Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help!! Admin rights gone!


  • Please log in to reply
5 replies to this topic

#1 dpacmittal

dpacmittal

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 02 June 2009 - 03:07 AM

Now this is really weird.

It was fine until yesterday evening when I found unable to access my encrypted files. My heart almost stopped beating. I have lots of precious data and now its all locked with a stupid key. I don't have backup of that certificate/public key.

Then, I viewed event viewer and founf event ID 7 which means bad block on hard drive. I tried running chkdsk from cmd but it won't run as processes were using the C drive. I scheduled it for next reboot. But it didn't run on reboot. I tried all the methods, including registry editing, SFC /scannow, safe mode methods. Nothing work.

I downloaded a disk checking utility from hitachi, which needs to be written on disk.
I started Nero, but it said that I didn't have admin rights. Amazing, isn't it. No one else uses my computer. I enabled default admin account and Nero gives same error.

I installed elcomsoft EFS recovery to recover encrypted files but it also says that I need admin rights.

So I tried every thing on net to gain admin rights again. I've tried everything.

I've downloaded half a dozen spyware scanners. Scanned with them all. Repaired everything. Tried everything. Nothing works.


Apparently, it makes me conclude that the sector which stored sam files or which contained some system files (which proved i am admin and gave me access to encrypted files) has gone bad.


I require some help here. Anyone??


Yeah one more thing, I've tried around 3-4 cds to get into recovery console, to run chkdsk from there but none of the cds contain recovery console. Some light on this would help too.

BC AdBot (Login to Remove)

 


#2 dpacmittal

dpacmittal
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 02 June 2009 - 11:54 AM

Please help. I really need it.

#3 Derek Ellis

Derek Ellis

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut, USA
  • Local time:08:54 PM

Posted 02 June 2009 - 01:54 PM

Can you log in to Administrator in Safe Mode?

To get to safe mode, reboot, and after the Logo Screen (Dell Hp etc) but before the Windows Screen, press F8. You will then be given a long list of choices, i always choose "Safe mode with Networking".

Let us know how that goes.

#4 Derek Ellis

Derek Ellis

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut, USA
  • Local time:08:54 PM

Posted 02 June 2009 - 01:57 PM

after re-reading what you posted, it seesm like you already tried safe mode.

First off what OS you running? If Windows Xp, read this

http://articles.techrepublic.com.com/5100-...11-6112906.html


taken from the link:

You can make it more difficult for unauthorized persons to get into your system by renaming the Administrator account. Follow these steps for a Windows XP Pro machine:

1.Go to Control Panel and open Administrative Tools. Double-click the Local Security Policy.
2.When the Local Security Settings snap-in appears, open the Local Policies\Security Options branch and double-click the Accounts: Rename Administrator Account policy.
3.When the Accounts: Rename Administrator Account Properties dialog box appears, type a new name in the text box, and click OK.
Follow these steps to rename the Administrator account in Windows XP Home:

1.Press [Windows]R to access the Run dialog box.
2.In the Open text box, type Control userpasswords2 and click OK to access the User Accounts dialog box.
3.Select the Administrator Account from the list and click the Properties button.
4.In the User Name text box, type a new name, and click OK.
Note: This tip applies to both Windows XP Home and Professional editions

Edited by Derek Ellis, 02 June 2009 - 01:59 PM.


#5 hamluis

hamluis

    Moderator


  • Moderator
  • 55,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:54 PM

Posted 02 June 2009 - 03:34 PM

Run a diagnostic (manufacturer's website) on the hard drive.

Hard Drive Installation and Diagnostic Tools - http://www.bleepingcomputer.com/forums/t/28744/hard-drive-installation-and-diagnostic-tools/

Louis

#6 dpacmittal

dpacmittal
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 04 June 2009 - 12:06 PM

Thanks for all your replies.

Apparently, a virus had made some changes to the SAM files.

I restored the backup using recovery console and got my admin rights back.


Recovering my encrypted files using elcomsoft efs recovery right now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users