Location:
State:
Carrier
Country
Status

continued


Hello,

I have an issue where someone has gained server access / control over my system. I am unable to regain control or even clean install my operating system from OEM windows 10 CD. Currently, when i attempt to re-install what I end up with is a Windows Deployment Service installation. Is there a way to force the installation from CD?

Thanks,

Robert

I would normally do a clean install by booting from the DVD. (Preferably, I'd copy the DVD to a bootable USB drive. Installs much more quickly from that.)

Can you boot from the DVD?

How was it that "someone has gained server access / control over my system"? Something seems more than a little odd here.

bobkn,

Yes, I can "boot" from a dvd. Unfortunately, at some point after the installation begins, it switches to WDS installation. When the installation is done, I end up with a client computer on a domain. The registry shows that the system is cloned and that the installation was done via answer file. In the "boot" directory on the first partition (500mb) there is a 97,120 Bootvhd.dll file and in the ecoverylogs there is a "reload.xml". Anyway, there is plenty of evidence that the installation is not right off the DVD.

Regarding the how and why... I am 90% certain that my wife is behind the problem. She has access to my PC while I am at work, has a problem with snooping / spying, and frequently knows things that she couldnt know unless she was on my pc.

Anyway, Is there any way that you know of to force an installation from dvd?

Robert

Have you unplugged any internet connections such as ethernet or wifi?

If you are booting from dvd ensure it is first boot option (not PXE), ensure it is the correct dvd (i.e. original Microsoft install media, not edited in any way).

Disconnect from internet (unplug the cable) and delete all partitions as part of your clean install.

It will not have much choice but to install Windows correctly in this case.

I don't get it.

I expect that if you boot from the DVD, you would be able to erase the partitions on the HD and do a clean install of 10 without whatever is on the disk having any effect.

My deepest sympathies on your marriage.

Oh how I wish this was as simple as unplugging from the Internet! I have tried that in combination with booting from DVD, USB, external HD, and floppy disk. I have installed XP, Win 7 32 bit, Win 7 64 bit, Win 10 Home, & DOS 7.1. I have tried Linux live CD's and every boot loader & disk wipe utility commercially available. All to no avail. I have purchased new hard drives & motherboards as well.

There are quite a few give aways once you start looking around. There are numerous services that I can not stop or remove;

Power
Task manager
Background task infrastructure
Group Policy
DHCP Client
DNS Client
RPC

Just to name a few. Even when I am using the hidden Administrator account I dont have access to these services and many other files and settings. In addition to the services and files, once I have an installation up and running it begins installing package after package of additional material. .Net Framework, IIS, windows mail client, fax and scan, bluetooth connectivity, wireless connectivity, hyper-v and other virtualization software just to name a few. Along with that there are other issues like hiberfil.sys and pagefile.sys and "System Volume Information" which are huge and can not be accessed or modified even when I am using another operating system. The BCD can only be partially edited; certain settings like "resumefromhibernation" pop back up immediately after being deleted. I am pretty sure that my BCD-Template is not standard, considering all of the custom settings that are included wthin it. One final note, the memtest.exe program that is in the ootcd directory on the system partition has some rather incriminating code contained within it and performs more than memory testing.

Anyway, I could use some advanced assistance from anyone with experience in network administration, Windows Deployment Services, and or WindowsPE,

Thanks Guys!

continued