Sign in with
Sign up | Sign in
Your question

Out of the blue, I can’t change my internet options in I.E.6

Last response: in Windows 95/98/ME
Share
Anonymous
March 26, 2005 1:31:44 AM

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

Win98SE

The first odd thing I was noticing I could view this particular site’s
flash samples on the web, everything played perfectly, but on my
system the main flash movie that played the others remained blank.
First noticed this behavior about a week ago.....then it occurred to
me that perhaps it’s something in my security settings and went to
Tools -> Internet Options and I WAS LOCKED OUT!!! I got this error
message: "This operation has been cancelled due to restrictions in
effect on this computer. Pleas contact your system
administrator......What’s causing this and what do I do, I’m current
in security updates, ran Ad-ware, ran CWSShredder and it’s still doing
it.

TIA, Cyn

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/General-Discussion-blue-ch...
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1100402
Anonymous
March 26, 2005 5:46:48 AM

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

Running Spybot?
http://www.safer-networking.org/en/faq/24.html

Courtesy of MVP Ramesh:

To restore missing tabs, open Registry Editor and go to these locations:

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\ Control
Panel]

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\ Control
Panel]

Disable the restrictions by typing the values to "0" for the relevant keys.
By trying the manual procedure, you are just making the tabs visible and not
removing the parasites. [See below.]

Or, "Remove IE Restrictions & Restore Missing tabs". Download the REG fix
and double-click it: http://windowsxp.mvps.org/reg/IE_reset_restrictions.reg

Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/Darnit.htm
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine.blogspot.com/
--
~Robear Dyer (PA Bear)
MS MVP-Windows (Shell, IE/OE) & Security

Mastering Newsgroups in Outlook Express
http://www.microsoft.com/windows/ie/community/columns/n...

Cynindesign wrote:
> Win98SE
>
> The first odd thing I was noticing I could view this particular site's
> flash samples on the web, everything played perfectly, but on my
> system the main flash movie that played the others remained blank.
> First noticed this behavior about a week ago.....then it occurred to
> me that perhaps it's something in my security settings and went to
> Tools -> Internet Options and I WAS LOCKED OUT!!! I got this error
> message: "This operation has been cancelled due to restrictions in
> effect on this computer. Pleas contact your system
> administrator......What's causing this and what do I do, I'm current
> in security updates, ran Ad-ware, ran CWSShredder and it's still doing
> it.
>
> TIA, Cyn
Anonymous
March 26, 2005 3:05:57 PM

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

"pabearmvp" wrote:
> Running Spybot?
> http://www.safer-networking.org/en/faq/24.html
>
> Courtesy of MVP Ramesh:
>
> To restore missing tabs, open Registry Editor and go to these
> locations:
>
> [HKEY_CURRENT_USERSoftwarePoliciesMicrosoftInternet
> Explorer Control
> Panel]
>
> [HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftInternet
> Explorer Control
> Panel]
>
> Disable the restrictions by typing the values to "0" for the
> relevant keys.
> By trying the manual procedure, you are just making the tabs
> visible and not
> removing the parasites. [See below.]
>
> Or, "Remove IE Restrictions & Restore Missing tabs". Download
> the REG fix
> and double-click it:
> http://windowsxp.mvps.org/reg/IE_reset_restrictions.reg
>
> Help with Hijackware
> http://aumha.org/a/parasite.htm
> http://aumha.org/a/quickfix.htm
> http://mvps.org/winhelp2002/unwanted.htm
> http://inetexplorer.mvps.org/Darnit.htm
> http://www.mvps.org/sramesh2k/Malware_Defence.htm
> http://defendingyourmachine.blogspot.com/
> --
> ~Robear Dyer (PA Bear)
> MS MVP-Windows (Shell, IE/OE) & Security
>
> Mastering Newsgroups in Outlook Express
> http://www.microsoft.com/windows/ie/community/columns/n...
>
> Cynindesign wrote:
> > Win98SE
> >
> > The first odd thing I was noticing I could view this
> particular site's
> > flash samples on the web, everything played perfectly, but
> on my
> > system the main flash movie that played the others remained
> blank.
> > First noticed this behavior about a week ago.....then it
> occurred to
> > me that perhaps it's something in my security settings and
> went to
> > Tools -> Internet Options and I WAS LOCKED OUT!!! I got
> this error
> > message: "This operation has been cancelled due to
> restrictions in
> > effect on this computer. Pleas contact your system
> > administrator......What's causing this and what do I do, I'm
> current
> > in security updates, ran Ad-ware, ran CWSShredder and it's
> still doing
> > it.
> >
> > TIA, Cyn

No NoBrowserOptions in registry, downloaded Spybot1.3, been running
1.2, found a few more that ad-ware didn’t find. Spybot running in the
default mode.

