1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Admin account lost admin privileges!

Discussion in 'Windows XP' started by sdcard_11, Aug 3, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. sdcard_11

    sdcard_11 Thread Starter

    Joined:
    Aug 3, 2007
    Messages:
    4
    I installed a few programs last night and I lost all my admin privileges.

    I'm using an account that has admin rights, and yet these happened:


    - run button in the start menu has disappeared.
    - turn off button has also disappeared; I can only log off
    - I cannot run the task manager when I press ctrl-alt-del
    - some sys tray applications stopped being started up with the windows (skype, msn messenger, icq, adobe lightroom, daemontools)
    - when I load Adobe Photoshop CS2, I get this message that says "You are not allowed to continue because your account does not have administrator privileges".
    - I'm sure there're more things waiting to be discovered.

    But the thing is, my account has admin status!

    I've run adaware to clear out all spyware already. I'm attaching a HijackThis log; can anyone help see what's wrong?

    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:35:46 PM, on 8/3/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\ctfmon.exe
    E:\Win95\Utilities\Microsoft Activesync\wcescomm.exe
    C:\Program Files\Skype\Phone\Skype.exe
    E:\Win95\Utilities\Launchy\Launchy.exe
    E:\Win95\UTILIT~1\MICROS~1\rapimgr.exe
    E:\Win95\Utilities\NOD32\nod32krn.exe
    E:\Win95\Internet Tools\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    E:\Win95\Internet Tools\eMule\emule.exe
    C:\WINDOWS\system32\mmc.exe
    E:\Win95\Utilities\NOD32\nod32kui.exe
    C:\WINDOWS\system32\mmc.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    E:\Win95\Utilities\HijackThis\HijackThis.exe
    
    R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Win95\Utilities\Adobe Acrobat 7\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O4 - HKLM\..\Run: [IMJPMIG8.1] -"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] -C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [NeroFilterCheck] -C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ICQ Lite] -"E:\Win95\Internet Tools\ICQLite\ICQLite.exe" -minimize
    O4 - HKLM\..\Run: [BigDog305] -C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
    O4 - HKLM\..\Run: [Phase One Media Reader] -E:\Win95\Graphics\CAPTUR~1\DCIMImp.exe /noscan /CheckAutoStart
    O4 - HKLM\..\Run: [CTHelper] -CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] -CTXFIHLP.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] -"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] -"E:\Win95\Graphics\Lightroom 1.1\apdproxy.exe"
    O4 - HKLM\..\Run: [nod32kui] -"E:\Win95\Utilities\NOD32\nod32kui.exe" /WAITSERVICE
    O4 - HKCU\..\Run: [MsnMsgr] -"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] -"C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Win95\Utilities\Microsoft Activesync\wcescomm.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Global Startup: Launchy.lnk = E:\Win95\Utilities\Launchy\Launchy.exe
    O8 - Extra context menu item: &ICQ Toolbar Search - res://E:\Win95\Internet Tools\ICQToolbar\toolbaru.dll/SEARCH.HTML
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Win95\UTILIT~1\MICROS~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Win95\UTILIT~1\MICROS~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Win95\UTILIT~1\MICROS~1\INetRepl.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - E:\Win95\Internet Tools\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - E:\Win95\Internet Tools\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Win95\Internet Tools\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Win95\Internet Tools\ICQLite\ICQLite.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136554115890
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O23 - Service: Adobe LM Service - Unknown owner - -"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - E:\Win95\Utilities\Bluesoleil\BTNtService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - -"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (file missing)
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - E:\Win95\Utilities\NOD32\nod32krn.exe
    
    --
    End of file - 5649 bytes
    
     
  2. devil_himself

    devil_himself

    Joined:
    Apr 7, 2007
    Messages:
    4,910
    Start >> Search >> gpedit.msc >>> Start it >>>|||

    Under user configuration >> Administrative Templates >>> Start Menu And Taskbar

    Look For

    1.Remove Run Menu from start menu >> Double Click on it >>> and disable it

    --------------------------

    "Turn Off Computer" option is missing from Start Menu?
    http://windowsxp.mvps.org/noclose.htm
     
  3. Bob Cerelli

    Bob Cerelli

    Joined:
    Nov 2, 2002
    Messages:
    22,468
    "I installed a few programs last night and I lost all my admin privileges." - Any details.

    Can you log on as administrator?
     
  4. sdcard_11

    sdcard_11 Thread Starter

    Joined:
    Aug 3, 2007
    Messages:
    4
    I'm already logged on as an administrator, but can't run photoshop. My permissions must be really messed up!
     
  5. ozrom1e

    ozrom1e

    Joined:
    May 15, 2006
    Messages:
    11,849
    Here is your HJT log file so it can be seen by the proper people, please psot in the open forum not as a quote


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:35:46 PM, on 8/3/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\ctfmon.exe
    E:\Win95\Utilities\Microsoft Activesync\wcescomm.exe
    C:\Program Files\Skype\Phone\Skype.exe
    E:\Win95\Utilities\Launchy\Launchy.exe
    E:\Win95\UTILIT~1\MICROS~1\rapimgr.exe
    E:\Win95\Utilities\NOD32\nod32krn.exe
    E:\Win95\Internet Tools\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    E:\Win95\Internet Tools\eMule\emule.exe
    C:\WINDOWS\system32\mmc.exe
    E:\Win95\Utilities\NOD32\nod32kui.exe
    C:\WINDOWS\system32\mmc.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    E:\Win95\Utilities\HijackThis\HijackThis.exe

    R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Win95\Utilities\Adobe Acrobat 7\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O4 - HKLM\..\Run: [IMJPMIG8.1] -"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] -C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [NeroFilterCheck] -C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ICQ Lite] -"E:\Win95\Internet Tools\ICQLite\ICQLite.exe" -minimize
    O4 - HKLM\..\Run: [BigDog305] -C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
    O4 - HKLM\..\Run: [Phase One Media Reader] -E:\Win95\Graphics\CAPTUR~1\DCIMImp.exe /noscan /CheckAutoStart
    O4 - HKLM\..\Run: [CTHelper] -CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] -CTXFIHLP.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] -"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] -"E:\Win95\Graphics\Lightroom 1.1\apdproxy.exe"
    O4 - HKLM\..\Run: [nod32kui] -"E:\Win95\Utilities\NOD32\nod32kui.exe" /WAITSERVICE
    O4 - HKCU\..\Run: [MsnMsgr] -"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] -"C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Win95\Utilities\Microsoft Activesync\wcescomm.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Global Startup: Launchy.lnk = E:\Win95\Utilities\Launchy\Launchy.exe
    O8 - Extra context menu item: &ICQ Toolbar Search - res://E:\Win95\Internet Tools\ICQToolbar\toolbaru.dll/SEARCH.HTML
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Win95\UTILIT~1\MICROS~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Win95\UTILIT~1\MICROS~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Win95\UTILIT~1\MICROS~1\INetRepl.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - E:\Win95\Internet Tools\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - E:\Win95\Internet Tools\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Win95\Internet Tools\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Win95\Internet Tools\ICQLite\ICQLite.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136554115890
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O23 - Service: Adobe LM Service - Unknown owner - -"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - E:\Win95\Utilities\Bluesoleil\BTNtService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - -"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (file missing)
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Win95\Utilities\NOD32\nod32krn.exe

    --
    End of file - 5649 bytes
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/604559

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice