problem browsing the local network & enabling the xp firewall

Posted on 2006-11-04
Last Modified: 2010-03-18
We have just cleard down a workstation which had been infected with loads of viruses. The workstation is just one of a small XP workgroup, and is connected directly to the Internet. Although our antivirus software (AVG) and antispyware (Spyware Doctor) now show this workstation to be clean, the following problems remain:-

1). We cannot enable the XP firewall (XPSP2). I have checked that the group policy object for the firewall,is not active, but the firewall options, to enable the firewall, remain greyed out.

2). We cannot browse the local network, using my computer - network places etc. We can ping the other workstations however. We cannot use the "net use" command, as this too returns an error.

The internet connection seems to work perfectly.

Does anyone have any suggestions. We are loathed to just wipe the workstation and re install, as we have spent so much time now trying to recover!!!
Question by:nigelbeatson
  • 2
  • 2
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 250 total points
ID: 17872676

If you find the settings on your XP clients are greyed out and you CANNOT ENABLE the built in XP firewall see;en-us;872769 

If the settings are grayed out and you need to DISABLE the firewall check the following

To get to the Group Policy Management console, click start, programs, administrative tools, Group Policy Management
Once inside, find the Small Business Server Windows Firewall
To edit it, right mouse click on edit
Drill down the tree to Computer configuration, Administrative Templates, Network, Windows Firewall, Domain Profile
On the right hand side is the firewall policies you can now control


Windows Firewall:  Protect all network connections – Enabled

Set the above to NOT CONFIGURED and local admins can enable and disable their own firewalls

If those wonts cure the problem the following will disable the firewall on an XP client.

The following commands enable and disable

netsh firewall ipv4 set opmode enable
netsh firewall ipv4 set opmode disable

The following peice of code turns off the firewall "Save as .vbs"

Set objFirewall = CreateObject("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile

objPolicy.FirewallEnabled = FALSE

The Following Registry entries enable and disable the firewall

HKLM\system\currentcontrolset\services\shared access\parameters\firewall\policy\standard profile
HKLM\system\currentcontrolset\services\shared access\parameters\firewall\policy\domain profile

The latter SHOULD apply when on the domain and the former when NOT on the domain

They each have a setting called

EnableFIrewall and DoNotAllowExceptions

Set to 0=off or 1=on


Has the network browswer service srtated?
In the advanced properties of the network card under TCP/IP advanced > is Netbios over TCP enabled?
LVL 40

Accepted Solution

Fatal_Exception earned 250 total points
ID: 17873344
Hey, Pete!  Hope things are  well!

You may also want to ck out this neat utility that allows repairs for things that break due to cleaning these...  If you want to ck this out, look under the Tools button and you will see some of the items you can fix with this tool....   I was impressed, as it combines a lot of command line fixes into a GUI:

Dial a Fix:

In a nutshell, Dial-a-fix: stops services, installs selected software (if packages are available -- see below), registers DLLs, restarts services, and removes several rogue policies. Dial-a-fix will not cause any issues if your system is already working properly.There is an optional package available that includes many Microsoft redistributable libraries (such as Script Engine, XML 3.0 & 4.0, Windows Installer 2.0 & 3.0 and more).

Author Comment

ID: 17888264
Thanks for your imput. Being a simple soul, I tried the dial-a-fix click to fix option first, but it did not resolve either of my problems. Thanks for your help though. I am in the process of wading through the recommendations suggested by Pete, and will let you know how I get on. Many thanks.

Author Comment

ID: 17888479
The XP workstation is part of a small workgroup, and is not on a domain. We do not have a group policy editor in the admin tools. I do know that I followed a document which did tell me how to invoke the group policy editor, and did check at that time - the firewall option you mentioned is set to "not configured".

The firwewall is actually greyed out and is currently not switched on.

The two variables you mention ie EnableFIrewall is currently set to 1, and DoNotAllowExceptions is not visible,

The command "netsh firewall ipv4 set opmode enable" produced "The following command was not found" I cut and pasted it, so I know I entered it correctly.

The option setting for "enable NetBios over TCPIP" was set to the default setting ie not set on.

I have tried setting this to on, and it still will not let me browes the network.


LVL 40

Expert Comment

ID: 17894754
I have a feeling that your firewall has been junked...  did you try the reset option on Dial-a-fix for the firewall?  

You know, in a case like this, I do not fool around with trying to fix all the problems that the virus / spyware caused..  I just relaod the machine, as no matter what you do, you never know if you really have fixed everything..  this is the one way to know for sure that the problems are fixed, and that no holes exist in your system...  Just MHO...  :)

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
Resolve DNS query failed errors for Exchange
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now