Downloaded hyjackthis, I used the google toolbar, but I’ve not noticed
and yahoo features that I see here, any who, here’s the log from
hijack, please let me know, thanks, Cyn:


Logfile of HijackThis v1.98.2
Scan saved at 9:06:31 AM, on 3/26/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\WINDOWS\NECUTRAY.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\USBMONIT.EXE
C:\PROGRAM FILES\D-LINK\AIR UTILITY\AIRCFG.EXE
C:\PROGRAM FILES\ALPHA NETWORKS\ANIWZCS SERVICE\WZCSLDR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MAILWASHER PRO\MAILWASHER.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
F:\DOWNLOAD\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default)
=
http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugin
s%5CSBWeb_01.src");
(C:\WINDOWS\Application
Data\Mozilla\Profiles\default\jx8oczwu.slt\prefs.js)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} -
C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar2.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- F:\PROGRAM FILES\ADOBE\ACROBAT
5.0\ACROBAT\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: Trellian Toolbar -
{71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program
Files\TRELLIAN\ToolBar\toolbar.dll
O3 - Toolbar: &Yahoo! Companion -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM
FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O3 - Toolbar: Norton AntiVirus -
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Gene USB Monitor]
C:\WINDOWS\SYSTEM\USBMonit.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\PROGRAM
FILES\D-LINK\AIR UTILITY\AIRCFG.EXE
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha
Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [TrueVector]
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common
Files\Symantec Shared\ccSetMgr.exe"
O4 - HKCU\..\Run: [VCatch] C:\PROGRAM FILES\COMMONSEARCH\VCATCH
PREMIUM\VCATCHPRE.EXE
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Acrobat Assistant.lnk = F:\Program
Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control
Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control
Panel present
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: &WordWeb... -
res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: &Add animation to IncrediMail Style Box
- F:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM
FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM
FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM
FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English -
res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\PROGRAM
FILES\COMMON FILES\SOURCETEC\SWF CATCHER\InternetExplorer.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD}
- C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O9 - Extra ’Tools’ menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM
FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O9 - Extra button: Sothink SWF Catcher -
{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\PROGRAM FILES\COMMON
FILES\SOURCETEC\SWF CATCHER\InternetExplorer.htm
O9 - Extra ’Tools’ menuitem: Sothink SWF Catcher -
{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\PROGRAM FILES\COMMON
FILES\SOURCETEC\SWF CATCHER\InternetExplorer.htm
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {F5C90925-ABBF-4475-88F5-8622B452BA9E} (Compaq System Data
Class) - http://www29.compaq.com/falco/SysQuery.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) -
http://www5.incredimail.com/contents/setup/downloader_s...
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class)
-
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) -
http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl
Class) -
http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v...

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/General-Discussion-blue-ch...
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1101029
Related resources
Anonymous
March 26, 2005 4:57:22 PM

