Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 734
  • Last Modified:

IE Has Been Cancelled Due To Restriction

Hi,
One the user has encounter: ' This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator' after she launched her internet explorer.  Her computer was infected with virus few days ago & had already cleaned up.  I did a scan again on her computer but no virus or spyware detected. I am puzzle what could have went wrong ? The virus has corrupted the IE ? and registry ? There isn't any restriction set on her computer.

OS: WinXP
Internet : IE 7
 
restrict-IE.doc
0
ktancl88
Asked:
ktancl88
  • 2
  • 2
1 Solution
 
jhyieslaCommented:
It's likely that either the virus messed with some subsystem of IE since MS decided to so heavily integrate it into the OS or you might still have some other residual thing left over which your scanners just aren't detecting.

I'd first try to "Uninstall" IE7 through Add/Remove Programs... it might be in the Windows programs section of ARP.  If that works it should take it back to IE 6... assuming that you had that there to start with.  At any rate, when you are done, reinstall IE 7 from a good download from MS.  See if that fixes the problem.

If it doesn't, then I would download and run malwarebytes (malwarebytes.org) and combofix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix).  For combofix, drop it on your desktop and rename the executable before you run as some threats look for this name. If you still find issues from running these two programs you may have to do additional cleaning.  If they say it's clean and you are still not able to use IE, then I would next try a repair from the XP CD.

Boot the CD and go past the place where you accept the license.  When you get to the point where you would install a new version of XP, you should have an option to do a repair.  Choose that one.  IT will delete all Windows system files and reinstall fresh copies, but should leave all you data and applications in place. You will have to reinstall all patches and service packs that came out after the disk was produced.

If this still doesn't solve the issue, then your still probably infected and should take the high road and back up your data and do a complete format and install of XP.
0
 
Donald StewartNetwork AdministratorCommented:
could be


The following registry key is either missing or corrupted:               HKEY_Local_Machine\Software\Classes\htmlfile\shell\open\command



 http://support.microsoft.com/kb/310049
0
 
Donald StewartNetwork AdministratorCommented:
you can save the below as fix_ie.reg and import it

Windows Registry Editor Version 5.00
 
;Ramesh Srinivasan - http://windowsxp.mvps.org
;Sets IE as default (For use with Windows XP systems)
;Use this only if IE is installed in its default location
;c:\Program Files\Internet Explorer
;Revised April 1, 2005 - Changed IExplore.exe path to LFN format
 
[HKEY_CLASSES_ROOT\ftp]
@="URL:File Transfer Protocol"
"EditFlags"=dword:00000002
"ShellFolder"="{63da6ec0-2e98-11cf-8d82-444553540000}"
"Source Filter"="{E436EBB6-524F-11CE-9F53-0020AF0BA770}"
"URL Protocol"=""
 
[HKEY_CLASSES_ROOT\ftp\DefaultIcon]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,75,00,72,00,\
  6c,00,2e,00,64,00,6c,00,6c,00,2c,00,30,00,00,00
 
[HKEY_CLASSES_ROOT\ftp\Extensions]
".IVF"="{C69E8F40-D5C8-11D0-A520-145405C10000}"
 
[HKEY_CLASSES_ROOT\ftp\shell]
@="open"
 
[HKEY_CLASSES_ROOT\ftp\shell\open]
 
[HKEY_CLASSES_ROOT\ftp\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1"
 
[HKEY_CLASSES_ROOT\ftp\shell\open\ddeexec]
@="\"%1\",,-1,0,,,,"
"NoActivateHandler"=""
 
[HKEY_CLASSES_ROOT\ftp\shell\open\ddeexec\Application]
@="IExplore"
 
[HKEY_CLASSES_ROOT\ftp\shell\open\ddeexec\ifExec]
@="*"
 
[HKEY_CLASSES_ROOT\ftp\shell\open\ddeexec\Topic]
@="WWW_OpenURL"
 
[HKEY_CLASSES_ROOT\htmlfile]
@="HTML Document"
"EditFlags"=dword:00010000
"BrowserFlags"=dword:00000008
 
[HKEY_CLASSES_ROOT\htmlfile\BrowseInPlace]
@=""
 
