Administrator Rights Virus/Malware Attack

Hello,

My friend has a laptop and I believe he has some sort of virus that has removed his administrator rights. I have come to these forums in the past, and my desktop computer is completely clean, and I have never had any issues with malware since coming to these forums, following the steps provided, and learning how to keep my self safe. I would like to think I'm a little more advanced than most people when it comes to malware, but my friends computer has stumped me. I've been fooling with it for hours and I have had no luck. Any of the programs like SUPERAntiSpyware, and Malwarebytes, that I have attempted to install, give me an error message because his computer had no admin rights at all. It's completely locked up. I would be posting logs but no .exe files at all will run, and I don't even have access to his C drive. The computer is riddled with errors and I would like nothing more than to just whipe the drive and start over, but apparently his windows 7 disk no longer works... The biggest thing I need help with is somehow regaining admin rights. I have used Avira Rescue Boot CD and done a scan with that, and it said that it deleted 3 threats, but he still doesn't have admin rights! If there is something I can do to completely reset the admin rights I could fix the computer. I have tried going into the settings for accounts and anything I click on won't even load up. Any help you guys can offer would be GREATLY appreciated! Thanks in advance!

 

Please give us EXACT word for word error messages.

When I attempt to run Malwarebytes Setup I get the following error message:

ShellExecuteEx failed; code 1203.
The network path was either typed incorrectly, does not exist, or the network provider is not currently available. Please try retyping the path or contact your network administrator.

When I attempt to run ComboFix.exe or SUPERAntiSpyware setup it says:

Windows cannot access C:\Josh\Downloads\ComboFix.exe

It also will not allow me to move any files from downloads to his desktop with the following message:

Location is not available

C:\ is not accessible.

Access is denied.

The computer is riddled with errors

What exactly does this mean?

Every attempt at running an EXE. results in an error, and at startup it gets an error message saying "Error 0000". I was kind of just saying that it has a lot of errors that may or may not be as a result of the possible/probable infection, and a whipe might be the best route.


I would like nothing more than to just whipe the drive and start over, but apparently his windows 7 disk no longer works...

Do you mean the DVD is no good or do you mean his DVD drive is not working? Have you tries the DVDs in another PC just to see if they are okay?

Most PCs come with a factory recovery partition installed these days and you may be able to just reimage the PC to that.

His disk is apparently damaged and will not work, his DVD drive is okay. I have a copy of windows 7 that came with my new Cyberpower computer recently. Would it be possible to use that to install but use his CD key if he still has it? If not, his computer is new, and I would definitely like to know about a factory recovery partition. When I attempted a system restore it would not allow me with the following error message:

There was an unexpected error: Access is denied. (0x80070005) System Restore will now close.

When I attempt System Image Recovery it says "Windows cannot find a system image on this computer."


If you truly cannot run anything at all then no there is nothing you can do because you cannot run anything. Thus you need to be sure that nothing at all runs.

He gets internet connection, and the internet browsers will startup, but anything requiring administrator rights will not run. I can't install anything, I can't access anything on the C drive, and his Avast! Virus Protection (Which I don't have much faith in -- I use Avira) says he has no viruses, but ALSO says "Some files were unable to be scanned."

Are there other user accounts on the PC that can be used?

No he only has one account unfortunately, and I can't create any as that was the first thing I tried after I was unable to get any anti-malware programs to work.

Can you boot in safe mode and run anything?

It will boot into safe mode, but I get the exact same errors, and exact same restrictions mentioned above.



Thankyou so much for helping me out chaslang! You've helped me once in the past and I really appreciate all that you do for those of us on this forum!