Go Back   Computer Forums > General Computing > Hardware
Click Here to Login
Join Computer forums Today

Thread Tools Search this Thread Display Modes
Old 09-25-2007, 10:02 PM   #1
Daemon Poster
Captain Pooka's Avatar
Join Date: Oct 2006
Posts: 1,108
Default Administrator access

I don't have administrator privilages on my computer for some reason. I'm thinking a virus or something but I've done so many scans, and I find a different one every time. When I start ZoneAlarm I get that Error virus message thingy that says "Your computer will restart in 60 seconds" So I have no idea what to do.

On the log in screen all there is is my account. But when I go to safe mode there is mine as well as an Admintrator account. When I try to run services.msc or the task manager and other things it says "NO!" well.. not really, it says this action has been disabled my your administrator or something along those lines.

Please help! ?




Well, this Microsoft C++ Runtime thing comes up and says "Buffer Overrun" and it says it has to end explorer.exe. Then it ends and just comes back up.

Captain Pooka is offline   Reply With Quote
Old 09-26-2007, 12:20 AM   #2
Daemon Poster
Captain Pooka's Avatar
Join Date: Oct 2006
Posts: 1,108
Default Re: Administrator access

I did root kit scans and virus scans.. blah blahb lah

I finally got spybot sd and it found
Microsoft.Windows.AppFirewallBypass (3 of em)
Microsoft.Windows.Explorer (2 of them)
Microsoft.WindowsSecurityCenter.AntiVirusOverride (1 or them)
Microsoft.WindowsSecurityCenter.TaskManager (1 or them)
NewDotNet (1 of them)
Virtumonde (9 of them)

Virtumonde is the thing that keeps opening Advertisments in IE everytime I open a new page.

Smitfraud-C. (1)
Zlob.SiteEntry (3) \
Zlob.DNSChanger (1) / http://forums.spybot.info/showthread.php?t=15015


Eh, alot more...

Captain Pooka is offline   Reply With Quote
Old 09-26-2007, 01:00 AM   #3
Daemon Poster
Captain Pooka's Avatar
Join Date: Oct 2006
Posts: 1,108
Default Re: Administrator access

Administration Virus

Could not run any processes. Services.msc, taskmanager, regedit…
No RUN or TurnOff Command on start menu.
Advertisements, Adware. When I open new browsers
Computer restart if I had cable unplugged then plugged it back in when Windows started. It would only not restart when I had the cable in before I turned on computer.
When I logged off (only choice) to turn off, it said “Closing Network Connections” (or somewhere along those lines.) So I new there was a Trojan :P

Ran AVG Pro – many viruses – Problem not fixed
CHKDSK – That didn’t do anything…
Ran AVG Rootkit scan – no root kits – problem not fixed
Ran AVG Pro in safe mode – found viruses – problem not fixed
Ran Spybot – FOUND ||
---Zlob (various types) Trojan – Networking and Administrative problem Found, ------------------Repaired, Solved.
---Virtumonde – Adware – Avertisement pop up. Problem found, repaired, Solved.

Spybot also found
 Microsoft.Windows. AppFireWallBypass
 Microsoft.Windows.Explorer
 Microsoft.WindowsSecurity.AntiVirusOverride
 Microsoft.WindowsSecurity.TaskManager
These all aided in the Zlob process. Taking away my administrative powers and overriding my walls/anti-viruses. No matter if it was ZoneAlarm, Windows Firewall, or Black Ice defend and others.. it will get past any of them 

Then I ran SpyHunter for extra security (made for virtumonde and such) and nothing was found.

Everything Is back to normal.

Only cause of this I can think of Is me downloading a torrent *caugh* I got rid of avg free to redownload it ( lol! ) FREE version of course!

Just restarted my computer and SpyBot is doing a system check or something. From what I see everything is back to normal.

I will try ZoneAlarm after the check (in the morning probably) and see if the “60 second till shutdown” this is still there. It shouldn’t be. I guess this was one of the strategies of the FireWallBypass. If it is Still like that I have plan B. FixWareOut is supposed to fix all of this.

This was over 3 or 4 days.. I did alot more.. but these are the big things.

Also, my mouse has been acting up for months.. it seems to be working for now!! We will see if something fixed it tomorrow!
Captain Pooka is offline   Reply With Quote
Old 09-26-2007, 01:06 AM   #4
Wizard of Wires
setishock's Avatar
Join Date: Feb 2005
Location: Not sure
Posts: 10,030
Default Re: Administrator access

Well to state the onvious, you got clobbered big time. Ok let's just pick a starting point and run with that. Here's Stinger> http://vil.nai.com/vil/stinger/
Handy dandy tool for rooting out the nasties. Oh yeah turn off system restore. They hide out in there.
Smitfraud-C removal tool> http://www.smitfraud-removal.com.rem...Smitfraud.html
As for zlob let's kill two birds with one stone> http://www.zlob-removal.com.removal-...emovezlob.html

Remember to disable the restore points and good hunting.

Ok so by the time I got all that typed up you got it fixed. I'd still run those tools just to be safe.
setishock is offline   Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT -5. The time now is 05:58 PM.

Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0