I am in the process of removing viruses from a friend’s laptop, but one of the viruses has changed a number of system policies. For example, it turned off the ability to turn off system restore, disabled cmd access and the task manager, and a number of other things.
Through a boot disk wherewith I was able to edit a few of the registry entries, I managed to get the system to where I could turn off system restore, and I got rid of some of the virus’ own registry entries (as well as its executable files), and am finally able to get an anti-virus program to scan the system (it’s in the process of doing that right now).
A few things are still awry, though, such as the fact that the system still says that cmd access is disabled, even though the registry key for it IS set to 2, as it should be. Thus, there are still some residual effects, and it would be good for me to be able to restore whatever the default policy values are.
Even aside from this particular instance, there is another machine, belonging to someone else, where someone got overzealous with setting policies, to the point that many restrictions also got applied to the system administrator.
Thus, there are TWO reasons that I would like to be able to restore system, user, and group policy settings to their default values.
Any ideas?
Thanks!