Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Windows XP SP2 Firewall

Posted on 2006-04-27
24
Medium Priority
?
377 Views
Last Modified: 2013-11-16
I am getting a series of errors that may or may not be related.

THe first one is when I try to open the firewall settings I get a message stating "due to an unidentified problem windows cannot display windows firewall settings" . I have run all the fixes including reloading the dlls, and the sharedaccess service. the RPC is running as is the Firewall service.  My firewall is showing being on, but I cant get to the settings window. I have done a virus scan using CA EZ Trust Anti Virus-- nothing shows up. I'm also running Windows Defender and Ad-A Ware.

The second error is when I enter my wirelss router ip address I get a blank page.

Finally I have a reference to Zone Alarms in my registry yet I have nevered downloaded the program and it does not appear in the C:\Programs directory.

Are these realted and how can I fix the first two.
0
Comment
Question by:peteccapo
  • 11
  • 4
  • 3
  • +5
23 Comments
 

Expert Comment

by:lpkwebagent007
ID: 16559370
it's probably some actualization was  bad-installed

Try this:
start button-run and then you write "firewall.cpl"
disable the firewall (it should show a nice window for disable it)
if there's a blank page or don't show any then Stop the firewall (the service of Firewall, on the Control panel, administrative tools, services, Firewall/ICS)
Restart to Secure mode and try to reinstall (or quit) the service pack 2

Is very strange the "zonealarm" entry, I doubt seriously it's a virus......
just in casejou wanna know
in run type msconfig, go to Start and check everything should be ok (if something don't look good, uncheck it and restart)
greets
0
 
LVL 32

Expert Comment

by:r-k
ID: 16559387
It doesn't sound like a virus/malware, but to be on the safe side, you can download and run HijackThis from: http://www.hijackthis.de/ and post the log back to that same web site (not here). Then click on "analyze" and on "Save Analysis" at the bottom of the next page. Finally, post a link here to the saved analyzed page.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 16559752
This link describes this problem and a possible fix:

http://windowsxp.mvps.org/sharedaccess.htm
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
LVL 2

Expert Comment

by:liamkellycabra
ID: 16560315

"due to an unidentified problem windows cannot display windows firewall settings"  

tim's answer has it i think http://windowsxp.mvps.org/sharedaccess.htm

"second error is when I enter my wirelss router ip address I get a blank page."

check the security level on your browser, might be too high for the page to be displayed. Also try using telnet [IP address] from the command promth to see if yyou can talk to the router and check the config about the HTTP management.

"Finally I have a reference to Zone Alarms in my registry yet I have nevered downloaded the program and it does not appear in the C:\Programs directory."

my be a white list for the antispyware software.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 16561912
"Netsh firewall" is the command line tool for the windows firewall, you may have a look at it as well:

C:\>netsh firewall show  (or netsh firewall /? )
The following commands are available:
Commands in this context:
show allowedprogram - Shows firewall allowed program configuration.
show config    - Shows firewall configuration.
show currentprofile - Shows current firewall profile.
show icmpsetting - Shows firewall ICMP configuration.
show logging   - Shows firewall logging configuration.
show multicastbroadcastresponse - Shows firewall multicast/broadcast response configuration.
show notifications - Shows firewall notification configuration.
show opmode    - Shows firewall operational configuration.
show portopening - Shows firewall port configuration.
show service   - Shows firewall service configuration.
show state     - Shows current firewall state.

C:\>netsh firewall show opmode
Domain profile configuration:
-------------------------------------------------------------------
Operational mode                  = Enable
Exception mode                    = Enable
Standard profile configuration:
-------------------------------------------------------------------
Operational mode                  = Enable
Exception mode                    = Enable
Local Area Connection firewall configuration:
-------------------------------------------------------------------
Operational mode                  = Enable

C:\>netsh firewall show state
The service has not been started. (firewall not started)

To enable the firewall: netsh firewall set opmode enable
-rich
0
 

Author Comment

by:peteccapo
ID: 16563811
r-k
Logfile of HijackThis v1.99.1
Scan saved at 11:56:53 AM, on 4/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.5\QOELoader.exe
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Software by Design\Calendar.exe
C:\Program Files\SpamButcher\spambutcher.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Pete\My Documents\dwnloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=presario&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=presario&pf=laptop
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.5\QOELoader.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - Startup: Calendar 2000.lnk = C:\Program Files\Software by Design\Calendar.exe
O4 - Startup: SpamButcher.lnk = C:\Program Files\SpamButcher\spambutcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146108133078
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetup Control) - https://ns.willowcsn.com/dana-cached/setup/JuniperSetup.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - http://entimg.msn.com/client/msnmusax3501.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

0
 
LVL 32

Expert Comment

by:r-k
ID: 16564590
Your HJT log looks clean, at least nothing bad there.

