page/windows_repair_all_in_one.html

Quote
1.How to replace/restore the MMC  (microsoft management console) when system restore won't work?
Post a screen shot of the error you get when you try to open the mmc.

Shane

Offline Cantgetitright1

  • Newbie
  • *
  • Join Date: Dec 2012
  • Posts: 4
  • Karma: 0
    • View Profile
Re: Two 'how to' questions here for the experts?
« Reply #6 on: January 02, 2013, 05:27:39 pm »
First THANK YOU for sharing the repair tool link- I'm familiar with it already and have previously used it.)

Note: It  did NOT fix the specific win xp user permissions for me, on the IBM at all.
I fully understand about repairs not working if the virus is still there, but Kasperski found nothing.
I do know there is a command prompt method to regaining permissions, and/or setting a new admin pw.

Anyway, let me clarify something;

I apologize for confusing you, by attempting fixes for both pcs in the same post, so i'll simplify it here.

For the purposes of future discussions, please Forget about the DELL pc, where the boot up is the issue, and the MMC is gone. and the device manager- not only did i have a virus on that pc, but i also think I deleted a necesary windows component in the process of trying to restore the system by deleting progrmas using Wise Registry Cleaner and CC Cleaner. I/m going to attempt the kasp. rescue disk method on the dell, and if i fail that, I'll reformat, lose winx p, both partitions, and then install win xp home version for a clean computer.


My main concern right now is this:  (for the IBM which is the current working pc, and is NOT infected to my knowledge)

Manual resetting of special permissions for the current user.
( I can add my current user for Full Control, which I just did, but the special permissions box is still blank, whene there should be a checkmark there if actually had it. That's what I'd prefer to recieve help with, if you know the manual solution.

In relation to the same issue Shane, I'm also wondering why there are at least 12 users and groups listed under permissions, when there's just me (and my wife has a separate username) and her  listed under Control Panel/Users?

And how do I safely remove/delete/disable permissions for all the unknown users?

Thanks for your patience- I know you hear from bossy, impatient, frustrated, self-taught pc users like me probably every day. The fact is, I do know somethings, and i do know these pcs to a degree. What I don't know is what I'm specifically asking about...like it said on the website, every virus-removal procedure does not apply to everyone's issue- and somehow through viruses and my ignorance, I screwed up the dell (and the hp) and that's where all my data from the past 10 years is stored....tha't's why I asked about putting those drives in other machines to get the data if possible...meanwhile, I just don't want to lose the IBM as well, so i need to take control of this pc, stop it from being shared, protect the network with a new password, download and install the best AV and Internet Program, etc. The problem is, I can't even start backing up my data to external sources on the IBM, unless i get control back, that I dont even know how I lost in the first place.

Sorry, I won';'t be long-winded again, i had to get that out ..thank you!

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Two 'how to' questions here for the experts?
« Reply #7 on: January 03, 2013, 04:54:27 pm »
Post a screen shot of the permissions list you where talking about for me.

My permissions tool doesn't remove any permissions, only adds to them, like system, administrator and users and such. Seeing a screen shot of what your seeing will help me understand better.

Aside from file permissions there is also file owner. There are some tricks we can do. I know on vista & newer I have a right click tweak that has a take ownership command. I have to see if there is on on XP. :wink:

Shane