restoring access using recovery console? View previous topic :: View next topic  


NFOHump.com Forum Index - Operating Systems
Page 1 of 1
CobbMk2




Posts: 1111
PostPosted: Tue, 27th Jun 2006 12:58    Post subject: restoring access using recovery console?
hey all
did a very bad thing the other day. I was messing around with WinXP and decided to change ownership of my system hadrddrive to the general user profile. I REMOVED the administraion rights using "right click" security tab on system harddrive.

there was a reason for this... I used to have my pc netorked to my laptop but no longer and decided to clean things up a little

anyway, windows no longer boots up. It claims to skip autochk and then gives me a "C000021a" error with a status of "0xC0000022 this system has been shut down".

My problem is this: is it possible to change ownership/priveleges using the recovery console? would giving all my system files ATTRIB +S help?

I've tried installing a secondary windows but access is denied.

Does any1 know if I can restore access/change user profiles etc using the recovery console. I've googled it but no one seems to have been as stupid as me. Sad

any info would be a big help
Back to top
CobbMk2




Posts: 1111
PostPosted: Tue, 27th Jun 2006 14:38    Post subject:
I'm guessing I've partitioned my drive to no longer be writable. easy to fix?
Back to top
skidrow
Moderator



Posts: 8691
PostPosted: Tue, 27th Jun 2006 14:53    Post subject:
wait for [syn]

all i know if partition is fucked, it takes allot of trouble restoring it Sad
Back to top
CobbMk2




Posts: 1111
PostPosted: Tue, 27th Jun 2006 17:24    Post subject:
been tryin out Knoppix in an attemp to make C: drive writable. still no dice. Sad
I'm now focused on backing up my registry somehow. Even still I cannot re-install/fix windows as access is denied. Evil or Very Mad
Back to top
[sYn]
[Moderator] Elitist



Posts: 8374
PostPosted: Tue, 27th Jun 2006 17:49    Post subject:
Riiight.. Firstly, I am not 100% sure on what you have done, so some further explanation would be helpful so I could mimic the error on my own machine (dont worry, I have many Wink).. I don't belive that the partition is damaged though, so thats a plus.

The recovery console is not really designed for full on repair tasks, it handles the basics such as re-writiing boot loaders, checking disks and VERY simplistic file management. One issue Im wondering about is if you will even be able to logon to the system within the recovery console as it requires the Administrator profile.. This *may* be an issue.. it may not though..

The only information I can give right now is to say that the error is likely to be caused by the Windows Logon Process crashing when it finds it doesnt have the correct access rights to access the default system profile.. Due to windows XP's security features this will be hard to fix, as it is not designed to BE fixed.. I'll keep looking into it though, give me as much information as you can.

For now you may want to try using the "start windows with last known good configuration" or possibly a repair install using a windows XP cd.
Back to top
[sYn]
[Moderator] Elitist



Posts: 8374
PostPosted: Tue, 27th Jun 2006 18:21    Post subject:
http://support.microsoft.com/default.aspx?scid=kb;en-us;156669

may help
Back to top
whoKnows
VIP Member



Posts: 2972
PostPosted: Tue, 27th Jun 2006 18:27    Post subject:
As far as i remember you can access and edit ACL's of Windows installations within ERD Commander.
Back to top
CobbMk2




Posts: 1111
PostPosted: Tue, 27th Jun 2006 18:42    Post subject:
cheers for the response [syn]. I think you're right, it's an access right violation that stops winXp from booting. Unfotunatly this happens without giving the opportunity for F8 to safe mode unless you reboot manually while loading. Tried "start windows with last known good configuration" & "safe mode/prompt" and same error occurs. Tried the repair windows using CD and made things worse. It had the audacity to delete files but could not write any. haha! I wasn't laughing at the time though. This I can re-do once my C: partition allows me to write I guess.

Recovery console allows me to log on under the admin password only (the one set up upon first installation). It also allows me to delete files within \Windows but not write them. Can't get access outside \Windows as "set allowAllPaths = true" requests Analysis Snap-in for it to be enabled.

Ok. This is how I messed it up. I saw that all my drives had file sharing enabled from the networking days. On trying to disable it a message "due to admin priveleges this share will be restarted on reboot blah blah". So I was wondering if the security of my system had been compromised (it was getting a bit slow recently) so I went to the security tab on each drive. I found some drives to have multiple users with full access such as "administrator" administrators" "family (used for log in)" "everyone" "system" all having full rights to my pc. So I deleted them all and added "family" rights only (full access. I then found the access rights to be reset with all subfiles and folders. sigh... so I did the stupid thing and changed ownership to "family" (it was initially on "administrators") and ticked the checkbox "apply to all child objects". It took aobut 30sec to carry out this function as it was reading all files on C: drive and changing ownership.

After this, I still found some access errors so I added "administrator( not administrators)" as having full access. I then clicked on another checkbox in security tab "advanced" I think adding all changed to all subfiles etc. *sigh...* After reboot I'm now here, stuck, and suferring from CoD2 withdrawal symptoms. But atleast my girlfriends happy.

