problem browsing the local network & enabling the xp firewall

We have just cleard down a workstation which had been infected with loads of viruses. The workstation is just one of a small XP workgroup, and is connected directly to the Internet. Although our antivirus software (AVG) and antispyware (Spyware Doctor) now show this workstation to be clean, the following problems remain:-

1). We cannot enable the XP firewall (XPSP2). I have checked that the group policy object for the firewall,is not active, but the firewall options, to enable the firewall, remain greyed out.

2). We cannot browse the local network, using my computer - network places etc. We can ping the other workstations however. We cannot use the "net use" command, as this too returns an error.

The internet connection seems to work perfectly.

Does anyone have any suggestions. We are loathed to just wipe the workstation and re install, as we have spent so much time now trying to recover!!!
Who is Participating?
Fatal_ExceptionConnect With a Mentor Commented:
Hey, Pete!  Hope things are  well!

You may also want to ck out this neat utility that allows repairs for things that break due to cleaning these...  If you want to ck this out, look under the Tools button and you will see some of the items you can fix with this tool....   I was impressed, as it combines a lot of command line fixes into a GUI:

Dial a Fix:

In a nutshell, Dial-a-fix: stops services, installs selected software (if packages are available -- see below), registers DLLs, restarts services, and removes several rogue policies. Dial-a-fix will not cause any issues if your system is already working properly.There is an optional package available that includes many Microsoft redistributable libraries (such as Script Engine, XML 3.0 & 4.0, Windows Installer 2.0 & 3.0 and more).
Pete LongConnect With a Mentor Technical ConsultantCommented:

If you find the settings on your XP clients are greyed out and you CANNOT ENABLE the built in XP firewall see;en-us;872769 

If the settings are grayed out and you need to DISABLE the firewall check the following

To get to the Group Policy Management console, click start, programs, administrative tools, Group Policy Management
Once inside, find the Small Business Server Windows Firewall
To edit it, right mouse click on edit
Drill down the tree to Computer configuration, Administrative Templates, Network, Windows Firewall, Domain Profile
On the right hand side is the firewall policies you can now control


Windows Firewall:  Protect all network connections – Enabled

Set the above to NOT CONFIGURED and local admins can enable and disable their own firewalls

If those wonts cure the problem the following will disable the firewall on an XP client.

The following commands enable and disable

netsh firewall ipv4 set opmode enable
netsh firewall ipv4 set opmode disable

The following peice of code turns off the firewall "Save as .vbs"

Set objFirewall = CreateObject("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile

objPolicy.FirewallEnabled = FALSE

The Following Registry entries enable and disable the firewall

HKLM\system\currentcontrolset\services\shared access\parameters\firewall\policy\standard profile
HKLM\system\currentcontrolset\services\shared access\parameters\firewall\policy\domain profile

The latter SHOULD apply when on the domain and the former when NOT on the domain

They each have a setting called

EnableFIrewall and DoNotAllowExceptions

Set to 0=off or 1=on


Has the network browswer service srtated?
In the advanced properties of the network card under TCP/IP advanced > is Netbios over TCP enabled?
nigelbeatsonAuthor Commented:
Thanks for your imput. Being a simple soul, I tried the dial-a-fix click to fix option first, but it did not resolve either of my problems. Thanks for your help though. I am in the process of wading through the recommendations suggested by Pete, and will let you know how I get on. Many thanks.
nigelbeatsonAuthor Commented:
The XP workstation is part of a small workgroup, and is not on a domain. We do not have a group policy editor in the admin tools. I do know that I followed a document which did tell me how to invoke the group policy editor, and did check at that time - the firewall option you mentioned is set to "not configured".

The firwewall is actually greyed out and is currently not switched on.

The two variables you mention ie EnableFIrewall is currently set to 1, and DoNotAllowExceptions is not visible,

The command "netsh firewall ipv4 set opmode enable" produced "The following command was not found" I cut and pasted it, so I know I entered it correctly.

The option setting for "enable NetBios over TCPIP" was set to the default setting ie not set on.

I have tried setting this to on, and it still will not let me browes the network.


I have a feeling that your firewall has been junked...  did you try the reset option on Dial-a-fix for the firewall?  

You know, in a case like this, I do not fool around with trying to fix all the problems that the virus / spyware caused..  I just relaod the machine, as no matter what you do, you never know if you really have fixed everything..  this is the one way to know for sure that the problems are fixed, and that no holes exist in your system...  Just MHO...  :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.