| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 93248 | 2008-09-09 05:41:00 | Operation has been cancelled due to restrictions in effect on this computer | Ntiny02 (14163) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 703874 | 2008-09-09 05:41:00 | I cannot access my harddrive(c,d,e). when i trying to open it says Operation has been cancelled due to restrictions in effect on this computer. please help me out. | Ntiny02 (14163) | ||
| 703875 | 2008-09-09 05:54:00 | Welcome to Pf1 - Sounds like you may have some infections of the PC, seen several selections of malware cause that error message - download Hijackthis (www.trendsecure.com) - run it and select save a log, once complete copy/paste the complete log file back here, some one will advice on what needs to be removed. Also download from my sig, Malwarebytes, Spyware terminator and Trojan Remover (www.simplysup.com) - run them all in full scan modes, not fast scan. |
wainuitech (129) | ||
| 703876 | 2008-09-09 06:09:00 | Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:13:46 AM, on 9/1/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrv51.exe C:\Program Files\Panda Security\Panda Antivirus 2008\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\Advirs.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\Advirs.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\Panda Security\Panda Antivirus 2008\WebProxy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Documents and Settings\Nitin\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = voice.yahoo.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [advirs] C:\WINDOWS\system32\Advirs.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [advirs] C:\WINDOWS\system32\Advirs.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - Startup: ADVIRS.EXE O4 - Global Startup: ADVIRS.EXE O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: 50 FREE MP3s! - {686C970F-1D7D-4469-85D1-4B35763B56CC} - http://www.emusic.com?fref=149133 (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrv51.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- End of file - 4338 bytes |
Ntiny02 (14163) | ||
| 703877 | 2008-09-09 06:21:00 | Oaky you got a few bugs - Rerun Hijackthis - put ticks in the following boxes O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1 O9 - Extra button: 50 FREE MP3s! - {686C970F-1D7D-4469-85D1-4B35763B56CC} - http://www.emusic.com?fref=149133 (file missing) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) The following are also listed/known viruses that came out around May this year ( according to a couple of Google searches), put ticks in the boxes as well to remove and click Remove Selected. O4 - HKLM\..\Run: [advirs] C:\WINDOWS\system32\Advirs.exe O4 - HKCU\..\Run: [advirs] C:\WINDOWS\system32\Advirs.exe O4 - Startup: ADVIRS.EXE O4 - Global Startup: ADVIRS.EXE I'd suggest you get a better AV as well, try Nod32 free trial (www.eset.com) & run all the cleaners as mentioned above in previous thread, A good order is - Trojan Remover, Malwarebytes, Spyware Terminator |
wainuitech (129) | ||
| 703878 | 2008-09-09 06:25:00 | Disable system restore Tick these then tick fix checked Close browsers I would say this file is the prob, it look like it maybe an email worm C:\WINDOWS\system32\Advirs.exe <-- after you tick these reboot, find this file then delete it. C:\WINDOWS\system32\Advirs.exe O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [advirs] C:\WINDOWS\system32\Advirs.exe O4 - HKCU\..\Run: [advirs] C:\WINDOWS\system32\Advirs.exe O4 - Startup: ADVIRS.EXE O4 - Global Startup: ADVIRS.EXE O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1 O9 - Extra button: 50 FREE MP3s! - {686C970F-1D7D-4469-85D1-4B35763B56CC} - http://www.emusic.com?fref=149133 (file missing) Get trojan remover in my sig, after you reboot, install it update it then scan, then select all options under utilities. And get malwarebytes below, install, update click on scan |
Speedy Gonzales (78) | ||
| 703879 | 2008-09-09 06:27:00 | what can i do with checked items shoud i fix it or what?? | Ntiny02 (14163) | ||
| 703880 | 2008-09-09 06:31:00 | Disable system restore first Like I said tick the entries I posted then tick fix checked . Then reboot, delete avirs . exe . Get malwarebytes and trojan remover, install and update both, then scan |
Speedy Gonzales (78) | ||
| 703881 | 2008-09-09 08:18:00 | Thank you..... its trojan i have reomoved it........thank you very much......... My computer is having one more problem |
Ntiny02 (14163) | ||
| 703882 | 2008-09-09 08:22:00 | Thank you..... its trojan i have reomoved it........thank you very much......... My computer is having one more problem when i stat my pc every time i have to manually set the date and time of system. what shoud i do. help me |
Ntiny02 (14163) | ||
| 703883 | 2008-09-09 08:29:00 | Sounds like the battery on the motherboard has gone flat, it needs repacing as it is no longer keeping the clock alive | gary67 (56) | ||
| 1 2 3 4 | |||||