Question

Locked

Windows XP Don't Want Group Policy Controlling Firewall

By mharkansas ·
Can someone please help me. Programs were hanging up and "My Computer" was not responding. I found a few Trojans/viruses and renamed/moved them. All of the sudden my Windows Firewall is Controlled by Group Policy and I guess the firewall is turned off.

I'm the only user of my computer but do have two accounts set up, one for each ipod. Not even sure what I have. When computer was new my nephew set it up with Windows XP Pro. He partitioned it with C and \ and not sure where he put the Windows files but I find them in C and \ so he probably put them in \.

Then the C part of partition got ruined in shipping and a now-closed shop installed XP Home in C. I paid and have the unopened Windows XP Home but he said he just used my number when he installed it with his disk. I see NT referred to sometimes.

I would like to get help in removing all the accounts (administrator, Michele, white ipod) and just be a one account computer and get rid of this group policy thing. Can anyone help me?

Thanks
Michele

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

How do you know

by ComputerCookie In reply to Windows XP Don't Want Gro ...

that GP's are the problem? What messages are
you getting?

The guy at the shop was right about the XP
Home installation.

You cannot delete the administrator account,
however you can delete the others.

You can change the GP Firewall settings or
you can reset all GP's to default.

Post back if you wish to try either of these
possibilities.

Jeff

Collapse -

Computer out of shop

by mharkansas In reply to How do you know

Thanks for your reply. I just got my computer out of the shop. The Power Supply box burned up. The computer seems to be working fine. I think I had all the problems removed before it burned up.

I never thought the CP Firewall settings were the problem but I can't figure out why that happened all of the sudden of it being controlled that way. And I need a firewall and it doesn't look like the Windows firewall is turned on.

Do you know if I an download a free firewall and install it and have it work with the GP settings being the way they are?

Collapse -

Go to this link and download Zonealarm,

by ComputerCookie In reply to Computer out of shop

http://www.zonealarm.com/store/content/catalog/products/zonealarm_free_firewall_b.jsp;jsessionid=Ju2Jh2O1YZAM1V7g2ZjJjvuGWs2Ckh4xc52ivvnCqGVK1xk8oGcR!88983225!-1062696903!7551!7552!NONE

The firewall settings in GP only relate to the windows firewall, which isn't an effective program anyway as it doesn't control outbound traffic.

Jeff

Collapse -

Zone Alarm

by mharkansas In reply to Go to this link and downl ...

Thanks, you are very helpful. Michele

Collapse -

See how you go with this

by Jacky Howe In reply to Windows XP Don't Want Gro ...

Turn off System Restore
<br><br>
Download Malwarebytes Anti-Malware.
<br>
http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe
<br><br>

* Double-click mbam-setup.exe and follow the prompts to install the program.<br>
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.<br>
* If an update is found, it will download and install the latest version.<br>
* Once the program has loaded, select Perform Quick Scan, then click Scan.<br>
* When the scan is complete, click OK, then Show Results to view the results.<br>
* Be sure that everything is checked, and click Remove Selected.<br>
<br>
I would keep scanning with it until it is clean by closing out and rebooting and running it again.
<br>
Just to be on the safe side when you finish do an online scan with Bitdefender.
<br>
http://www.bitdefender.com/scan8/ie.html
<br><br>
Log on to the PC as an Administrator or an Account with Administrator privelages.
<br><br>
Open Control Panel from the Start menu, and then double click User Accounts.
<br><br>
Click Create a new account. Create a new account with Administrative privelages. Name it something like MicheleLastname.
<br><br>
Log on to the PC with your new account.
<br><br>
Open Control Panel from the Start menu, and then double click User Accounts.
<br><br>
Click the account that you want to Delete. Repeat for each account that you want to remove.
<br><br>
Click Delete the account to delete the user account from the computer. When you delete the account, you are given the option to save the user's files on the computer.
<br><br>
Note: You can not delete the account for a user that is currently logged on to the computer.
<br><br>
<i>Keep us informed as to your progress if you require further assistance.</i>
<br><br>
<i>If you think that any of the posts that have been made by all TR Members, have solved or contributed to solving the problem, please Mark them as <b>Helpful</b> so that others may benefit from the outcome.
</i>

Collapse -

Got Rid of Group Policy by running SDFix

by mharkansas In reply to Windows XP Don't Want Gro ...

I ran SDFix today and miraculously my windows firewall isn't controlled by Group Policy any more. It didn't find any viruses so am not sure what it did to make the change. I'll post it here FYI.
SDFix: Version 1.240
Run by Administrator on Tue 12/02/2008 at 12:30 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found


Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-02 12:40:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Avant Browser\\avant.exe"="C:\\Program Files\\Avant Browser\\avant.exe:*:Enabled:Avant Browser"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\WINDOWS\\system32\\drivers\\svchost.exe"="C:\\WINDOWS\\system32\\drivers\\svchost.exe:*:Disabled:svchost"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files :


Files with Hidden Attributes :

Sun 4 Nov 2007 31 A..H. --- "C:\WINDOWS\uccspecc.sys"
Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Mon 27 Feb 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 4 Mar 2006 401 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv14.bak"
Sat 24 Nov 2007 25,088 ...H. --- "C:\Documents and Settings\Michele Hermanns\My Documents\~WRL0001.tmp"
Sat 24 Nov 2007 200,704 ...H. --- "C:\Documents and Settings\Michele Hermanns\My Documents\~WRL1264.tmp"
Sat 24 Nov 2007 27,648 ...H. --- "C:\Documents and Settings\Michele Hermanns\My Documents\~WRL2667.tmp"
Mon 2 Oct 2006 50,280 ...H. --- "C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe"
Tue 22 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT1.tmp"
Mon 27 Feb 2006 4,348 ...H. --- "C:\Documents and Settings\Michele Hermanns\My Documents\My Music\License Backup\drmv1key.bak"
Mon 27 Feb 2006 20 A..H. --- "C:\Documents and Settings\Michele Hermanns\My Documents\My Music\License Backup\drmv1lic.bak"
Tue 14 Feb 2006 312 A.SH. --- "C:\Documents and Settings\Michele Hermanns\My Documents\My Music\License Backup\drmv2key.bak"

Finished!

Thanks to everyone for your help. Michele

Collapse -

Good to see that you

by Jacky Howe In reply to Got Rid of Group Policy b ...

are up and running again.

Back to Malware Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums