1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Windows XP FIREWALL error message

Discussion in 'Windows XP' started by thewall, Jul 27, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. thewall

    thewall Thread Starter

    Joined:
    Jul 27, 2006
    Messages:
    148
    Hi
    I am now being informed by my PC that there is a problem with my security firewall settings (possibly registry troubles). Ugh!

    Here's the error message:

    "Due to an unidentified problem, Windows cannot display Windows Firewall settings."

    Further information as per this problem:

    On Wed. the 26th... I experienced my very 1st... attack by viruses! It came in the form of many viruses such as droppers, trojans, etc. after my wife used my computer online! I still LOVE her tons, but she's not sure what could have caused it. Long story short... AVG picked-up everything (it seems) and I also ran Spybot S&D, Spy Subtract, MS AntiSpy, Ad-Aware... and I think that's all. After those runs, I ran Clean-Up 2005. Anyway... I ran them all each several times since then... and all seem clear. However, this morning AVG went through it's usual update and scan... and 1 additional virus was detected and "healed". Ran all of the above again and all seems clear!

    BUT... the problem that I cannot seem to correct is with the Windows Firewall. It is now marked as "OFF" in the Windows Security Centry (alert) and the "Recommendations button" suggestions cannot be followed. When they are tried... the error message "Due to an unidentified problem, Windows cannot display Windows Firewall settings." always occurs! Help....:confused:

    I know enough about PC's in general (enough to make me dangerous to my computer's health if I mess at all with the registry on my own!) to do a lot of the routine stuff, but this problem has me stumped... BIG time!:eek:

    Any help, or advice would be great. Thanks in advance for any assistance offered!

    << thewall >>
     
  2. thewall

    thewall Thread Starter

    Joined:
    Jul 27, 2006
    Messages:
    148
    Is there anyone out there who has had experience with this kind of Firewall problem?

    I called the Microsoft Help number and they said it would be $35 US... to correct the issue! Is that a good way to go?

    Thoughts?:confused:
     
  3. ozrom1e

    ozrom1e

    Joined:
    May 15, 2006
    Messages:
    11,849
    Please try this

    There are situations where-in you need to reset your Windows Firewall settings, after removing a Trojan etc. Resetting the Windows Firewall sets the configuration to factory defaults by removing all the programs / port / exceptions settings.
    To reset the Windows Firewall to the factory default state, try this:
    Type firewall.cpl in Start, Run dialog.
    Click the Advanced tab.
    Click the Restore Defaults button.
    Click Yes to continue when you see this dialog
    Restoring the default settings will delete all settings of Windows Firewall that you have made since Windows was installed. This may cause some programs to stop working.

    Do you want to continue?
    The Windows Firewall is now turned ON, and set to factory default state.
    Alternately, you can use the NETSH command-line to accomplish this:
    Open a Command Prompt window and type NETSH FIREWALL RESET
    This command resets firewall configuration to default. This provides the same functionality as the Restore Defaults button in the Windows Firewall interface.
     
  4. thewall

    thewall Thread Starter

    Joined:
    Jul 27, 2006
    Messages:
    148
    Hi ozrom1e... Thanks for your reply. I appreciate it greatly!:)


    I did try this:
    Type firewall.cpl in Start, Run dialog. But... as soon as I click the OK button... I get the exact error message I posted originally: "Due to an unidentified problem, Windows cannot display Windows Firewall settings."

    There seems to be no way for me to go on to the next steps you've given me.:confused:

    What do you think, at this point?
     
  5. WhitPhil

    WhitPhil Gone but never forgotten Trusted Advisor

    Joined:
    Oct 4, 2000
    Messages:
    8,684
  6. thewall

    thewall Thread Starter

    Joined:
    Jul 27, 2006
    Messages:
    148
    Hi WhitPhil... thanks for the reply.

    Well... actually I found that page on the MS site even before I posted my 1st message on this thread, but I was fearful that I might get in over my head as this suggests messing around with the registry.

    There is mention of a warning as follows: "Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk."

    That kind of thing scares the "socks off my feet"... if you know what I mean!:confused:

    Thoughts?
     
