You cannot start the Windows Firewall service in Windows XP SP2 (920074)


The information in this article applies to:

  • Microsoft Windows XP Professional
  • Microsoft Windows XP Professional SP2
  • Microsoft Windows XP Home Edition SP2
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry

SYMPTOMS

After you install Microsoft Windows XP Service Pack 2 (SP2), you cannot start the Windows Firewall service. Specifically, you experience one or more of the following symptoms:
  • Windows Firewall/Internet Connection Sharing (ICS) is not displayed in the Services list in Control Panel.
  • Windows Firewall/Internet Connection Sharing (ICS) is displayed in the Services list, but you cannot start this service.
  • You receive the following error message when you try to access Windows Firewall settings:
    Due to an unidentified problem, Windows cannot display Windows Firewall settings.

CAUSE

This problem is caused by a missing or corrupted SharedAccess.reg file. The SharedAccess.reg file represents the Windows Firewall service.

Note The Windows Firewall service in Windows XP SP2 replaces the Internet Connection Firewall (ICF) service in earlier versions of Windows XP.

RESOLUTION

To resolve this problem, use one of the following methods.

Method 1: Call the "Setup API InstallHinfSection" function to install Windows Firewall

To install Windows Firewall, follow these steps:
  1. Click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type the following command line, and then press ENTER:

    Rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.inf

  3. Restart Windows,
  4. Click Start, click Run, type cmd, and then click OK.
  5. At the command prompt, type the following command, and then press ENTER:

    Netsh firewall reset

  6. Click Start, click Run, type firewall.cpl, and then press ENTER. In the Windows Firewall dialog box, click On (recommended), and then click OK.

Method 2: Add the Windows Firewall entry to the registry

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

To add the Windows Firewall entry to the registry, follow these steps:
  1. Copy the following text into Notepad, and then save the file as Sharedaccess.reg: 
    Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]
"DependOnGroup"=hex(7):00,00
"DependOnService"=hex(7):4e,00,65,00,74,00,6d,00,61,00,6e,00,00,00,57,00,69,00,\
  6e,00,4d,00,67,00,6d,00,74,00,00,00,00,00
"Description"="Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network."
"DisplayName"="Windows Firewall/Internet Connection Sharing (ICS)"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"ObjectName"="LocalSystem"
"Start"=dword:00000002
"Type"=dword:00000020

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]
"Epoch"=dword:00002cd0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  69,00,70,00,6e,00,61,00,74,00,68,00,6c,00,70,00,2e,00,64,00,6c,00,6c,00,00,\
  00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup]
"ServiceUpgrade"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate]
"All"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum]
"0"="Root\\LEGACY_SHAREDACCESS\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001
  2. Double-click Sharedaccess.reg to merge the contents of this file into the registry and to create the Windows Firewall entry.
  3. Restart Windows.
  4. Click Start, click Run, type cmd, and then click OK.
  5. At the command prompt, type the following command, and then press ENTER:

    Netsh firewall reset

  6. Click Start, click Run, type firewall.cpl, and then click OK.
  7. Configure the Windows Firewall settings that you want to use.
If these methods do not work, reinstall Windows XP SP2.

MORE INFORMATION

To verify that the Windows Firewall service is started, follow these steps:
  1. Click Start, click Run, type services.msc, and then click OK.
  2. In the list of services, locate Windows Firewall/Internet Connection Sharing (ICS). Notice that the status of the service is Started.
  3. For information about how to use the Services feature, click Help on the Action menu.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

REFERENCES

For more information about how to use Windows Firewall in Windows XP Service Pack 2, click the following article numbers to view the articles in the Microsoft Knowledge Base:

875357 Troubleshooting Windows Firewall settings in Windows XP Service Pack 2

892199 You cannot start the Windows Firewall service in Windows XP Service Pack 2

For more information about how to troubleshoot Windows Firewall in Windows XP SP2, visit the following Microsoft Web site:

http://www.microsoft.com/technet/prodtechnol/winxppro/support/wftshoot.mspx

Modification Type:MinorLast Reviewed:8/11/2006
Keywords:kbprb kbFirewall kbtshoot KB920074 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.