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

Cynindesign wrote:
> "pabearmvp" wrote:
> > Running Spybot?
> > http://www.safer-networking.org/en/faq/24.html
> >
> > Courtesy of MVP Ramesh:
> >
> > To restore missing tabs, open Registry Editor and go to these
> > locations:
> >
> > [HKEY_CURRENT_USERSoftwarePoliciesMicrosoftInternet
> > Explorer Control
> > Panel]
> >
> > [HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftInternet
> > Explorer Control
> > Panel]
> >
> > Disable the restrictions by typing the values to "0" for the
> > relevant keys.
> > By trying the manual procedure, you are just making the tabs
> > visible and not
> > removing the parasites. [See below.]
> >
> > Or, "Remove IE Restrictions & Restore Missing tabs". Download
> > the REG fix
> > and double-click it:
> > http://windowsxp.mvps.org/reg/IE_reset_restrictions.reg
> >
> > Help with Hijackware
> > http://aumha.org/a/parasite.htm
> > http://aumha.org/a/quickfix.htm
> > http://mvps.org/winhelp2002/unwanted.htm
> > http://inetexplorer.mvps.org/Darnit.htm
> > http://www.mvps.org/sramesh2k/Malware_Defence.htm
> > http://defendingyourmachine.blogspot.com/
> > --
> > Cynindesign wrote:
> > > Win98SE
> > >
> > > The first odd thing I was noticing I could view this
> > particular site's
> > > flash samples on the web, everything played perfectly, but
> > on my
> > > system the main flash movie that played the others remained blank.
> > > First noticed this behavior about a week ago.....then it
> > occurred to
> > > me that perhaps it's something in my security settings and
> > went to
> > > Tools -> Internet Options and I WAS LOCKED OUT!!! I got
> > this error
> > > message: "This operation has been cancelled due to
> > restrictions in
> > > effect on this computer. Pleas contact your system
> > > administrator......What's causing this and what do I do, I'm current
> > > in security updates, ran Ad-ware, ran CWSShredder and it's
> > still doing
> > > it.
> > >
> > > TIA, Cyn
>
> No NoBrowserOptions in registry, downloaded Spybot1.3, been running
> 1.2, found a few more that ad-ware didn't find. Spybot running in the
> default mode.
>
> Downloaded hyjackthis, I used the google toolbar, but I've not noticed
> and yahoo features that I see here, any who, here's the log from
> hijack, please let me know, thanks, Cyn:
>
>
> Logfile of HijackThis v1.98.2
> Scan saved at 9:06:31 AM, on 3/26/05
> Platform: Windows 98 SE (Win9x 4.10.2222A)
> MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
<snip>

By a Gentleman's Agreement, we don't interpret HijackThis logs in any of the
MS newsgroups. You may post your log to http://forums.spywareinfo.com/,
http://castlecops.com/forum67.html or http://aumha.net/viewforum.php?f=30
for expert analysis; Please see the preliminaries these sites request that
you address before posting (e.g., http://aumha.net/viewtopic.php?t=4075).

Before posting to any forum, replace your outdated version of HijackThis
with v1.99.1: http://forum.mvps.org/downloads/hijackthis.exe.

That being said: You have several hijackers, possibly "drive by" installed
with Incredimail; Despite having NAV installed (?), it is neither active nor
protecting you (especially dangerous situation as you're using wireless
acess); VCatch Anti-virus, which you may be depending on in place of NAV, is
itself considered spyware.
--
~Robear Dyer (PA Bear)
MS MVP-Windows (Shell, IE/OE) & Security, AH-VSOP

Safer Browsing and Security Guide
http://www.microsoft.com/windows/IE/community/columns/s...

What You Should Know About Spyware
http://www.microsoft.com/athome/security/spyware/deviou...
Anonymous
March 26, 2005 5:20:32 PM