  7. WhitPhil

    WhitPhil Gone but never forgotten Trusted Advisor

    Joined:
    Oct 4, 2000
    Messages:
    8,684
    Before you make the change, create a Restore point that you can get back to if required.

    Yes, you are changing the registry, but it is really not haphazard. The changes are all there for you to just copy/paste into Notepad
     
  8. thewall

    thewall Thread Starter

    Joined:
    Jul 27, 2006
    Messages:
    148
    I'm not totally sure of what you're saying here. :eek: Sorry...

    How do I go about doing that? Is it a simple process?:eek:
     
  9. WhitPhil

    WhitPhil Gone but never forgotten Trusted Advisor

    Joined:
    Oct 4, 2000
    Messages:
    8,684
    Start > Run > MSCONFIG
    Launch System Restore Button
    Select Create a Restore Point
    Next
    Give it a Description
    Create
     
  10. thewall

    thewall Thread Starter

    Joined:
    Jul 27, 2006
    Messages:
    148
    OK... thanks! I'll try it and get back to let you know how it went.:)
     
  11. thewall

    thewall Thread Starter

    Joined:
    Jul 27, 2006
    Messages:
    148
    Well... I tried this for 5 different (dates) restore points and each time I got a message that told me the restore point could not be made for that paricular date.

    Now... what should I do? Any thoughts?:confused:
     
  12. ozrom1e

    ozrom1e

    Joined:
    May 15, 2006
    Messages:
    11,849
    Well, the fix I gave did not work as expected and several other things did not work so let's check out infections as the possible cause.

    To download HJTsetup.exe To Download HijackThis go to the following: http://www.thespykiller.co.uk/forum/index.php?action=tpmod;dl=item5
    Filename = 1137518044HJTsetup.exe
    Save the file to your desktop.
    Double click on the HJTsetup.exe icon on your desktop.
    By default it will install to C:\Program Files\HijackThis.
    Continue to click Next in the setup dialog boxes until you get to the Select Additional Tasks dialog.
    Put a check by Create a desktop icon then click Next again.
    Continue to follow the rest of the prompts from there.
    At the final dialog box click Finish and it will launch Hijack This.
    Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
    Click Save to save the log file and then the log will open in notepad.
    At the top of the Notepad HJT log screen, hit Edit then Select All then click Edit and then click Copy doing that copies the text to the clipboard, you won't see it yet....
    Open a TechSupportGuy forum Reply window for this thread, to have ready to paste the Hijackthis log into. Click once to place the typing cursor in the reply window.
    At the top of your TSG/browser window, hit Edit then Paste
    You should see your copied Hijackthis log appear in the reply space....then, submit the reply
    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
     
  13. thewall

    thewall Thread Starter

    Joined:
    Jul 27, 2006
    Messages:
    148
    Logfile of HijackThis v1.99.1
    Scan saved at 11:41:11 PM, on 7/27/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\InterMute\SpySubtract\SpySub.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\AGRSMMSG.exe
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dennisfire.org/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dennisfire.org/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\sslaunch.exe
    O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Natural Reader - {0DF757C4-9999-463C-A4EB-B6BF1D8D8D3D} - C:\Program Files\NaturalReaders\Natural Voice Text To Speech Software Standard\read.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase5059.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1153973901470
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1154006844609
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7C957E27-CF5D-4B66-8DD7-95B42FFE0327}: NameServer = 209.204.64.2 209.204.64.3
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
     
  14. thewall

    thewall Thread Starter

    Joined:
    Jul 27, 2006
    Messages:
    148
    Hi... I had posted this (see above) HJT log last night just before Midnight... and I'm still hoping that someone can look at it and let me know how to proceed.

    Thanks in advance for any assistance!:confused:
     
  15. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    The "sharedaccess" repair patch is available here, follow directions:

    http://windowsxp.mvps.org/sharedaccess.htm

    In some cases you may also need to reset the Winsock key. If the above alone does not resolve things, open a command prompt (start > run cmd)

    and at the prompt enter:

    netsh winsock reset catalog

    Then reboot the computer
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/486886

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice