Computer Geeks
Thread Starter
Senior Member
Joined: May 2002
Posts: 566
Likes: 0
Posted this on HP too.....
I have spent about half an hour trying to recover a PC that got hit by a virus. I wanted to share what I did since I cannot find a single write-up on it anywhere.
Basically what happened was certain programs on the computer wouldn't run anymore. Msconfig, Zonealarm, Nortons email protection, ect. I would get "this operation has been cancelled due to restrictions in effect on this computer, pleaser contact your system administrator" error. BS, I am the administrator. Nortons found a virus when I scanned called Hacktool, but when I looked in to that I came to dead ends. It deleted the virus, but I still could not run certain programs. I looked on the Internet and found a bunch of similar symptoms with possible cures, but nothing worked. I found a key in the registry under HKEY_Current_Usersoftwaremicrosoftwindowscurrent versionrun called disallowrun. Delete that key, uninstall/reinstall virus scanner and all is back to normal. If anyone knows more about this, please share as it is new to me.
I have spent about half an hour trying to recover a PC that got hit by a virus. I wanted to share what I did since I cannot find a single write-up on it anywhere.
Basically what happened was certain programs on the computer wouldn't run anymore. Msconfig, Zonealarm, Nortons email protection, ect. I would get "this operation has been cancelled due to restrictions in effect on this computer, pleaser contact your system administrator" error. BS, I am the administrator. Nortons found a virus when I scanned called Hacktool, but when I looked in to that I came to dead ends. It deleted the virus, but I still could not run certain programs. I looked on the Internet and found a bunch of similar symptoms with possible cures, but nothing worked. I found a key in the registry under HKEY_Current_Usersoftwaremicrosoftwindowscurrent versionrun called disallowrun. Delete that key, uninstall/reinstall virus scanner and all is back to normal. If anyone knows more about this, please share as it is new to me.
Senior Member
Joined: Mar 2002
Posts: 34,642
Likes: 0
From: Los Lunas, New Mexico, USA.
Vehicle: 2001 Hyundai Tiburon, 2004 Kia Sorento, 2010 Kia Soul
Well, did you try the program I told everyone about in the Downloads section?
Go check it out, it's called Spybot - Search And Destroy
I had a similar problem and even though it had to rerun at reboot to get rid of the active files, all my problems are gone.
Give it a whirl.
Go check it out, it's called Spybot - Search And Destroy
I had a similar problem and even though it had to rerun at reboot to get rid of the active files, all my problems are gone.
Give it a whirl.
Senior Member
Joined: Apr 2002
Posts: 164
Likes: 0
I am very familliar with this virus mainly cause I had it, lol
try these links they might help
http://securityresponse.symantec.com/avcen...moval.tool.html
http://www.computing.net/windowsxp/wwwboar...orum/72531.html
To run msconfig search for it and find the root file shange the name to msconfig.com and it will work.
When you press ctrl alt delete does your task manager open?
try these links they might help
http://securityresponse.symantec.com/avcen...moval.tool.html
http://www.computing.net/windowsxp/wwwboar...orum/72531.html
To run msconfig search for it and find the root file shange the name to msconfig.com and it will work.
When you press ctrl alt delete does your task manager open?
Thread Starter
Senior Member
Joined: May 2002
Posts: 566
Likes: 0
When I press ctrl alt delete task manager does open. It's similar to some new ones out there, but definately different. I thought I had it beat but it's back. Not sure if other PCs on the network are re-infecting it or not. I haven't had time to check the other PCs out cause using PC anywhere with someone who has dial-up is slowwwwwwwwwwwwwwwwwwwwww.
Thread Starter
Senior Member
Joined: May 2002
Posts: 566
Likes: 0
REDZWOMAN,
I haven't tried that yet. It's my former boss' home network that has the problems. I've been dialing in via pcAnywhere but that does not work in safe mode (which is really where I should be doing all of this from, not normal mode.) I will be able to swing by there later tonight and give it a try. I read about spybot, doesn't seem like it's the problem but at this point I'm willing to try anything.
I haven't tried that yet. It's my former boss' home network that has the problems. I've been dialing in via pcAnywhere but that does not work in safe mode (which is really where I should be doing all of this from, not normal mode.) I will be able to swing by there later tonight and give it a try. I read about spybot, doesn't seem like it's the problem but at this point I'm willing to try anything.
Senior Member
Joined: Mar 2002
Posts: 34,642
Likes: 0
From: Los Lunas, New Mexico, USA.
Vehicle: 2001 Hyundai Tiburon, 2004 Kia Sorento, 2010 Kia Soul
I didn't think it'd fix my problem either, being my browser was Hijacked and all, but it found 115 problems to include the one I was worried about.
There is some NASTAY programming out there.
There is some NASTAY programming out there.