[sYn] wrote:
http://support.microsoft.com/default.aspx?scid=kb;en-us;156669

may help
will give it a try when I get back.

Whoknows whats ERD commander? could google I guess but heading out the door now.
will let u know how I get on.
Back to top
[sYn]
[Moderator] Elitist



Posts: 8374
PostPosted: Tue, 27th Jun 2006 18:49    Post subject:
http://www.winternals.com/Products/ERDCommander/ - ERD commander, however it is not stand alone anymore, Im sure you can find an old warezed version kicking around!

Ah so did you delete the "system" user? If so im pretty sure your boned.. unless you can readd users using repair console, I've been reading and it seems to be more powerful than I initially thought, just not sure if it will be powerful enough.
Back to top
CobbMk2




Posts: 1111
PostPosted: Wed, 28th Jun 2006 18:14    Post subject:
ERD Commander was a great help. Used it to reset priveleges to my C: drive. If I'd used it right away everything would be great. Unfortunately due to my windows system recovery deleting files and not replacing them windows no longer boots due to missing ntldr file.

Tried using winCD to install but won't install ntldr & NTDetect.com files for some reason. Everything else it does without hitch. Even tried installing a new seperate windows but still cannot write ntldr & ntdetect.com files. Evil or Very Mad Not even with my secondary windows F.D. deluxe DVD Sad Same shit happens. Currently running chkdsk repair and see what happens.
I really hope this isn't leading to a fresh install as it would take way too long to re-install software & games (keys) etc.

Anyhow, I've backed up the \system32\config\ files on my other partition. I've also delved into the system restore "RP***" files and backed them up too. Is there any chance I can get back to where I was providing I don't have to fresh install?

Once again tnx all for the ERD hint. If only I'd come to good ol' nforce straight away.
Back to top
[sYn]
[Moderator] Elitist



Posts: 8374
PostPosted: Wed, 28th Jun 2006 18:39    Post subject:
NTLDR is the windows boot loader, go into the recovery console and use the fixboot, fixmbr commands and that should help..
Back to top
CobbMk2




Posts: 1111
PostPosted: Wed, 28th Jun 2006 18:48    Post subject:
[sYn] wrote:
NTLDR is the windows boot loader, go into the recovery console and use the fixboot, fixmbr commands and that should help..


ahh, once again I have hope probably to have it snatched away at the last minute. will give it try when I get back tonight.
Back to top
CobbMk2




Posts: 1111
PostPosted: Thu, 29th Jun 2006 02:13    Post subject:
Tried fixboot & fixmbr but no luck. Running ERD commander tells me that there's no windows for it to fix. Atleast it shows the drives though. More importantly ERD claims my C: drive is "unknown type"(as apposed to fat32 etc). This tells me that there's something wrong with my partition. Will try fixpartition thingy in recovery console and see what happens.

I'm quickly losing the will to live. Thanks for all the help anyhow. It's got me this far.

Couldn't use partition magic boot dsk as laptop has no disk drive. Is there a cd I could make that would have similar function? That might save me. will google to find if ntldr problem has solution.
Back to top
whoKnows
VIP Member



Posts: 2972
PostPosted: Thu, 29th Jun 2006 06:28    Post subject:
Partition Magic CD's are bootable these days Smile, though from recent experiences i think that PM has lost it's magic.
Back to top
CobbMk2




Posts: 1111
PostPosted: Thu, 29th Jun 2006 07:20    Post subject:
if any1 has severe boot up problems caused by ntldr error do this in recovery console:

* C: CD ..
* C: ATTRIB –H C:\boot.ini
* C:ATTRIB –S C:\boot.ini
* C:ATRIB –R C:\boot.ini
* C: del boot.ini
* C: BOOTCFG /Rebuild
* C: FIXBOOT

It truely is magical Smile Here's the original link:
http://www.short-media.com/printcontent.php?print=r&id=313

Or try here for a different approach:
http://tinyempire.com/notes/ntldrismissing.htm

If you've somehow deleted ntldr & ntdetect.com files replace them using ERD commander to system root folder (C:\) then carry out above step.

If access to "create" is forbidden but you can still edit then rename exsisting unused files in C:\ to ntldr and ntdetect.com, then copy and paste.

Although I managed to get windows to boot with my original profile setting, due to my initial tampering it was truely screwed. So used ERD Commander to do system restore (windows couldn't do squat) from a backup I made earlier from the Volume Information folder in root dir . This should restore all important reg and anti virus ini files etc.

Now... windows no longer works. lol. But I'm guessing it's because I need to reconfigure the hardware back to how it was (I had to move IDE cables about due to extended ATA controller preventing CDROM boot up "memory overflow error"). Will find that out later today when I get time.

I believe my intial mistake was taking away "write" access and removing ownership to my system root folder Laughing

This has been an experience. Learnt a lot!

Thanks to whoknows & [syn] for pointing me in the right direction. Hope some of the above helps if you ever come accross this type of problem. Smile
Back to top
Page 1 of 1 All times are GMT + 1 Hour
NFOHump.com Forum Index - Operating Systems
Signature/Avatar nuking: none (can be changed in your profile)  


Display posts from previous:   

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group