gpedit.msc, access denied

  • Thread starter Thread starter Leonard
  • Start date Start date
L

Leonard

Recently four computers in my office (3 XP SP2 and 1 Vista SP1) are affected
by virus win32.sillyFDC. Although the virus is detected and deleted by Norton
anti-virus, something is wrong with all our computers. Here are the symptons:
1 The adiministration tools (event viewer, services, computer management
etc.) in control panel can't be opened. The error messages is
"C:\WINDOWS\system32\eventvwr.msc, access denied".
2 Run gpedit.msc and get "access denied" error. But it works under command
prompt: C:\>mmc %SystemRoot%\system32\gpedit.msc.
3 System restore is disabled by group policy.
4 Remote desktop no loner works.
Any help will be greatly appreciated!
 
Leonard said:
Recently four computers in my office (3 XP SP2 and 1 Vista SP1) are
affected by virus win32.sillyFDC. Although the virus is detected and
deleted by Norton anti-virus, something is wrong with all our computers.
Here are the symptons: 1 The adiministration tools (event viewer,
services, computer management etc.) in control panel can't be opened. The
error messages is "C:\WINDOWS\system32\eventvwr.msc, access denied".
2 Run gpedit.msc and get "access denied" error. But it works under command
prompt: C:\>mmc %SystemRoot%\system32\gpedit.msc.
3 System restore is disabled by group policy.
4 Remote desktop no loner works.
Any help will be greatly appreciated!

Possibilities:

1. Your computers are still not clean. Go through more thorough malware
removal steps per:

http://www.elephantboycomputers.com/page2.html#Removing_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to do
all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://tinyurl.com/yoeru3 - download link and more instructions

When all else fails, get guided help. Choose one of the specialty forums
listed at the first link. Register and read its posting FAQ. PLEASE DO NOT
POST LOGS IN THE MS NEWSGROUPS.

2. The malware has permanently damaged the operating system. In this case,
wipe and clean-install Windows. An effective disaster plan strategy for
businesses is to create an image of a new working install, perfectly set
up. Your case is an excellent example of when to apply that image to
workstations. You can be up and running in a few minutes and only need to
apply any updates that have occurred since the image was created.

Since data should never be saved locally on workstations, data will not be
lost.

Malke
 
Leonard said:
Recently four computers in my office (3 XP SP2 and 1 Vista SP1) are affected
by virus win32.sillyFDC. Although the virus is detected and deleted by Norton
anti-virus, something is wrong with all our computers. Here are the symptons:
1 The adiministration tools (event viewer, services, computer management
etc.) in control panel can't be opened. The error messages is
"C:\WINDOWS\system32\eventvwr.msc, access denied".
2 Run gpedit.msc and get "access denied" error. But it works under command
prompt: C:\>mmc %SystemRoot%\system32\gpedit.msc.
3 System restore is disabled by group policy.
4 Remote desktop no loner works.
Any help will be greatly appreciated!


Run a thorough scan by doing the following steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
Download and Update SuperAntispyware and run a complete scan - Free
http://www.superantispyware.com/superantispywarefreevspro.html
http://www.malwarebytes.org/rr-update/rr-free-setup.exe
http://onecare.live.com/site/en-gb/default.htm?s_cid=sah

Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

Download Hijackthis and analysis the log or send to one of many forums on
the internet!
Download Hijackthis.
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)

HTH,
nass
 
Back
Top