[HKEY_CLASSES_ROOT\htmlfile\CLSID]
@="{25336920-03F9-11CF-8FD0-00AA00686F13}"
 
[HKEY_CLASSES_ROOT\htmlfile\DefaultIcon]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe,1"
 
[HKEY_CLASSES_ROOT\htmlfile\ScriptHostEncode]
@="{0CF774D0-F077-11D1-B1BC-00C04F86C324}"
 
[HKEY_CLASSES_ROOT\htmlfile\shell]
@="opennew"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\open]
@="Open in S&ame Window"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" -nohome"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\open\ddeexec]
@="\"file://%1\",,-1,,,,,"
"NoActivateHandler"=""
 
[HKEY_CLASSES_ROOT\htmlfile\shell\open\ddeexec\Application]
@="IExplore"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\open\ddeexec\Topic]
@="WWW_OpenURL"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\opennew]
@="&Open"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\opennew\command]
@="\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\opennew\ddeexec]
@="\"%1\",,-1,0,,,,"
"NoActivateHandler"=""
 
[HKEY_CLASSES_ROOT\htmlfile\shell\opennew\ddeexec\Application]
@="IExplore"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\opennew\ddeexec\IfExec]
@="*"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\opennew\ddeexec\Topic]
@="WWW_OpenURLNewWindow"
 
[HKEY_CLASSES_ROOT\htmlfile\shell\printto]
 
[HKEY_CLASSES_ROOT\htmlfile\shell\printto\command]
@=hex(2):72,00,75,00,6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,\
  00,20,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,\
  25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,73,\
  00,68,00,74,00,6d,00,6c,00,2e,00,64,00,6c,00,6c,00,2c,00,50,00,72,00,69,00,\
  6e,00,74,00,48,00,54,00,4d,00,4c,00,20,00,22,00,25,00,31,00,22,00,20,00,22,\
  00,25,00,32,00,22,00,20,00,22,00,25,00,33,00,22,00,20,00,22,00,25,00,34,00,\
  22,00,00,00
 
[HKEY_CLASSES_ROOT\HTTP]
@="URL:HyperText Transfer Protocol"
"EditFlags"=dword:00000002
"Source Filter"="{E436EBB6-524F-11CE-9F53-0020AF0BA770}"
"URL Protocol"=""
 
[HKEY_CLASSES_ROOT\HTTP\AnimExtensions]
"."="dxmasf.dll,150"
".asf"="dxmasf.dll,150"
".asp"="dxmasf.dll,150"
".asx"="dxmasf.dll,150"
".nsc"="dxmasf.dll,150"
".wax"="dxmasf.dll,150"
".wm"="dxmasf.dll,150"
".wma"="dxmasf.dll,150"
".wmv"="dxmasf.dll,150"
".wmx"="dxmasf.dll,150"
".wvx"="dxmasf.dll,150"
 
[HKEY_CLASSES_ROOT\HTTP\DefaultIcon]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,75,00,72,00,\
  6c,00,2e,00,64,00,6c,00,6c,00,2c,00,30,00,00,00
 
[HKEY_CLASSES_ROOT\HTTP\Extensions]
".ASF"="{6B6D0800-9ADA-11d0-A520-00A0D10129C0}"
".ASX"="{4B428940-263C-11d1-A520-000000000000}"
".ASP"="{4B428940-263C-11d1-A520-000000000000}"
".WAX"="{4B428940-263C-11d1-A520-000000000000}"
".WM"="{6B6D0800-9ADA-11d0-A520-00A0D10129C0}"
".WMA"="{6B6D0800-9ADA-11d0-A520-00A0D10129C0}"
".NSC"="{4B428940-263C-11d1-A520-000000000000}"
".BECK"="{6B6D0800-9ADA-11d0-A520-00A0D10129C0}"
".WVX"="{4B428940-263C-11d1-A520-000000000000}"
".WMV"="{6B6D0800-9ADA-11d0-A520-00A0D10129C0}"
".WMX"="{4B428940-263C-11d1-A520-000000000000}"
".IVF"="{C69E8F40-D5C8-11D0-A520-145405C10000}"
 
[HKEY_CLASSES_ROOT\HTTP\shell]
@="open"
 
[HKEY_CLASSES_ROOT\HTTP\shell\open]
 
[HKEY_CLASSES_ROOT\HTTP\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" -nohome"
 
[HKEY_CLASSES_ROOT\HTTP\shell\open\ddeexec]
@="\"%1\",,-1,0,,,,"
"NoActivateHandler"=""
 
[HKEY_CLASSES_ROOT\HTTP\shell\open\ddeexec\Application]
@="IExplore"
 
[HKEY_CLASSES_ROOT\HTTP\shell\open\ddeexec\Topic]
@="WWW_OpenURL"
 
[HKEY_CLASSES_ROOT\https]
@="URL:HyperText Transfer Protocol with Privacy"
"EditFlags"=dword:00000002
"Source Filter"="{E436EBB6-524F-11CE-9F53-0020AF0BA770}"
"BrowserFlags"=dword:00000008
"URL Protocol"=""
 
[HKEY_CLASSES_ROOT\https\DefaultIcon]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,75,00,72,00,\
  6c,00,2e,00,64,00,6c,00,6c,00,2c,00,30,00,00,00
 
[HKEY_CLASSES_ROOT\https\shell]
@="open"
 
[HKEY_CLASSES_ROOT\https\shell\open]
 
[HKEY_CLASSES_ROOT\https\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" -nohome"
 
[HKEY_CLASSES_ROOT\https\shell\open\ddeexec]
@="\"%1\",,-1,0,,,,"
"NoActivateHandler"=""
 
[HKEY_CLASSES_ROOT\https\shell\open\ddeexec\Application]
@="IExplore"
 
[HKEY_CLASSES_ROOT\https\shell\open\ddeexec\Topic]
@="WWW_OpenURL"
 
[HKEY_CLASSES_ROOT\InternetShortcut]
"EditFlags"=dword:00000002
@="Internet Shortcut"
"IsShortcut"=""
"NeverShowExt"=""
 
[HKEY_CLASSES_ROOT\InternetShortcut\CLSID]
@="{FBF23B40-E3F0-101B-8488-00AA003E56F8}"
 
[HKEY_CLASSES_ROOT\InternetShortcut\DefaultIcon]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,75,00,72,00,\
  6c,00,2e,00,64,00,6c,00,6c,00,2c,00,30,00,00,00
 
[HKEY_CLASSES_ROOT\InternetShortcut\shell]
 
[HKEY_CLASSES_ROOT\InternetShortcut\shell\open]
"CLSID"="{FBF23B40-E3F0-101B-8488-00AA003E56F8}"
"LegacyDisable"=""
 
[HKEY_CLASSES_ROOT\InternetShortcut\shell\open\command]
@="rundll32.exe shdocvw.dll,OpenURL %l"
 
[HKEY_CLASSES_ROOT\InternetShortcut\shell\print]
 
[HKEY_CLASSES_ROOT\InternetShortcut\shell\print\command]
@=hex(2):72,00,75,00,6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,\
  00,20,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,\
  25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,4d,00,73,\
  00,68,00,74,00,6d,00,6c,00,2e,00,64,00,6c,00,6c,00,2c,00,50,00,72,00,69,00,\
  6e,00,74,00,48,00,54,00,4d,00,4c,00,20,00,22,00,25,00,31,00,22,00,00,00
 
[HKEY_CLASSES_ROOT\InternetShortcut\shell\printto]
 
[HKEY_CLASSES_ROOT\InternetShortcut\shell\printto\command]
@=hex(2):72,00,75,00,6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,\
  00,20,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,\
  25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,4d,00,73,\
  00,68,00,74,00,6d,00,6c,00,2e,00,64,00,6c,00,6c,00,2c,00,50,00,72,00,69,00,\
  6e,00,74,00,48,00,54,00,4d,00,4c,00,20,00,22,00,25,00,31,00,22,00,20,00,22,\
  00,25,00,32,00,22,00,20,00,22,00,25,00,33,00,22,00,20,00,22,00,25,00,34,00,\
  22,00,00,00
 
[HKEY_CLASSES_ROOT\InternetShortcut\shellex]
 
[HKEY_CLASSES_ROOT\InternetShortcut\shellex\ContextMenuHandlers]
 
