Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account


Photo

"Some settings are managed by your system administrator" on Ad

- - - - -

  • Please log in to reply
5 replies to this topic

#1
Richhs

Richhs

    Newbie

  • Member
  • 25 posts
  • OS:XP Pro x86
  • Country: Country Flag
I've been working on a Dell desktop system with Windows XP Home SP 3 for several days now, and it's infected with some sort of malware that has set restrictive policies on and damaged IE 8... along with corrupting the TCP/IP stack, so no connection to the internet can be established.

When accessing "Internet Options" for Internet Explorer 8, the "Advanced" tab has been hijacked by some sort of malware that inserts some restrictive policies on the Advanced Tab which is highlighed in gold that reads :

"Some settings are managed by your system administrator"

(same message at the bottom, but on the Advanced tab in my case)

Posted Image

I've cleaned-up most of the malware, because the machine already had an anti-virus app & multiple anti-malware apps installed.

AVG 2011 was installed, but was out of date on it's definitions and version.

Spybot, Malwarebytes, Superantispyware, Windows Defender, Rootkit Buster, & Hitman Pro (which will not run without a successful internet connection) were installed also.

I couldn't update the applications, but most of them were updated about a week ago before the problem existed.

I ran all of the apps, but not much was found in terms of malware because the machine was "worked on" before I started working on the problem.

I removed and replaced the winsock keys in the registry, ran winsockfix, and looked for but couldn't find the restrictive policies reg keys for the Advanced tab in the IE 8 as well.

I re-registered the DLLs for IE 8 and reset the default options several times, but the message highlighted in gold at the bottom won't go away and I still can't establish an internet connection.

I was also going to unistall IE 8 and re-install it... but IE 8 must have been installed prior to the install of SP3, which apparently removes the button in "Add/Remove Programs" to uninstall IE 8 if IE 8 was installed before the SP3 update. :crazy:

Oh, and the Windows Firewall will not and can not be turned on... I've tried many of the suggestions that are availabe to restart the service, but none of them are successful.

Any suggestions on what I'm missing here, or what else I might be able to try ?

I guess the priorties are :

1) Remove the "Some settings are managed by your system administrator" issue.

2) Re-establish an internet connection.

3) Re-enable the Windows Firewall.

Edited by Richhs, 01 February 2011 - 05:36 PM.



How to remove advertisement from MSFN

#2
Tripredacus

Tripredacus

    K-Mart-ian Legend

  • Super Moderator
  • 9,807 posts
  • OS:Server 2012
  • Country: Country Flag

Donator

A reinstall might do it, but I believe the actual file here is inetcpl.cpl. It might be different name, I don't have access to an XP machine and both my Win7 PCs have some form of IE9 on them.
MSFN RULES | GimageX HTA for PE 3-5 | lol probloms
msfn2_zpsc37c7153.jpg

#3
Richhs

Richhs

    Newbie

  • Member
  • 25 posts
  • OS:XP Pro x86
  • Country: Country Flag
I made a little head way ! :thumbup

I wrote a couple of tools to reinstall the WMI and repair the winsock, rebooted, went into the recovery console and ran chkdsk /P which returned "chkdsk found errors"... then I ran chkdsk /R and rebooted.

I've got internet connectivity now and I updated the anti-malware apps, along with installing Microsoft Security Essentials.

I'm running all of the scans now... I'll update the thread as I progress.

Edited by Richhs, 02 February 2011 - 08:07 PM.


#4
Richhs

Richhs

    Newbie

  • Member
  • 25 posts
  • OS:XP Pro x86
  • Country: Country Flag
The scans have all finished, and the only scan that found anything was the Superantispyware app.

I haven't removed any of them yet, because they look like false positives.

I'm researching them now.

Some of the detections are in the system restore files, but they may be the same false positives that I'm suspecting.

Even though I haven't removed any of the items detected, I am now able to browse the internet with IE 8.

#5
Tarun

Tarun

    Spectre

  • Super Moderator
  • 3,185 posts
  • OS:Windows 7 x64
  • Country: Country Flag
I'd completely ditch AVG and switch to avast or MSE. AVG causes too many problems anymore.

#6
Richhs

Richhs

    Newbie

  • Member
  • 25 posts
  • OS:XP Pro x86
  • Country: Country Flag
Yeah, I no longer recommend AVG to others.

I've noticed that in some machines it's a resource hog... that's not consistently the case but I've seen it on several occasions.

I also prefer Avast, and that's what I've been recommending lately.

I got the machine back to working order, but I never found the location in the registry where the setting was to remove the "Some settings are managed by your system administrator" warning.

It was an XP Home machine, so there wasn't the ability to check things with the group policy editor.

Other than that, all appeared to be just fine.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users



How to remove advertisement from MSFN