Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Administrator Login


  • This topic is locked This topic is locked
2 replies to this topic

#1 zippyzoe

zippyzoe

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 27 January 2010 - 04:29 PM

I bought a new Sony Vaio in December. I need to login in as an administrator to run a Sony patch. I would think its <blank> return but that doesn't work. It says that I am "locked out". Any suggestions are appreciated. Note- I do know the rule about password help requests but this is a computer right out of the box.

Here is my Hijack This Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:51:00 PM, on 1/27/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Safe mode with network support

Running processes:
C:WindowsExplorer.EXE
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:Program FilesAVGAVG9ToolbarIEToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:Program FilesAVGAVG9ToolbarIEToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:Program FilesAVGAVG9ToolbarIEToolbar.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [IgfxTray] C:Windowssystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:Windowssystem32hkcmd.exe
O4 - HKLM..Run: [Persistence] C:Windowssystem32igfxpers.exe
O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [ISBMgr.exe] "C:Program FilesSonyISB UtilityISBMgr.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6binjusched.exe"
O4 - HKLM..Run: [VAIOMyMemCenter] "C:Program FilesSonyVAIO My Memory CenterVAIO MyMemCenter.exe" 1
O4 - HKLM..Run: [VWLASU] "C:Program FilesSonyVAIO Wireless WizardAutoLaunchWLASU.exe"
O4 - HKLM..Run: [SmartWiHelper] "C:Program FilesSony CorporationSmartWi Connection UtilitySmartWiHelper.exe" /WindowsStartup
O4 - HKLM..Run: [VAIO Help and Support Demo] "C:Program FilesSonyVAIO Help and Support DemoLaunchVHSD.exe"
O4 - HKLM..Run: [VAIORegistration] "C:Program FilesSonyFirst ExperienceWelcomeLauncher.exe"
O4 - HKLM..Run: [VAIOSurvey] C:Program FilesSonyVAIO SurveyVista VAIO Survey.exe
O4 - HKLM..Run: [Skytel] Skytel.exe
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"
O4 - HKLM..Run: [Adobe ARM] "C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe"
O4 - HKLM..Run: [AVG9_TRAY] C:PROGRA~1AVGAVG9avgtray.exe
O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 - HKCU..Run: [uTorrent] "C:Program FilesuTorrentuTorrent.exe"
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run: [asg984jgkfmgasi8ug98jgkfgfb] C:WindowsTEMPsvchost.exe (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [asg984jgkfmgasi8ug98jgkfgfb] C:WindowsTEMPsvchost.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: QuickBooks Update Agent.lnk = C:Program FilesCommon FilesIntuitQuickBooksQBUpdateqbupdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/...s/wlscctrl2.cab
O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:Program FilesIntuitQuickBooks 2008HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O20 - AppInit_DLLs: C:Windowssystem32kbdsock.dll,takahuki.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:Program FilesAVGAVG9avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:Program FilesAVGAVG9avgwdsvc.exe
O23 - Service: IviRegMgr - InterVideo - c:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibMSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibPACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:Windowssystem32PSIService.exe
O23 - Service: QBCFMonitorService - Intuit - C:Program FilesCommon FilesIntuitQuickBooksQBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:Program FilesCommon FilesIntuitQuickBooksFCSIntuit.QuickBooks.FCS.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:Program FilesSonyVAIO Media plusSOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:Program FilesSonyVAIO Media plusSOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:Program FilesSonyVAIO Media plusSOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibSPTISRV.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:Program FilesArcSoftMagic-i Visual EffectsuCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCsVzHardwareResourceManagerVzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:Program FilesSonyVAIO Event ServiceVESMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:Program FilesSonyVCM Intelligent Analyzing ManagerVcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:Program FilesCommon FilesSony SharedVcmXmlVcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe
O23 - Service: VUAgent - Sony Corporation - C:Program FilesSonyVAIO Update 5VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCdbVzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe

--
End of file - 8835 bytes

Sorry I wasn't able to discuss my problem. My computer has been overrun with spyware to the point that IE won't even work. Mozzilla Firefox is so slow. I can only login under safe mode. My initial post about the admin password was earlier this afternoon. I had desired to use a saved restore point back to the point when I had bought the computer - mid December. To restore it was asking for an admin password. Since its a new computer I assumed it was just <enter> but that didn't work.

Anyway, now the computer has been saturated with spyware and I can only run Firefox in Safe mode and it will eventually lock up. Any assistance is much appreciated.

Sony Vaio
Windows Vista

Thanks,

Zz


While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large, as are other comparable sites that help others with malware issues. Athough our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.

Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, you wouldn't want someone to assist you who is not familiar with your issue and attempt to fix it, would you?

Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.

Thank you for understanding.

Edited by garmanma, 27 January 2010 - 10:37 PM.


BC AdBot (Login to Remove)

 


#2 zippyzoe

zippyzoe
  • Topic Starter

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 28 January 2010 - 05:25 PM

Thank you for your assistant. Finally was able to restore the system without and admin password. Went all the way back to the time when I purchased the computer. Probably got something from a "malicious" torrent or something. No more torrent downloading for me. Please close this topic.

Thanks.

Zz

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,198 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:49 AM

Posted 03 February 2010 - 11:20 AM

Topic closed upon users request.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users