Administrative Rights Have Been Disabled by Malware

Discussion in 'Software' started by Lloyd1337, May 16, 2006.

  1. Lloyd1337

    Lloyd1337 Private E-2

    I was recently infected by some malware. I believe it was BraveSentry, among other various infections. I resolved the issue by following the instructions in the Read and Run Me First thread of the Malware removal section of the forums. However, one of the effects of the infection still remains.

    It seems that my account no longer has any administrator priveleges. For example, if I try to open the task manager, it says that it has been disabled by my administrator. I also get similar error messages when trying to install programs and stuff like that. I am the only user on the computer, and only my account appears under the users menu in the control panel.

    I would like to know how to return my administrative rights back to normal.

    I am currently using Windows XP Professional SP2.
     
  2. theefool

    theefool Geekified

    Are you sure you are malware free? I'd recommend posting in the Malware removal section just to be sure you are clear.

    After reading this of course: http://forums.majorgeeks.com/showthread.php?t=38752

    A good way to check if you are indeed an administrator (the way I do it at least).

    Click START, then RUN, then type in: cmd (press enter)
    net user %username% (press enter)

    If you have something like the following, then you should be an administrator (near the end):

    Local Group Memberships *Administrators
     
  3. COMPUABLE

    COMPUABLE First Sergeant

    >> It seems that my account no longer has any administrator privileges. I am the only user on the computer, and only my account appears under the users menu in the control panel. Lloyd1337 <<

    Try the suggestions at the following links:
    Lost my Administrator Status
    Help, I have lost my administrator rights!

    You could also try using the Windows System File Checker utility:
    (1) Go to the Run box on the Start Menu and type in: sfc /scannow
    (2) Click OK. Note: You may be asked to insert XP CD so keep it handy.

    This command will immediately initiate the Windows System File Checker service to scan all protected files and verify their integrity, replacing any files with which it finds a problem.

    While it is plausible - even likely - that some kind of recent spyware, malware or other infestation provoked this [malware invoking/altering administrator privileges without a user's knowledge]; you should keep in mind that it is also quite possible that someone else besides yourself may have gained access to your system either with or w/o your knowledge and may have either accidentally [or even purposely] caused this problem.

    Related Notes: Those who use certain kinds of programs; particularly so-called ‘file-sharing’ types, although not originally intended to compromise computers, can expose the computers which they are installed on to a wide variety of malicious attacks – especially Trojan Horses – from hackers; especially when shared programs are download and then installed by users. Trojans are generally bundled with another software programs and are distributed as email attachments as well. While the effects of Trojans are often harmless or just annoying; there are some vicious Trojans, which are called RATs (which means: Remote Administration Tools) that can permit an attacker to gain unrestricted access of your computer remotely whenever you are online...

    Additionally, Trojans are not always caught by even updated Antivirus/Anti-Malware programs. Therefore since you stated that were recently infected with "BraveSentry, among other various infections" I would strongly suggest that go to the BitDefender Online Scanner which checks for malware, viruses, trojans and worms. It thoroughly scans your system's memory, all files, folders and drives' boot sectors, providing you with the option to automatically clean any infected files. With larger or multiple drives; this online scan can take an hour or so, but I believe it is well worth the effort.

    Good Luck!
     
  4. Matacumbie

    Matacumbie Rocky Top

    See if this gets your Rights back. You might want to set a restore point or backup the registry first.

    Start > Run > then type Regedit Look for the entry below and see if it is set to 1. If so, change it to 0.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

    Value Name: DisableRegistryTools
    Data Type: REG_DWORD (DWORD Value)
    Value Data: (0 = allow regedit, 1 = disable regedit)

    Steve
     
  5. Lloyd1337

    Lloyd1337 Private E-2

    I did not find that key in the registry. Should I create it?

    Also, it would appear that BitDefender requires administrative rights in order to run it. I can't enable ActiveX without administrative rights, either.
     
  6. Matacumbie

    Matacumbie Rocky Top

    Don't try that yet. Not sure enough.

    Wait for the Spyware results.

    Steve
     
  7. Lloyd1337

    Lloyd1337 Private E-2

    Neither of those keys were found.
     
  8. Matacumbie

    Matacumbie Rocky Top

    I tried to edit my last post,but do not create it.

    Steve
     
  9. Matacumbie

    Matacumbie Rocky Top

    OK, good. It is not what I thought. :confused:

    Just wait and see what Chaslang finds.

    Steve
     
  10. theefool

    theefool Geekified

    [Deleted], on the count that after I posted, didn't realize that Chaslang was working. :) 1 min time frame. :)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds