|
|
#1
15th Dec 2007, 10:33
|
|||
|
|||
|
A little while ago I had thought to cleared up my computer of malware infection but now whenever I attempt to ascess Add/Remove Programs or any system tool such as that I get the:
"This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator." I can't find any way of fixing it so any help would be great. |
|
#3
16th Dec 2007, 04:28
|
|||
|
|||
|
Accomplished the steps I was able to access, here are the logs.
|
|
#4
16th Dec 2007, 09:33
|
|||
|
|||
|
Please download Combofix by sUBs from either here or here
Save Combofix.exe to your your Desktop.
Important: Do not mouseclick combofix's window while it's running. That may cause your computer to stall Also add a new HijackThis log.
__________________
 |
|
#5
16th Dec 2007, 10:18
|
|||
|
|||
|
First off, I'd like to say thank you for your quick reply. Here are the logs you requested.
|
|
#6
16th Dec 2007, 10:20
|
|||
|
|||
|
Quick Update: After that last scan I'm able to access Add/Remove Programs so thanks thus far. Is there is any more I need to do please tell me so.
|
|
#7
16th Dec 2007, 10:41
|
|||
|
|||
|
.
We are getting close, just a few more steps. ---------- Please download ATF Cleaner by Atribune. ATF Cleaner.exe Make sure that all browser windows are closed. * Double-click ATF-Cleaner.exe to run the program. * Under Main choose: Select All and UNCHECK Cookies. * Click the Empty Selected button. If you use Firefox browser * Click Firefox at the top and choose: Select All and UNCHECK Cookies. * Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser * Click Opera at the top and choose: Select All and UNCHECK Cookies. * Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Main ATF Cleaner menu to close the program. ---------- Open HijackThis and select Do a system scan only then place a check mark next to: O15 - Trusted Zone: http://toolbar.imageshack.us O16 - DPF: {120B31DB-A7C4-489D-FF16-196E7D5C502D} - http://85.255.115.229/1/gdnUS1440.exe O16 - DPF: {2255791B-451B-4311-718F-46EC2EE04788} - http://85.255.115.229/1/gdnUS1440.exe O16 - DPF: {33F5BD61-72F5-2038-0B37-785A41CB1194} - http://85.255.115.229/1/gdnUS1440.exe O16 - DPF: {377B5C82-5630-7394-C4DD-3FA72508E877} - http://85.255.115.229/1/gdnUS250.exe O16 - DPF: {4EFD7F4E-2D07-7614-0E46-0CA234EDA0EB} - http://85.255.115.229/1/gdnUS1440.exe O16 - DPF: {533F0C05-59A2-1D4E-7174-20A21D88FD90} - http://85.255.115.229/1/gdnUS1440.exe O16 - DPF: {63EAEABA-6B85-5160-0A37-0E5360A91684} - http://85.255.115.229/1/gdnUS250.exe O16 - DPF: {7648CC76-6EA2-263B-F19B-1ED6133677F1} - http://85.255.115.229/1/gdnUS1440.exe O16 - DPF: {7CF072CA-B4C5-4012-F902-6D60520BEB9B} - http://85.255.115.229/1/gdnUS250.exe Next close ALL windows except for HijackThis and click Fix checked ---------- Your Java is out of date. Old versions are vulnerable to malware. Go to www.java.com and download the newest version. Then go to add/remove programs and uninstall all old versions of Java. The only version that should be in add/remove programs is Java 6 Update 3 ----------- Go to Start > Run and copy and paste next command in the field: ComboFix /u  Make sure there's a space between Combofix and / Then hit Enter. This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again ---------- Look through this post Keeping yourself safe on the web for tips and free tools. Let us know if anything else comes up.
__________________
|
|
#8
16th Dec 2007, 11:00
|
|||
|
|||
|
Thank you for all your quick help in resolving this issue. It has helped greatly.
|
|
#9
16th Dec 2007, 11:03
|
|||
|
|||
|
No problem.
Safe surfing............ 
__________________
|