Do try the ideas posted by rich and others.
0
 

Author Comment

by:peteccapo
ID: 16564947
ran the netsh firewall show commands and all look good except

C:\>netsh firewall show state

Firewall status:
-------------------------------------------------------
Profile                           = Standard
Operational mode                  = Enable
Exception mode                    = Enable
Multicast/broadcast response mode = Enable
Notification mode                 = Enable
Group policy version              = None
Remote admin mode                 = Disable

Ports currently open on all network interfaces:
Port   Protocol  Version  Program
-------------------------------------------------------
No ports are currently open on all network interfaces.

I ran the fix at  http://windowsxp.mvps.org/sharedaccess.htm
but stiil no luck

When I run firewall.cpl I get same error message!!!
0
 

Author Comment

by:peteccapo
ID: 16565122
Hey guys I've done all your fixes and still get error message!!!!?????????????????????????HELP
0
 

Author Comment

by:peteccapo
ID: 16565161
Would reinstalling SP2 help? If so how do you do that. My computer came with it installed thru manufacutrer CD. It doesnt show in Add-Remove as a fix or add-on so I cant remove it. I dont want to re-install XP.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 16568485
Did you try the last bit too? --

If nothing helps, as a last-resort solution (before reinstalling Windows XP Service Pack 2), give these two commands a try. Click Start, Run and type:

rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.inf

Restart Windows, and then run this command (from Command Prompt):

NETSH FIREWALL RESET

Attempt to start Firewall applet. Start the Windows Firewall service if prompted.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 16568495
PS - Windows XP SP2 is your OS.  Reinstalling it means reinstalling your OS.

When did this all start happening?
0
 

Author Comment

by:peteccapo
ID: 16569188
Tim- I'm not sure when it happen. I noticed it when I was trying to access my wireless router and got a blank page thru the url. I though maybe the firewall was stopping the access so I went to the security center to turn it off and I got the error message.

I have tried your fix and after resetting the firewall I still get the message either running firewall.cpl ot thru the control panel.

I know the XP SP2 is my OS, but I thought the SP2 could be uninstalled seperately and reloaded thru the CD that came with the computer.

I did run a registry cleanup thru system mechanic a month ago- could that have caused a regestry problem that could affect this??? I ran all the dll and sharedaccess fixes that have been reccommended thru experts-exchange.
0
 
LVL 32

Expert Comment

by:r-k
ID: 16569384
If you have the XP CD on hand you could try "sfc /scannow" from a command prompt. See http://support.microsoft.com/default.aspx?scid=kb;en-us;310747 for a description.

You can also consider a repair reinstall of XP. See:
 http://www.michaelstevenstech.com/XPrepairinstall.htm
0
 

Author Comment

by:peteccapo
ID: 16577697
Dushan911
are your fixes for installing/repairing sp2 or fixing the firewall error message?????
0
 

Author Comment

by:peteccapo
ID: 16577719
dushan911-- you really wasted my time with your links-- i couldnt find any fix that referenced my firewall error message- next time be more specific in your solutions.
0
 

Author Comment

by:peteccapo
ID: 16577822
by the way I rebooted my router and now I can access its url--- so that problem is solved.
0
 

Author Comment

by:peteccapo
ID: 16577841
just to update everyone, i have tried every fix listed except reload or repair OS and still have error message-- i still cant get to firewall settings.
0
 

Author Comment

by:peteccapo
ID: 16581377
i did a system restore from 3 weeks ago and it resolved issue.
0
 
LVL 32

Expert Comment

by:r-k
ID: 16581439
That's good news. Thanks for posting the resolution.
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 16814299
PAQed with points refunded (500)

CetusMOD
Community Support Moderator
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes Administrators rights are not enough. These cases call for the SYSTEM account. The process in this article outlines the steps required to execute commands using the SYSTEM account.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question