Cannot change firewall settings

J

Joshua Wood

Ok,

I've just updated this machine after being away for a year, so now
have xp pro SP2 and all upto date. I noticed however an issue with the
new firewall. All the options to turn it on/off are GREYED OUT and
disabled. At the top it reads:

For your security, some settnigs are controlled by Group Policy.

It is a stand alone machine (it is attached to a network but it's just
peer to peer, not domain), and I have never touched any policies
whatsoever.

The Windows Firewall/ICS service has this error when double clicking
it:
Configuration Manager: The Specified device instance handler does not
correspond to a present device.

It will then open the service allowing me to make alterations. It is
AUTO and STARTED. All settings are the same as an XP home machine
which functions correctly, and I have not channged anything in here
either. (ie, it should be the default settings)

After not finding much on the internet (and I've tried reregisted dlls
and running netsh firewall reset etc etc, and even netsh winsock
reset), I uninstalled SP2 and then reinstalled it. Firewall wasn't
even isntalled as seen here:

http://windowsxp.mvps.org/sharedaccess.htm

After installing the registry entry and rebooting I'm back to how I
was before.

I did have some spyware/trojans on my system before I initially
installed SP2 and the other upgrades, but that's all gone now, so a
reinstall should have fixed things.

Any help as to how I fix these issues? I don't use the windwos
firewall but I'm always concerned when there are errors.

Much thanks,
Josh
 
R

Ramesh, MS-MVP

Joshua,

See if this helps:

You cannot start the Windows Firewall service in Windows XP Service Pack 2:
http://support.microsoft.com/kb/892199

-and-

From Start/Run, type Gpedit.msc and navigate to:

Computer Configuration
=> Administrative Templates
=> System
=> Network
=> Network Connections
=> Windows Firewall
=> Standard Profile

Set the following options to "Not Configured" (defaults)

Windows Firewall: Protect all network connections
Windows Firewall: Do not allow exceptions
Windows Firewall: Define program exceptions
Windows Firewall: Allow local program exceptions
Windows Firewall: Allow remote administration exception
Windows Firewall: Allow file and printer sharing exception
Windows Firewall: Allow ICMP exceptions
Windows Firewall: Allow Remote Desktop exception
Windows Firewall: Allow UPnP framework exception
Windows Firewall: Prohibit notifications
Windows Firewall: Allow logging
Windows Firewall: Prohibit unicast response to multicast or broadcast
requests
Windows Firewall: Define port exceptions
Windows Firewall: Allow local port exceptions
 
J

Joshua Wood

Thanks for the quick reply.

However, nothing in that KB seems to relate to me, I don't get any of
the errors listed, and all the solutions listed are how my system
already is. Also, the polices listed below are already set to Not
Configured. As are the domain ones.

I'm wondering if SP2 is thinking my machine is on a domain or
something somehow, how can I check this? My network setup says my
machine is part of a workgroup, and not a domain....

Also, the firewall service is started and running ok, but I still get
that error when trying to access it's properties from the service
menu.

I've noticed this account in my local security policy settings, not
sure what it belongs to, or how to find out, or if it is having any
effect:
*S-1-5-21-1229272821-1677128483-854245398-1002 and
*S-1-5-21-1229272821-1677128483-854245398-1004 and
*S-1-5-21-1229272821-1677128483-854245398-1005

Any more ideas? I'm wondering if the spyware/trojan has someone
altered something in one of my group/local polices... and how to reset
them perhaps? Or how to debug them. I haven't touched any of this
stuff myself.

Much thanks,
Josh
 
R

Ramesh, MS-MVP

Josh,

Can you check if the WindowsFirewall policy keys are present in the
registry?

Open Regedit.exe and navigate to:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfil­e
(and)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProf­ile

In the right-pane, delete the "EnableFirewall" value.

Close Regedit.exe and restart.
 
J

Joshua Wood

Both keys are present, with a value of 0.
I deleted these keys from the standard and the domian entries. Upon
reboot I can now change my firewall settings from control panel |
Firewall.
So progress!

However, it still says at the top of the firewall settings:
For your security, some settings are controlled by group policy.

I doubt that they are, and that whatever I just did was a "haclk"
around my problems.

When I double click on the firewall service I still get the:
"Configuration Manager: The specified device instance handle does not
correspond to a present device" error, same as before.

I click OK and it will then bring up the settings for the service, as
before.

Josh
 
R

Ramesh, MS-MVP

Josh,

The entire "WindowsFirewall" can be deleted (backup to a REG file first). I
have no idea about the "Configuration Manager" error, but will look into
that.
 
J

Joshua Wood

Would be good to not have the "group policy" settings for the firewall
mentioned.... since that still implies to me that something has been
changed on my system (which might have been done via the trojans). So
if you can find anything more about resetting/fixing that, that would
be much apprecaited also.

Thanks for the help so far.
Josh
 
J

Joshua Wood

Any updates?

Josh

Would be good to not have the "group policy" settings for the firewall
mentioned.... since that still implies to me that something has been
changed on my system (which might have been done via the trojans). So
if you can find anything more about resetting/fixing that, that would
be much apprecaited also.

Thanks for the help so far.
Josh
Click to expand...
 
R

Ramesh, MS-MVP

J

Joshua Wood

Funnily enough, removing the whole firewall setting here:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfil­e
(and)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProf­ile

as you suggested, makes the firewall (appear) to work. Already I could
turn it on/off from the "Enabled" key deletion, but now it says either
"Your PC is not protected" or "It is..." and no longer mentions
anything about group policy settings, which is great.

I still get the configuration manager error with the service though.

How come the firewall service wasn't even installed when I reinstalled
SP2 though? That's strange to me, the whole firewall section was
missing. Should I try to reinstall SP2 over the top of itself? I'm not
keen on removing and then reinstalling SP2 if I can help it.

I'm also interested to know why the firewall works correctly WITHOUT
any registry entries, and did not work WITH them... perhaps this might
give you some clues to the service error?

Much thanks again,
Josh
 
R

Ramesh, MS-MVP

Josh,
any registry entries, and did not work WITH them... perhaps this might
give you some clues to the service error?

The entries that you deleted are Policy related entries, and they are not
required. Whereas the HKEY_LOCAL_MACHINE\...Service.....Sharedaccess key is
necessary for the service to be listed.

Yes. I think that'll help.

--
Ramesh, Microsoft MVP
Windows XP Shell/User

Windows XP Troubleshooting
http://www.winhelponline.com
 
J

Joshua Wood

Is there any way to reinstall the firewall service, or perform some
sort of repair/file check on it? (sfc /scannow does nothing to help)
 
R

Ramesh, MS-MVP

One method is here, using the rundll32 command-line, but I'm not sure
that'll help.
http://windowsxp.mvps.org/sharedaccess.htm

If not, the only option that I can think of, is a repair using the
slipstreamed CD.

Windows XP Service Pack 2
http://www.microsoft.com/downloads/...be-3b8e-4f30-8245-9e368d3cdb5a&displaylang=en

Slipstreaming Windows XP with Service Pack 2 (SP2):
http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp

[Automated slipstreaming] AutoStreamer 1.0.30:
http://www.majorgeeks.com/download4444.html


--
Ramesh, Microsoft MVP
Windows XP Shell/User

Windows XP Troubleshooting
http://www.winhelponline.com
 
J

Joshua Wood

From this page:
One method is here, using the rundll32 command-line, but I'm not sure
that'll help.
http://windowsxp.mvps.org/sharedaccess.htm
Click to expand...

Running as suggested:
rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132
%windir%\inf\netrass.inf

I get "installation failed" as the only error msg. Does this point to
anything? The file netrass.inf exists.

Thanks,
Josh
 
J

Joshua Wood

What is the original message?


