rayik said:
Thanks su root for your reply.
I would appreciate if you could post instructions about taking ownership of the file. It would not allow me to access property.
You need to be logged in as an administrator.
You find the file that you want to take ownership of, right click on it, and go into properties. Go into the security tab, and hit "Advanced". Then go into the ownership tab. There it'll list the current owner. Select who you want to own the file, and click OK. The ownership will have changed. Now you should be able to give yourself permission, so add yourself to the permission list by clicking add, selecting yourself, and then clicking full control checkbox.
I didn't know that recovery console trick. I do have the cd and will remember that for the future.
I did close Kazaa but nothing happened. I did double click on the .bmp file. Could that have launched something.
Make sure you close kazaa in the system tray too. Clicking the "X" doesn't always close it, it just minimises it to your system tray (by the clock).
I did look in taskmanager but saw nothing out of the oridinary. Since then I've learned that processes can be hidden from task manager.
One thing that worries me, I reformated the hd. I just used the format option on the win2k install. Does that delete the partition that was there and make a new one? What exactly does it do and will it erase whatever was put there.
If you are formatting the partition, it just deletes everything in the partition, and you have an empty partition. The partition table never changes, so other partitions will be uneffected.
(Also to make reinstalling easier - I put 39 GB worth of stuff onto a spare hd before re-formating. I'm hoping that 39GB was clean.
After reformating, reinstalling win2k and reinstalling some programs yesterday morning, I was horrified to see stuff on my computer last night.
I set up with 2 users (in addition to the default administrator). Those were the only listed users under "users and there was also listed as "users and passwords" in the contol panel.
However, explorereshowed me six (!!) user folders under "documents and settings." The additional ones were: "default user", "default user.winnt" and "All Users.WINNNT" Neither "default user" or "All Users" were listed as "users" under "users and passwords" in Control Panel.
I deleted "default user" and "default user.winnt" I was unable to delete All Users.WINNT" with win telling me it was a system folder and undeleteable.
Additionally, there were 2 .exe files under the 2 users I set up (not administrator). I did not write the file name down before deleting it, but with went something like DialUp or SpdDial. One of them would not let me delete it until I found a hidden process running (which turned out to be c_dilla)
The stuff in the C:\Documents and Settings folder are profiles. In there you are supposed to have a profile for every user that has logged on (incl. his/her favories, history, address book, etc.). In addition, you have the "Default User". When a new user logs on for the first time, it copies he "Default User's" profile for the new user, so there is a profile for them. The "All Users" is used by everyone. The start menu, for example, has 2 types of entries, entries in:
C:\Documents and Settings\[USERNAME]\Start Menu
are for you only. Noone else will see them.
C:\Documents and Settings\All Users\Start Menu
is for the entire system, everyone will see these items in their start menu. The ones with .WINNT, or .COMPUTERNAME, or .DOMAINNAME exist because when it tried to make the folder, the folder already existed, so it made a new one with that suffix. It was probably not a good idea to delete them.
Here's an attempt at a fix: Go into Control panel/system/User Profiles. Select your profile & click "copy to" Then tell it "C:\Documents and Settings\Default User.WINNT" and give permissions to "Everyone". That should create a copy of your profile in the space where the default profile should be.
I was wondering if anything still remained on the hd after the reformat and reinstall.
I'm not so worried about the .exe files now. Today, I've done some research and one of the few programs I reinstalled - turbotax - loads c_dilla covertly. I'm hoping that were it came from and thats what the .exe files were from. I removed c_dilla, hidden process and all registry entries. (except for the LEGACY c_dilla entries - any guidance how to remove those would be appreciated.) Of course now turbotax may not work and I may have to put that junk back in until taxes are done).
Thanks for any insight and help.
Nothing should remain, you can check out your C:\Program Files dir, it should be pretty empty if it's a clean install. Over time it usually gains alot of programs in there.