dexterdoo Posted May 10, 2010 Share Posted May 10, 2010 When I enter the Configuration Utility via msconfig and make a change I get an “Access Denied”error saying I need to log on as an Administrator - when I AM logged in as Administrator ! I’ve been reading for hours and it’s driving me nuts. Probably because I don’t understand how this all works (permissions, etc.)I tried logging in as “Administrator” with a blank password but still get the “access denied” message. I live a stone’s throw from the Golden Gate Bridge so if someone can’t help me with this, I’m going over the rail ! LOL Link to comment Share on other sites More sharing options...
Tripredacus Posted May 10, 2010 Share Posted May 10, 2010 Ok just want to make sure you are running Windows XP. Also is it Home or Pro, or are you on a Domain or is this computer part of a domain but logged in locally? Are you having problems opening any other programs, such as Task Manager or MMC.EXE? Some viruses will do behaviour like this.Also if you are just trying to get at the startup list, you can also get there with CCleaner. That being said, I'm not advocating that CCleaner is a workaround if there is a problem with your system, but if you are troubleshooting an issue, this may be a quick fix and then work on fixing the MSCONFIG problem after. Link to comment Share on other sites More sharing options...
dexterdoo Posted May 10, 2010 Author Share Posted May 10, 2010 I'm using XP Pro and I'm logged in locally. I can open Task Manager and anything else. Seems like even though it says I'm an Administrator,I'm still denied access, especially if a registry change is involved, like when I tried to install MS Office. There are a couple of users designated as administrator but none of them can gain access. Will the "real" Administrator please stand up?!!!" LOL I ran MalwareBytes and it found 19 infections and and removed them all. The computer has McAfee Security Center on it so I run a scan in Safe Mode now. Link to comment Share on other sites More sharing options...
allen2 Posted May 10, 2010 Share Posted May 10, 2010 What are you trying to do in msconfig (perhaps editing a read-only file )? Link to comment Share on other sites More sharing options...
dexterdoo Posted May 11, 2010 Author Share Posted May 11, 2010 (edited) Actually,I was going into boot.ini to set it for Safe Mode since I was already in Windows. But I'm denied any changes. There must be a hidden Administrator or something. I can't believe I'm going to have to reinstall all of the software because of this ...... Edited May 11, 2010 by dexterdoo Link to comment Share on other sites More sharing options...
MrJinje Posted May 11, 2010 Share Posted May 11, 2010 net user administratorCan you run this command for me and tell me what comes up in the 'local group membership' line. It wouldn't be too hard for a virus to change your group membership. Being Administrator isn't much use if you are not in the 'Administrators' local group. Ideally, this is what you want to see near the end of the command.Local Group Memberships *AdministratorsI ran MalwareBytes and it found 19 infections and and removed them all. The computer has McAfee Security Center on it so I run a scan in Safe Mode now.You know the saying, where there is smoke .....Any chance you can take the HDD offline and run your scan from a different computer or winPE. This way any rootkits are not loaded into memory and hiding from your scanners. Link to comment Share on other sites More sharing options...
allen2 Posted May 11, 2010 Share Posted May 11, 2010 (edited) I have the same behaviour when modifying the boot.ini but the changes will be done after the error message.By the way it might be faster to edit it with notepad after removing R, S and H attributes from command line:attrib -r -s -h %systemdrive%\boot.iniThen editing with notepad:notepad %systemdrive%\boot.inithe safemode swith must be added like this: /safeboot:minimalAnd in the end adding back R H S attributes.attrib +r +s +h %systemdrive%\boot.ini Edited May 11, 2010 by allen2 Link to comment Share on other sites More sharing options...
Tripredacus Posted May 11, 2010 Share Posted May 11, 2010 OK so you have noted there are "multiple" administrators. There is likely a security policy affecting you, what does GPRESULT say? Link to comment Share on other sites More sharing options...
dexterdoo Posted May 11, 2010 Author Share Posted May 11, 2010 Mr.Jinje, I ran "net user administrator" and did get Local Group Memberships *AdministratorsI can't run the HDD offline right now. Tripredacus, GPRESULT said a whole lot ! What should I be looking for ? Link to comment Share on other sites More sharing options...
Tripredacus Posted May 12, 2010 Share Posted May 12, 2010 For both COMPUTER SETTINGS and USER SETTINGS, The values of "Group Policy was applied from" and anything under the "Applied Group Policy Objects" section. It may either have content (including a domain which you can edit the name of if you wish) or it may say N/A.If you do not see this, use GPRESULT /R.For example, I am using a computer that is a domain member, but I am logged on as the local administrator. Under COMPUTER SETTINGS, the Group Policy Was Applied From shows the domain controller. My Applied Group Policy Objects are:Default Domain PolicyDST Registry Update and RefreshWSUSHowever, under USER SETTINGS, I have N/A for both of those. Even so, since I am using a computer that is joined to a domain (even if not using it) the Computer Settings GPOs still are in effect. Link to comment Share on other sites More sharing options...
cluberti Posted May 12, 2010 Share Posted May 12, 2010 gpresult /z might be a better option, as it's ultra verbose compared to the others. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now