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

"Cynindesign" wrote:
> No NoBrowserOptions in registry, downloaded Spybot1.3, been
> running 1.2, found a few more that ad-ware didn't find.
> Spybot running in the default mode.
>
> Downloaded hyjackthis, I used the google toolbar, but I've not
> noticed and yahoo features that I see here, any who, here's
> the log from hijack, please let me know, thanks, Cyn:
>
>
> Logfile of HijackThis v1.98.2
> Scan saved at 9:06:31 AM, on 3/26/05
> Platform: Windows 98 SE (Win9x 4.10.2222A)
> MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>
> Running processes:
> C:WINDOWSSYSTEMKERNEL32.DLL
> C:WINDOWSSYSTEMMSGSRV32.EXE
> C:WINDOWSSYSTEMMPREXE.EXE
> C:WINDOWSSYSTEMZONELABSVSMON.EXE
> C:p ROGRAM FILESCOMMON FILESSYMANTEC SHAREDCCSETMGR.EXE
> C:WINDOWSNECUTRAY.EXE
> C:WINDOWSSYSTEMmmtask.tsk
> C:WINDOWSEXPLORER.EXE
> C:WINDOWSSYSTEMSYSTRAY.EXE
> C:WINDOWSSYSTEMUSBMONIT.EXE
> C:p ROGRAM FILESD-LINKAIR UTILITYAIRCFG.EXE
> C:p ROGRAM FILESALPHA NETWORKSANIWZCS SERVICEWZCSLDR.EXE
> C:p ROGRAM FILESZONE LABSZONEALARMZLCLIENT.EXE
> C:WINDOWSSYSTEMWMIEXE.EXE
> C:WINDOWSSYSTEMDDHELP.EXE
> C:p ROGRAM FILESMAILWASHER PROMAILWASHER.EXE
> C:p ROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
> F:D OWNLOADHIJACKTHIS.EXE
>
> R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar
> =
> http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
> R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar
> =
> http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
> R1 - HKCUSoftwareMicrosoftInternet
> ExplorerSearchURL,(Default) =
> http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
> R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page
> =
> R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page
> =
> R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
> Settings,ProxyOverride = localhost
> N3 - Netscape 7: user_pref("browser.search.defaultengine",
> "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearc
> hplugins%5CSBWeb_01.src");
> (C:WINDOWSApplication
> DataMozillaProfilesdefaultjx8oczwu.sltprefs.js)
> O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872}
> - C:p rogram FilesNorton AntiVirusNavShExt.dll
> O2 - BHO: Google Toolbar Helper -
> {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:p rogram
> filesgooglegoogletoolbar2.dll
> O2 - BHO: AcroIEHlprObj Class -
> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:p ROGRAM
> FILESADOBEACROBAT 5.0ACROBATACTIVEXACROIEHELPER.OCX
> O3 - Toolbar: Trellian Toolbar -
> {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:p rogram
> FilesTRELLIANToolBartoolbar.dll
> O3 - Toolbar: &Yahoo! Companion -
> {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:p ROGRAM
> FILESYAHOO!COMPANIONINSTALLSCPNYCOMP5_3_12_0.DLL
> O3 - Toolbar: Norton AntiVirus -
> {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:p rogram
> FilesNorton AntiVirusNavShExt.dll
> O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467}
> - C:WINDOWSSYSTEMMSDXM.OCX
> O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F}
> - c:p rogram filesgooglegoogletoolbar2.dll
> O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe
> /autorun
> O4 - HKLM..Run: [SystemTray] SysTray.Exe
> O4 - HKLM..Run: [Gene USB Monitor]
> C:WINDOWSSYSTEMUSBMonit.exe
> O4 - HKLM..Run: [D-Link Air Utility] C:p ROGRAM
> FILESD-LINKAIR UTILITYAIRCFG.EXE
> O4 - HKLM..Run: [ANIWZCSService] C:p rogram FilesAlpha
> NetworksANIWZCS ServiceWZCSLDR.exe
> O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
> O4 - HKLM..Run: [Symantec NetDriver Monitor]
> C:p ROGRA~1SYMNET~1SNDMON.EXE
> O4 - HKLM..Run: [Zone Labs Client] "C:p rogram FilesZone
> LabsZoneAlarmzlclient.exe"
> O4 - HKLM..RunServices: [TrueVector]
> C:WINDOWSSYSTEMZONELABSVSMON.EXE -service
> O4 - HKLM..RunServices: [ccSetMgr] "C:p rogram FilesCommon
> FilesSymantec SharedccSetMgr.exe"
> O4 - HKCU..Run: [VCatch] C:p ROGRAM
> FILESCOMMONSEARCHVCATCH PREMIUMVCATCHPRE.EXE
> O4 - HKCU..Run: [LDM] ProgramBackWeb-8876480.exe
> O4 - Startup: Logitech Desktop Messenger.lnk = C:p rogram
> FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
> O4 - Startup: Adobe Gamma Loader.exe.lnk = C:p rogram
> FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
> O4 - Startup: Acrobat Assistant.lnk = F:p rogram
> FilesAdobeAcrobat 5.0DistillrAcroTray.exe
> O6 - HKCUSoftwarePoliciesMicrosoftInternet
> ExplorerControl Panel present
> O6 - HKLMSoftwarePoliciesMicrosoftInternet
> ExplorerControl Panel present
> O8 - Extra context menu item: Yahoo! Search -
> file:///C:p rogram FilesYahoo!Common/ycsrch.htm
> O8 - Extra context menu item: Yahoo! Dictionary -
> file:///C:p rogram FilesYahoo!Common/ycdict.htm
> O8 - Extra context menu item: &WordWeb... -
> res://C:WINDOWSwweb32.dll/lookup.html
> O8 - Extra context menu item: &Add animation to IncrediMail
> Style Box - F:p ROGRA~1INCRED~1binresourcesWebMenuImg.htm
> O8 - Extra context menu item: &Google Search -
> res://C:p ROGRAM FILESGOOGLEGOOGLETOOLBAR2.DLL/cmsearch.html
> O8 - Extra context menu item: Cached Snapshot of Page -
> res://C:p ROGRAM FILESGOOGLEGOOGLETOOLBAR2.DLL/cmcache.html
> O8 - Extra context menu item: Similar Pages - res://C:p ROGRAM
> FILESGOOGLEGOOGLETOOLBAR2.DLL/cmsimilar.html
> O8 - Extra context menu item: Backward Links -
> res://C:p ROGRAM
> FILESGOOGLEGOOGLETOOLBAR2.DLL/cmbacklinks.html
> O8 - Extra context menu item: Translate into English -
> res://C:p ROGRAM FILESGOOGLEGOOGLETOOLBAR2.DLL/cmtrans.html
> O8 - Extra context menu item: Sothink SWF Catcher - C:p ROGRAM
> FILESCOMMON FILESSOURCETECSWF CATCHERInternetExplorer.htm
> O9 - Extra button: AIM -
> {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:p ROGRAM
> FILESAIMAIM.EXE
> O9 - Extra button: Messenger -
> {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:p ROGRAM
> FILESYAHOO!MESSENGERYHEXBMES0411.DLL
> O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
> {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:p ROGRAM
> FILESYAHOO!MESSENGERYHEXBMES0411.DLL
> O9 - Extra button: Sothink SWF Catcher -
> {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:p ROGRAM
> FILESCOMMON FILESSOURCETECSWF CATCHERInternetExplorer.htm
> O9 - Extra 'Tools' menuitem: Sothink SWF Catcher -
> {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:p ROGRAM
> FILESCOMMON FILESSOURCETECSWF CATCHERInternetExplorer.htm
> O12 - Plugin for .spop:
> C:p ROGRA~1INTERN~1PluginsNPDocBox.dll
> O16 - DPF: {F5C90925-ABBF-4475-88F5-8622B452BA9E} (Compaq
> System Data Class) -
> http://www29.compaq.com/falco/SysQuery.cab
> O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46}
> (IncrediMail) -
> http://www5.incredimail.com/contents/setup/downloader_s...
> O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000}
> (YahooYMailTo Class) -
> http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
> O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4)
> - http://www.drivershq.com/DD_v4.CAB
> O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
> (MsnMessengerSetupDownloadControl Class) -
> http://messenger.msn.com/download/MsnMessengerSetupDown...
> O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3}
> (EPUImageControl Class) -
> http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v...

