Windows XP SP2 Firewall

I am getting a series of errors that may or may not be related.

THe first one is when I try to open the firewall settings I get a message stating "due to an unidentified problem windows cannot display windows firewall settings" . I have run all the fixes including reloading the dlls, and the sharedaccess service. the RPC is running as is the Firewall service.  My firewall is showing being on, but I cant get to the settings window. I have done a virus scan using CA EZ Trust Anti Virus-- nothing shows up. I'm also running Windows Defender and Ad-A Ware.

The second error is when I enter my wirelss router ip address I get a blank page.

Finally I have a reference to Zone Alarms in my registry yet I have nevered downloaded the program and it does not appear in the C:\Programs directory.

Are these realted and how can I fix the first two.
Who is Participating?
PAQed with points refunded (500)

Community Support Moderator
it's probably some actualization was  bad-installed

Try this:
start button-run and then you write "firewall.cpl"
disable the firewall (it should show a nice window for disable it)
if there's a blank page or don't show any then Stop the firewall (the service of Firewall, on the Control panel, administrative tools, services, Firewall/ICS)
Restart to Secure mode and try to reinstall (or quit) the service pack 2

Is very strange the "zonealarm" entry, I doubt seriously it's a virus......
just in casejou wanna know
in run type msconfig, go to Start and check everything should be ok (if something don't look good, uncheck it and restart)
It doesn't sound like a virus/malware, but to be on the safe side, you can download and run HijackThis from: and post the log back to that same web site (not here). Then click on "analyze" and on "Save Analysis" at the bottom of the next page. Finally, post a link here to the saved analyzed page.
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

Tim HolmanCommented:
This link describes this problem and a possible fix:

"due to an unidentified problem windows cannot display windows firewall settings"  

tim's answer has it i think

"second error is when I enter my wirelss router ip address I get a blank page."

check the security level on your browser, might be too high for the page to be displayed. Also try using telnet [IP address] from the command promth to see if yyou can talk to the router and check the config about the HTTP management.

"Finally I have a reference to Zone Alarms in my registry yet I have nevered downloaded the program and it does not appear in the C:\Programs directory."

my be a white list for the antispyware software.
Rich RumbleSecurity SamuraiCommented:
"Netsh firewall" is the command line tool for the windows firewall, you may have a look at it as well:

C:\>netsh firewall show  (or netsh firewall /? )
The following commands are available:
Commands in this context:
show allowedprogram - Shows firewall allowed program configuration.
show config    - Shows firewall configuration.
show currentprofile - Shows current firewall profile.
show icmpsetting - Shows firewall ICMP configuration.
show logging   - Shows firewall logging configuration.
show multicastbroadcastresponse - Shows firewall multicast/broadcast response configuration.
show notifications - Shows firewall notification configuration.
show opmode    - Shows firewall operational configuration.
show portopening - Shows firewall port configuration.
show service   - Shows firewall service configuration.
show state     - Shows current firewall state.

C:\>netsh firewall show opmode
Domain profile configuration:
Operational mode                  = Enable
Exception mode                    = Enable
Standard profile configuration:
Operational mode                  = Enable
Exception mode                    = Enable
Local Area Connection firewall configuration:
Operational mode                  = Enable

C:\>netsh firewall show state
The service has not been started. (firewall not started)

To enable the firewall: netsh firewall set opmode enable
peteccapoAuthor Commented:
Logfile of HijackThis v1.99.1
Scan saved at 11:56:53 AM, on 4/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-\QOELoader.exe
C:\Program Files\Software by Design\Calendar.exe
C:\Program Files\SpamButcher\spambutcher.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Pete\My Documents\dwnloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-\QOELoader.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - Startup: Calendar 2000.lnk = C:\Program Files\Software by Design\Calendar.exe
O4 - Startup: SpamButcher.lnk = C:\Program Files\SpamButcher\spambutcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} -
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetup Control) -
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) -
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Your HJT log looks clean, at least nothing bad there.

Do try the ideas posted by rich and others.
peteccapoAuthor Commented:
ran the netsh firewall show commands and all look good except

C:\>netsh firewall show state

Firewall status:
Profile                           = Standard
Operational mode                  = Enable
Exception mode                    = Enable
Multicast/broadcast response mode = Enable
Notification mode                 = Enable
Group policy version              = None
Remote admin mode                 = Disable

Ports currently open on all network interfaces:
Port   Protocol  Version  Program
No ports are currently open on all network interfaces.

I ran the fix at
but stiil no luck

When I run firewall.cpl I get same error message!!!
peteccapoAuthor Commented:
Hey guys I've done all your fixes and still get error message!!!!?????????????????????????HELP
peteccapoAuthor Commented:
Would reinstalling SP2 help? If so how do you do that. My computer came with it installed thru manufacutrer CD. It doesnt show in Add-Remove as a fix or add-on so I cant remove it. I dont want to re-install XP.
Tim HolmanCommented:
Did you try the last bit too? --

If nothing helps, as a last-resort solution (before reinstalling Windows XP Service Pack 2), give these two commands a try. Click Start, Run and type:

rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.inf

Restart Windows, and then run this command (from Command Prompt):


Attempt to start Firewall applet. Start the Windows Firewall service if prompted.
Tim HolmanCommented:
PS - Windows XP SP2 is your OS.  Reinstalling it means reinstalling your OS.

When did this all start happening?
peteccapoAuthor Commented:
Tim- I'm not sure when it happen. I noticed it when I was trying to access my wireless router and got a blank page thru the url. I though maybe the firewall was stopping the access so I went to the security center to turn it off and I got the error message.

I have tried your fix and after resetting the firewall I still get the message either running firewall.cpl ot thru the control panel.

I know the XP SP2 is my OS, but I thought the SP2 could be uninstalled seperately and reloaded thru the CD that came with the computer.

I did run a registry cleanup thru system mechanic a month ago- could that have caused a regestry problem that could affect this??? I ran all the dll and sharedaccess fixes that have been reccommended thru experts-exchange.
If you have the XP CD on hand you could try "sfc /scannow" from a command prompt. See;en-us;310747 for a description.

You can also consider a repair reinstall of XP. See:
peteccapoAuthor Commented:
are your fixes for installing/repairing sp2 or fixing the firewall error message?????
peteccapoAuthor Commented:
dushan911-- you really wasted my time with your links-- i couldnt find any fix that referenced my firewall error message- next time be more specific in your solutions.
peteccapoAuthor Commented:
by the way I rebooted my router and now I can access its url--- so that problem is solved.
peteccapoAuthor Commented:
just to update everyone, i have tried every fix listed except reload or repair OS and still have error message-- i still cant get to firewall settings.
peteccapoAuthor Commented:
i did a system restore from 3 weeks ago and it resolved issue.
That's good news. Thanks for posting the resolution.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.