Solved

problem browsing the local network & enabling the xp firewall

Posted on 2006-11-04
5
301 Views
Last Modified: 2010-03-18
We have just cleard down a workstation which had been infected with loads of viruses. The workstation is just one of a small XP workgroup, and is connected directly to the Internet. Although our antivirus software (AVG) and antispyware (Spyware Doctor) now show this workstation to be clean, the following problems remain:-

1). We cannot enable the XP firewall (XPSP2). I have checked that the group policy object for the firewall,is not active, but the firewall options, to enable the firewall, remain greyed out.

2). We cannot browse the local network, using my computer - network places etc. We can ping the other workstations however. We cannot use the "net use" command, as this too returns an error.

The internet connection seems to work perfectly.

Does anyone have any suggestions. We are loathed to just wipe the workstation and re install, as we have spent so much time now trying to recover!!!
0
Comment
Question by:nigelbeatson
  • 2
  • 2
5 Comments
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 250 total points
ID: 17872676
1)


If you find the settings on your XP clients are greyed out and you CANNOT ENABLE the built in XP firewall see http://support.microsoft.com/default.aspx?scid=kb;en-us;872769

If the settings are grayed out and you need to DISABLE the firewall check the following

To get to the Group Policy Management console, click start, programs, administrative tools, Group Policy Management
Once inside, find the Small Business Server Windows Firewall
To edit it, right mouse click on edit
Drill down the tree to Computer configuration, Administrative Templates, Network, Windows Firewall, Domain Profile
On the right hand side is the firewall policies you can now control

Defaults

Windows Firewall:  Protect all network connections – Enabled

Set the above to NOT CONFIGURED and local admins can enable and disable their own firewalls

If those wonts cure the problem the following will disable the firewall on an XP client.

The following commands enable and disable

netsh firewall ipv4 set opmode enable
netsh firewall ipv4 set opmode disable

The following peice of code turns off the firewall "Save as .vbs"

Set objFirewall = CreateObject("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile

objPolicy.FirewallEnabled = FALSE


The Following Registry entries enable and disable the firewall

HKLM\system\currentcontrolset\services\shared access\parameters\firewall\policy\standard profile
HKLM\system\currentcontrolset\services\shared access\parameters\firewall\policy\domain profile

The latter SHOULD apply when on the domain and the former when NOT on the domain

They each have a setting called

EnableFIrewall and DoNotAllowExceptions

Set to 0=off or 1=on


2)

Has the network browswer service srtated?
In the advanced properties of the network card under TCP/IP advanced > is Netbios over TCP enabled?
0
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 250 total points
ID: 17873344
Hey, Pete!  Hope things are  well!

You may also want to ck out this neat utility that allows repairs for things that break due to cleaning these...  If you want to ck this out, look under the Tools button and you will see some of the items you can fix with this tool....   I was impressed, as it combines a lot of command line fixes into a GUI:

Dial a Fix:

http://www.softpedia.com/get/System/System-Miscellaneous/Dial-a-fix.shtml

In a nutshell, Dial-a-fix: stops services, installs selected software (if packages are available -- see below), registers DLLs, restarts services, and removes several rogue policies. Dial-a-fix will not cause any issues if your system is already working properly.There is an optional package available that includes many Microsoft redistributable libraries (such as Script Engine, XML 3.0 & 4.0, Windows Installer 2.0 & 3.0 and more).
0
 

Author Comment

by:nigelbeatson
ID: 17888264
Thanks for your imput. Being a simple soul, I tried the dial-a-fix click to fix option first, but it did not resolve either of my problems. Thanks for your help though. I am in the process of wading through the recommendations suggested by Pete, and will let you know how I get on. Many thanks.
0
 

Author Comment

by:nigelbeatson
ID: 17888479
The XP workstation is part of a small workgroup, and is not on a domain. We do not have a group policy editor in the admin tools. I do know that I followed a document which did tell me how to invoke the group policy editor, and did check at that time - the firewall option you mentioned is set to "not configured".


The firwewall is actually greyed out and is currently not switched on.


The two variables you mention ie EnableFIrewall is currently set to 1, and DoNotAllowExceptions is not visible,

The command "netsh firewall ipv4 set opmode enable" produced "The following command was not found" I cut and pasted it, so I know I entered it correctly.

The option setting for "enable NetBios over TCPIP" was set to the default setting ie not set on.

I have tried setting this to on, and it still will not let me browes the network.

WE CAN PING THE DIFFERENT WORKSTATIONS THOUGH!!



0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 17894754
I have a feeling that your firewall has been junked...  did you try the reset option on Dial-a-fix for the firewall?  

You know, in a case like this, I do not fool around with trying to fix all the problems that the virus / spyware caused..  I just relaod the machine, as no matter what you do, you never know if you really have fixed everything..  this is the one way to know for sure that the problems are fixed, and that no holes exist in your system...  Just MHO...  :)
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Join & Write a Comment

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now