Also, I haven’t touched I.E.’s internet options in a while, but what
about Zone Alarms Plus, I updated recently, but I don’t see a feature
for browser controls. I reset I.E. so now it’s starting at "blank"
page and I can’t get in to change it. Also deleted the control panel
in I.E. usning Hijackthis, no change, still can’t access the internet
option menu. Keeps giving the system administrator error. Thanks, Cyn
Anonymous
March 26, 2005 5:39:04 PM

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

To connect to this newsgroup directly, click on the following link (or
copy/paste it into an IE Address Bar and click GO). It will open the
newsgroup in your default newsreader:

news://msnews.microsoft.com/microsoft.public.win98.gen_discussion

--
~PA Bear
Anonymous
March 26, 2005 5:50:46 PM

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

Use Regedit.exe and search for NoBrowserOptions and remove it.
It is most likely to be here (but not necessarily)
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet
Explorer\Restrictions
If you are unfamiliar with Regedit, then ensure you know how to
restore your Registry in case of error and it is a good to export any
key before deleting.

Check the startup (Start-Run-MSCONFIG-Startup tab) for any unknown
items if it is reset on reboot.

You might try this snippet from Mike Burgess first if you use SpyBot:
'Did you by chance run SpyBot's Immunize feature?
If so, you can unlock by unchecking the option to "Protect IE Control
Panel" '

....Alan
--
Alan Edwards, MS MVP W95/98 Systems

In microsoft.public.win98.gen_discussion, Cynindesign
<UseLinkToEmail@WindowsForumz.com> wrote:

>Win98SE
>
>The first odd thing I was noticing I could view this particular site’s
>flash samples on the web, everything played perfectly, but on my
>system the main flash movie that played the others remained blank.
>First noticed this behavior about a week ago.....then it occurred to
>me that perhaps it’s something in my security settings and went to
>Tools -> Internet Options and I WAS LOCKED OUT!!! I got this error
>message: "This operation has been cancelled due to restrictions in
>effect on this computer. Pleas contact your system
>administrator......What’s causing this and what do I do, I’m current
>in security updates, ran Ad-ware, ran CWSShredder and it’s still doing
>it.
>
> TIA, Cyn
Anonymous
March 26, 2005 6:22:10 PM

