Windows XP SP2 Firewall

I am getting a series of errors that may or may not be related.

THe first one is when I try to open the firewall settings I get a message stating "due to an unidentified problem windows cannot display windows firewall settings" . I have run all the fixes including reloading the dlls, and the sharedaccess service. the RPC is running as is the Firewall service.  My firewall is showing being on, but I cant get to the settings window. I have done a virus scan using CA EZ Trust Anti Virus-- nothing shows up. I'm also running Windows Defender and Ad-A Ware.

The second error is when I enter my wirelss router ip address I get a blank page.

Finally I have a reference to Zone Alarms in my registry yet I have nevered downloaded the program and it does not appear in the C:\Programs directory.

Are these realted and how can I fix the first two.
peteccapoAsked:
Who is Participating?
 
CetusMODCommented:
PAQed with points refunded (500)

CetusMOD
Community Support Moderator
0
 
lpkwebagent007Commented:
it's probably some actualization was  bad-installed

Try this:
start button-run and then you write "firewall.cpl"
disable the firewall (it should show a nice window for disable it)
if there's a blank page or don't show any then Stop the firewall (the service of Firewall, on the Control panel, administrative tools, services, Firewall/ICS)
Restart to Secure mode and try to reinstall (or quit) the service pack 2

Is very strange the "zonealarm" entry, I doubt seriously it's a virus......
just in casejou wanna know
in run type msconfig, go to Start and check everything should be ok (if something don't look good, uncheck it and restart)
greets
0
 
r-kCommented:
It doesn't sound like a virus/malware, but to be on the safe side, you can download and run HijackThis from: http://www.hijackthis.de/ and post the log back to that same web site (not here). Then click on "analyze" and on "Save Analysis" at the bottom of the next page. Finally, post a link here to the saved analyzed page.
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
Tim HolmanCommented:
This link describes this problem and a possible fix:

http://windowsxp.mvps.org/sharedaccess.htm
0
 
liamkellycabraCommented:

"due to an unidentified problem windows cannot display windows firewall settings"  

tim's answer has it i think http://windowsxp.mvps.org/sharedaccess.htm

"second error is when I enter my wirelss router ip address I get a blank page."

check the security level on your browser, might be too high for the page to be displayed. Also try using telnet [IP address] from the command promth to see if yyou can talk to the router and check the config about the HTTP management.

"Finally I have a reference to Zone Alarms in my registry yet I have nevered downloaded the program and it does not appear in the C:\Programs directory."

my be a white list for the antispyware software.
0
 
Rich RumbleSecurity SamuraiCommented:
"Netsh firewall" is the command line tool for the windows firewall, you may have a look at it as well:

C:\>netsh firewall show  (or netsh firewall /? )
The following commands are available:
Commands in this context:
show allowedprogram - Shows firewall allowed program configuration.
show config    - Shows firewall configuration.
show currentprofile - Shows current firewall profile.
show icmpsetting - Shows firewall ICMP configuration.
show logging   - Shows firewall logging configuration.
show multicastbroadcastresponse - Shows firewall multicast/broadcast response configuration.
show notifications - Shows firewall notification configuration.
show opmode    - Shows firewall operational configuration.
show portopening - Shows firewall port configuration.
show service   - Shows firewall service configuration.
show state     - Shows current firewall state.

C:\>netsh firewall show opmode
Domain profile configuration:
-------------------------------------------------------------------
Operational mode                  = Enable
Exception mode                    = Enable
Standard profile configuration:
-------------------------------------------------------------------
Operational mode                  = Enable
Exception mode                    = Enable
Local Area Connection firewall configuration:
-------------------------------------------------------------------
Operational mode                  = Enable

C:\>netsh firewall show state
The service has not been started. (firewall not started)