[HKEY_CLASSES_ROOT\InternetShortcut\shellex\ContextMenuHandlers\{FBF23B40-E3F0-101B-8488-00AA003E56F8}]
@=""
 
[HKEY_CLASSES_ROOT\InternetShortcut\shellex\IconHandler]
@="{FBF23B40-E3F0-101B-8488-00AA003E56F8}"
 
[HKEY_CLASSES_ROOT\InternetShortcut\shellex\PropertyHandler]
@="{FBF23B40-E3F0-101B-8488-00AA003E56F8}"
 
[HKEY_CLASSES_ROOT\InternetShortcut\shellex\PropertySheetHandlers]
 
[HKEY_CLASSES_ROOT\InternetShortcut\shellex\PropertySheetHandlers\{FBF23B40-E3F0-101B-8488-00AA003E56F8}]
@=""
 
[HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}]
@="Internet Shortcut"
 
[HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InProcServer32]
@="shdocvw.dll"
"ThreadingModel"="Apartment"
"LoadWithoutCOM"=""
 
[HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\PersistentHandler]
@="{5e941d80-bf96-11cd-b579-08002b30bfeb}"
 
[HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\ProgID]
@="InternetShortcut"
 
[HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\shellex]
 
[HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\shellex\MayChangeDefaultMenu]
@=""
 
[HKEY_CLASSES_ROOT\gopher]
@="URL:Gopher Protocol"
"EditFlags"=dword:00000002
"Source Filter"="{E436EBB6-524F-11CE-9F53-0020AF0BA770}"
"URL Protocol"=""
 
[HKEY_CLASSES_ROOT\gopher\DefaultIcon]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,75,00,72,00,\
  6c,00,2e,00,64,00,6c,00,6c,00,2c,00,30,00,00,00
 
[HKEY_CLASSES_ROOT\gopher\shell]
 
[HKEY_CLASSES_ROOT\gopher\shell\open]
 
[HKEY_CLASSES_ROOT\gopher\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" -nohome"
 
[HKEY_CLASSES_ROOT\gopher\shell\open\ddeexec]
@="\"%1\",,-1,0,,,,"
"NoActivateHandler"=""
 
[HKEY_CLASSES_ROOT\gopher\shell\open\ddeexec\Application]
@="IExplore"
 
[HKEY_CLASSES_ROOT\gopher\shell\open\ddeexec\Topic]
@="WWW_OpenURL"
 
[HKEY_CLASSES_ROOT\mhtmlfile]
@="MHTML Document"
 
[HKEY_CLASSES_ROOT\mhtmlfile\BrowseInPlace]
@=""
 
[HKEY_CLASSES_ROOT\mhtmlfile\CLSID]
@="{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}"
 
[HKEY_CLASSES_ROOT\mhtmlfile\DefaultIcon]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe,22"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell]
@="opennew"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\open]
@="Open in S&ame Window"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" -nohome"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\open\ddeexec]
@="\"file://%1\",,-1,,,,,"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\open\ddeexec\Application]
@="IExplore"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\open\ddeexec\Topic]
@="WWW_OpenURL"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\opennew]
@="&Open"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\opennew\command]
@="\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\opennew\ddeexec]
@="\"file://%1\",,-1,,,,,"
"NoActivateHandler"=""
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\opennew\ddeexec\Application]
@="IExplore"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\opennew\ddeexec\IfExec]
@="*"
 
[HKEY_CLASSES_ROOT\mhtmlfile\shell\opennew\ddeexec\Topic]
@="WWW_OpenURLNewWindow"
 
[HKEY_CLASSES_ROOT\.htm]
@="htmlfile"
 
[HKEY_CLASSES_ROOT\.html]
@="htmlfile"
 
[HKEY_CLASSES_ROOT\.mht]
@="mhtmlfile"
 
[HKEY_CLASSES_ROOT\.mhtml]
@="mhtmlfile"

Open in new window

0
 
ktancl88Author Commented:
Hi,

Thanks for all the solutions. Looks like I have to spend sometime on that computer. Will get back to u on this.
0
 
ktancl88Author Commented:
It works after I remove IE 7 to IE 6 and reinstall IE 7 . Thank you very much.
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now