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

"pabearmvp" wrote:
> Cynindesign wrote:
> > "pabearmvp" wrote:
>  > > Running Spybot?
>  > > http://www.safer-networking.org/en/faq/24.html
>  > >
>  > > Courtesy of MVP Ramesh:
>  > >
>  > > To restore missing tabs, open Registry Editor and go
> to these
>  > > locations:
>  > >
>  > > [HKEY_CURRENT_USERSoftwarePoliciesMicrosoftInternet
>  > > Explorer Control
>  > > Panel]
>  > >
>  > > [HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftInternet
>  > > Explorer Control
>  > > Panel]
>  > >
>  > > Disable the restrictions by typing the values to "0"
> for the
>  > > relevant keys.
>  > > By trying the manual procedure, you are just making
> the tabs
>  > > visible and not
>  > > removing the parasites. [See below.]
>  > >
>  > > Or, "Remove IE Restrictions & Restore Missing tabs".
> Download
>  > > the REG fix
>  > > and double-click it:
>  > >
> http://windowsxp.mvps.org/reg/IE_reset_restrictions.reg
>  > >
>  > > Help with Hijackware
>  > > http://aumha.org/a/parasite.htm
>  > > http://aumha.org/a/quickfix.htm
>  > > http://mvps.org/winhelp2002/unwanted.htm
>  > > http://inetexplorer.mvps.org/Darnit.htm
>  > > http://www.mvps.org/sramesh2k/Malware_Defence.htm
>  > > http://defendingyourmachine.blogspot.com/
>  > > --
>  > > Cynindesign wrote:
>   > > > Win98SE
>   > > >
>   > > > The first odd thing I was noticing I could
> view this
>  > > particular site's
>   > > > flash samples on the web, everything played
> perfectly, but
>  > > on my
>   > > > system the main flash movie that played the
> others remained blank.
>   > > > First noticed this behavior about a week
> ago.....then it
>  > > occurred to
>   > > > me that perhaps it's something in my
> security settings and
>  > > went to
>   > > > Tools -> Internet Options and I WAS
> LOCKED OUT!!! I got
>  > > this error
>   > > > message: "This operation has been cancelled
> due to
>  > > restrictions in
>   > > > effect on this computer. Pleas contact your
> system
>   > > > administrator......What's causing this and
> what do I do, I'm current
>   > > > in security updates, ran Ad-ware, ran
> CWSShredder and it's
>  > > still doing
>   > > > it.
>   > > >
>   > > > TIA, Cyn
> >
> > No NoBrowserOptions in registry, downloaded Spybot1.3, been
> running
> > 1.2, found a few more that ad-ware didn't find. Spybot
> running in the
> > default mode.
> >
> > Downloaded hyjackthis, I used the google toolbar, but I've
> not noticed
> > and yahoo features that I see here, any who, here's the log
> from
> > hijack, please let me know, thanks, Cyn:
> >
> >
> > Logfile of HijackThis v1.98.2
> > Scan saved at 9:06:31 AM, on 3/26/05
> > Platform: Windows 98 SE (Win9x 4.10.2222A)
> > MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
> <snip>
>
> By a Gentleman's Agreement, we don't interpret HijackThis logs
> in any of the
> MS newsgroups. You may post your log to
> http://forums.spywareinfo.com/,
> http://castlecops.com/forum67.html or
> http://aumha.net/viewforum.php?f=30
> for expert analysis; Please see the preliminaries these sites
> request that
> you address before posting (e.g.,
> http://aumha.net/viewtopic.php?t=4075).
>
> Before posting to any forum, replace your outdated version of
> HijackThis
> with v1.99.1: http://forum.mvps.org/downloads/hijackthis.exe.
>
> That being said: You have several hijackers, possibly "drive
> by" installed
> with Incredimail; Despite having NAV installed (?), it is
> neither active nor
> protecting you (especially dangerous situation as you're using
> wireless
> acess); VCatch Anti-virus, which you may be depending on in
> place of NAV, is
> itself considered spyware.
> --
> ~Robear Dyer (PA Bear)
> MS MVP-Windows (Shell, IE/OE) & Security, AH-VSOP
>
> Safer Browsing and Security Guide
> http://www.microsoft.com/windows/IE/community/columns/s...
>
> What You Should Know About Spyware
> http://www.microsoft.com/athome/security/spyware/deviou...

Thank you so much for the info, Cyn

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/General-Discussion-blue-ch...
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1101415
!