Here is the original:

Ok,

I've just updated this machine after being away for a year, so now
have xp pro SP2 and all upto date. I noticed however an issue with the
new firewall. All the options to turn it on/off are GREYED OUT and
disabled. At the top it reads:

For your security, some settnigs are controlled by Group Policy.

It is a stand alone machine (it is attached to a network but it's just
peer to peer, not domain), and I have never touched any policies
whatsoever.

The Windows Firewall/ICS service has this error when double clicking
it:
Configuration Manager: The Specified device instance handler does not
correspond to a present device.

It will then open the service allowing me to make alterations. It is
AUTO and STARTED. All settings are the same as an XP home machine
which functions correctly, and I have not channged anything in here
either. (ie, it should be the default settings)

After not finding much on the internet (and I've tried reregisted dlls
and running netsh firewall reset etc etc, and even netsh winsock
reset), I uninstalled SP2 and then reinstalled it. Firewall wasn't
even isntalled as seen here:

http://windowsxp.mvps.org/sharedaccess.htm

After installing the registry entry and rebooting I'm back to how I
was before.

I did have some spyware/trojans on my system before I initially
installed SP2 and the other upgrades, but that's all gone now, so a
reinstall should have fixed things.

Any help as to how I fix these issues? I don't use the windwos
firewall but I'm always concerned when there are errors.

Much thanks,
Josh

Then I got the reply:

Can you check if the WindowsFirewall policy keys are present in the
registry?

Open Regedit.exe and navigate to:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfil­e
(and)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProf­ile

In the right-pane, delete the "EnableFirewall" value.

Then I said:
Both keys are present, with a value of 0.
I deleted these keys from the standard and the domian entries. Upon
reboot I can now change my firewall settings from control panel |
Firewall.
So progress!

However, it still says at the top of the firewall settings:
For your security, some settings are controlled by group policy.

I doubt that they are, and that whatever I just did was a "haclk"
around my problems.

When I double click on the firewall service I still get the:
"Configuration Manager: The specified device instance handle does not
correspond to a present device" error, same as before.

I click OK and it will then bring up the settings for the service, as
before.

Then I did as suggested and removed the firewall from the registry:
Funnily enough, removing the whole firewall setting here:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfil­e
(and)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProf­ile

as you suggested, makes the firewall (appear) to work. Already I could
turn it on/off from the "Enabled" key deletion, but now it says either
"Your PC is not protected" or "It is..." and no longer mentions
anything about group policy settings, which is great.

I still get the configuration manager error with the service though.

How come the firewall service wasn't even installed when I reinstalled
SP2 though? That's strange to me, the whole firewall section was
missing. Should I try to reinstall SP2 over the top of itself? I'm not
keen on removing and then reinstalling SP2 if I can help it. (Altready
tried it once with no luck)

Is there any way to reinstall the firewall service, or perform some
sort of repair/file check on it? (sfc /scannow does nothing to help)

Then the reply:
One method is here, using the rundll32 command-line, but I'm not sure
that'll help.
http://windowsxp.mvps.org/sharedaccess.htm

Then my response:
Running as suggested:
rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132
%windir%\inf\netrass.inf

I get "installation failed" as the only error msg. Does this point to
anything? The file netrass.inf exists.


Hope this helps, it's pretty much all our conversation. I've basically
resolved everything except:

The Windows Firewall/ICS service has this error when double clicking
it:
Configuration Manager: The Specified device instance handler does not
correspond to a present device.

It will then open the service allowing me to make alterations. It is
AUTO and STARTED. All settings are the same as an XP home machine
which functions correctly, and I have not channged anything in here
either. (ie, it should be the default settings)

Thanks,
Josh
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Firewall : IP protocol specific settings ? 64
Windows firewall settings 1
Windows Firewall Settings will not dosplay 4
Firewall is not enabled automatically 1
Help!! cannot disable (or turn off) Windows firewall 18
Windows Firewall won't start; Auto Private Addressing on 6
Firewall SP2 1
Cannot start Windows Firewall service using SP2 4

Top