To enable the firewall: netsh firewall set opmode enable
-rich
0
 
peteccapoAuthor Commented:
r-k
Logfile of HijackThis v1.99.1
Scan saved at 11:56:53 AM, on 4/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.5\QOELoader.exe
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Software by Design\Calendar.exe
C:\Program Files\SpamButcher\spambutcher.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Pete\My Documents\dwnloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=presario&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=presario&pf=laptop
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.5\QOELoader.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - Startup: Calendar 2000.lnk = C:\Program Files\Software by Design\Calendar.exe
O4 - Startup: SpamButcher.lnk = C:\Program Files\SpamButcher\spambutcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146108133078
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetup Control) - https://ns.willowcsn.com/dana-cached/setup/JuniperSetup.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - http://entimg.msn.com/client/msnmusax3501.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

0
 
r-kCommented:
Your HJT log looks clean, at least nothing bad there.

Do try the ideas posted by rich and others.
0
 
peteccapoAuthor Commented:
ran the netsh firewall show commands and all look good except

C:\>netsh firewall show state

Firewall status:
-------------------------------------------------------
Profile                           = Standard
Operational mode                  = Enable
Exception mode                    = Enable
Multicast/broadcast response mode = Enable
Notification mode                 = Enable
Group policy version              = None
Remote admin mode                 = Disable

Ports currently open on all network interfaces:
Port   Protocol  Version  Program
-------------------------------------------------------
No ports are currently open on all network interfaces.

I ran the fix at  http://windowsxp.mvps.org/sharedaccess.htm
but stiil no luck

When I run firewall.cpl I get same error message!!!
0
 
peteccapoAuthor Commented:
Hey guys I've done all your fixes and still get error message!!!!?????????????????????????HELP
0
 
peteccapoAuthor Commented:
Would reinstalling SP2 help? If so how do you do that. My computer came with it installed thru manufacutrer CD. It doesnt show in Add-Remove as a fix or add-on so I cant remove it. I dont want to re-install XP.
0
 
Tim HolmanCommented:
Did you try the last bit too? --

If nothing helps, as a last-resort solution (before reinstalling Windows XP Service Pack 2), give these two commands a try. Click Start, Run and type:

rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.inf

Restart Windows, and then run this command (from Command Prompt):

NETSH FIREWALL RESET

Attempt to start Firewall applet. Start the Windows Firewall service if prompted.
0
 
Tim HolmanCommented:
PS - Windows XP SP2 is your OS.  Reinstalling it means reinstalling your OS.

When did this all start happening?
0
 
peteccapoAuthor Commented:
Tim- I'm not sure when it happen. I noticed it when I was trying to access my wireless router and got a blank page thru the url. I though maybe the firewall was stopping the access so I went to the security center to turn it off and I got the error message.

I have tried your fix and after resetting the firewall I still get the message either running firewall.cpl ot thru the control panel.

I know the XP SP2 is my OS, but I thought the SP2 could be uninstalled seperately and reloaded thru the CD that came with the computer.

I did run a registry cleanup thru system mechanic a month ago- could that have caused a regestry problem that could affect this??? I ran all the dll and sharedaccess fixes that have been reccommended thru experts-exchange.
0
 
r-kCommented:
If you have the XP CD on hand you could try "sfc /scannow" from a command prompt. See http://support.microsoft.com/default.aspx?scid=kb;en-us;310747 for a description.

You can also consider a repair reinstall of XP. See:
 http://www.michaelstevenstech.com/XPrepairinstall.htm
0
 
peteccapoAuthor Commented:
Dushan911
are your fixes for installing/repairing sp2 or fixing the firewall error message?????
0
 
peteccapoAuthor Commented:
dushan911-- you really wasted my time with your links-- i couldnt find any fix that referenced my firewall error message- next time be more specific in your solutions.
0
 
peteccapoAuthor Commented:
by the way I rebooted my router and now I can access its url--- so that problem is solved.
0
 
peteccapoAuthor Commented:
just to update everyone, i have tried every fix listed except reload or repair OS and still have error message-- i still cant get to firewall settings.
0
 
peteccapoAuthor Commented:
i did a system restore from 3 weeks ago and it resolved issue.
0
 
r-kCommented:
That's good news. Thanks for posting the resolution.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.