Solved

Open File - Security Warning Windows XP Pro w/ SP2

Posted on 2006-11-01
8
14,902 Views
Last Modified: 2013-12-04
We are running Windows XP Pro SP2 in a Windows 2003 Server environment using AD.

We have group policies for each department.  Our customer service department is the most restrictive.  Just recently they are getting a warning message about open files when executing various things on their desktop.  Unknown Publisher/Unknown File Type and then the local path for the program they are trying to execute.  They just click OPEN and the program is available to them.  They use about 6-8 programs so they go through this routine on every boot.

Some initial research pointed to issues that occur with network apps but these are all local.



The question is difficult and we are in need so it's worth 500 points and hopefully I have made myself clear.
0
Comment
Question by:regosnell
  • 4
  • 3
8 Comments
 
LVL 2

Expert Comment

by:Slym
Comment Utility
Possible solution:

The popup on XP for running an unknown program has a box that says something like "always ask before running this program".  It is checked by default.  Uncheck it the next time you run the program and it won't ask again.

Hope that helps.
0
 
LVL 38

Expert Comment

by:Rich Rumble
Comment Utility
Can you post the exact pop-up wordage, there are several on XP/2003 that sound the same but are different.
-rich
0
 

Author Comment

by:regosnell
Comment Utility
The window is titled:
Open File - Security

The details are:

The publisher could not be verified.  Are you sure you want to run this software?

Name:  nameoffile.exe
Publisher:  Unknown Publisher
Type:  Application
From:  C:\Windows\system32


The choices are:

Run Cancel

It does this for every process.

Then the desktop appears after clicking run about 20 times (not 6-8 as I previously stated).
Then I will launch word and it will say the same messge only for winword.exe and the location locally on the C drive.

There is no check box about running the program.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
Comment Utility
That dialog box is defiantly from IE launching the application, does this happen if the  nameoffile.exe is double-clicked on where it is stored?
You may also be able to change that dialog by these methods...
http://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21684026.html
If it's an Html file that holds the link to that exe, you may experiment with a copy of that html file renamed to .hta (rather than .html or .htm)
-rich
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 38

Expert Comment

by:Rich Rumble
Comment Utility
Just found this also: http://support.microsoft.com/kb/921281
-rich
0
 

Author Comment

by:regosnell
Comment Utility
OK, we did find that one on experts-exchange prior to posting.  No help for us.

We are reviewing our settings based on the Microsoft KB article, I will let you know.  BTW, thanks for the fast responses.
0
 

Author Comment

by:regosnell
Comment Utility
The MS arctile didn;t apply for us.  The solution on experts-exchange was re-visited.


The part of that question that helped was this:

To disable the warning start the Group Policy Editor (Start > Run, type
-gpedit.msc- and press OK) and go to:

-User Configuration > Administrative Templates > Windows Components >
Attachment Manager- then set -Inclusion list for low file types- to
Enabled and enter the file types you don't want to be warned about in
the box (for example: .exe).

Thanks again for the help
0
 
LVL 38

Expert Comment

by:Rich Rumble
Comment Utility
Good to know, glad to help.
-rich
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Flux question 2 83
removing adware/spyware from profile on windows server 2008 11 104
Trojan blocked 11 81
Assess risks for an e-Payment system 15 101
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now