G
Guest
Guest
Archived from groups: comp.security.firewalls (More info?)
Hello Group:
System One
Win2K SP4, IE6SP1
Scan Eng 4.3.20
DAT 4.0.4359
AV 6.02.3000.1
FW 3.03.1000.0
All windows update applied to OS and browser
Dial Up
System Two
NT4-Sp6 IE5.5-SP2
Scan Eng 4.3.20
DAT 4.0.4359
AV 6.02.3000.1
FW 3.03.1000.0
All windows update applied to OS and browser
Dial Up
Both systems shared the same settings
Allow ARP and DHCP
Other protocols: Allow other than IP, ARP, RARP- Block incoming fragments.
IPX-in-IP Allow other than IP, ARP, RARP- Allow incoming fragments.
Allow Identification
Manual update
AV scans from command window and/or safe mode do not show virus present.
I have noticed that whenever Firewall starts, three services rush out for
internet access. The services are services.exe, svchost.exe and Isass.exe.
If you deny access to services.exe the firewall will report the following
error and the browser will report a DNS error (will not load the page).
Denying access to the other two services will not cause the error if access
to services.exe was previously given:
"McAfee Firewall caused an exception c0000005 at offset 4017c3 in CPD.EXE
(FwMon_SocketClosed). If this condition is repeatable and prevents McAfee
Firewall from operating properly, please report the details of the exception
to McAfee Technical Support."
I know, thanks to Kelly, what this error means already.
The fix given to uninstall and reinstall may fix the symptoms for some users
but not all. If it does work for some users, why?
I have followed the instructions on other posts at www.mcafeehelp.com and I
have used the regular and the forced (manual) uninstall and also have
removed ALL occurrences of Mcafee from the registry, have removed all temp,
cookies etc. Looked for VPN, etc.
I have loaded the virus scanner let it finish loading and then start the
firewall.
I have uninstalled the FW only and reinstalled it following the instructions
given.
Please this error is getting annoying. Have you any good suggestion other
than reinstall or upgrade?
I did not have this error in 2002-2003
Even if manual update (VSMain.exe) is not allowed access to the internet it
will show the exception. This did not happened when I purchased this
software.
The FW seems at the same time to be able to hold TCP and UDP packets, I can
see it on the violations window, but I have no way of knowing if a packet
passed. www.GRC.com and www.scan.sygate.com show all ports blocked.
I used to do most of my work on NT4 SP6.
NT4.0 SP6 is on another disk and that is where I became aware of this error.
It motivated me to install the antivirus and Win2K and move all my working
files to another hard drive, but I found the error there as well, once I
finished.
I think is related to a software update but whose: Windows or McAfee?
Could it be that McAfee introduced this to "induce" people to upgrade?
Please help, thank you
Hello Group:
System One
Win2K SP4, IE6SP1
Scan Eng 4.3.20
DAT 4.0.4359
AV 6.02.3000.1
FW 3.03.1000.0
All windows update applied to OS and browser
Dial Up
System Two
NT4-Sp6 IE5.5-SP2
Scan Eng 4.3.20
DAT 4.0.4359
AV 6.02.3000.1
FW 3.03.1000.0
All windows update applied to OS and browser
Dial Up
Both systems shared the same settings
Allow ARP and DHCP
Other protocols: Allow other than IP, ARP, RARP- Block incoming fragments.
IPX-in-IP Allow other than IP, ARP, RARP- Allow incoming fragments.
Allow Identification
Manual update
AV scans from command window and/or safe mode do not show virus present.
I have noticed that whenever Firewall starts, three services rush out for
internet access. The services are services.exe, svchost.exe and Isass.exe.
If you deny access to services.exe the firewall will report the following
error and the browser will report a DNS error (will not load the page).
Denying access to the other two services will not cause the error if access
to services.exe was previously given:
"McAfee Firewall caused an exception c0000005 at offset 4017c3 in CPD.EXE
(FwMon_SocketClosed). If this condition is repeatable and prevents McAfee
Firewall from operating properly, please report the details of the exception
to McAfee Technical Support."
I know, thanks to Kelly, what this error means already.
The fix given to uninstall and reinstall may fix the symptoms for some users
but not all. If it does work for some users, why?
I have followed the instructions on other posts at www.mcafeehelp.com and I
have used the regular and the forced (manual) uninstall and also have
removed ALL occurrences of Mcafee from the registry, have removed all temp,
cookies etc. Looked for VPN, etc.
I have loaded the virus scanner let it finish loading and then start the
firewall.
I have uninstalled the FW only and reinstalled it following the instructions
given.
Please this error is getting annoying. Have you any good suggestion other
than reinstall or upgrade?
I did not have this error in 2002-2003
Even if manual update (VSMain.exe) is not allowed access to the internet it
will show the exception. This did not happened when I purchased this
software.
The FW seems at the same time to be able to hold TCP and UDP packets, I can
see it on the violations window, but I have no way of knowing if a packet
passed. www.GRC.com and www.scan.sygate.com show all ports blocked.
I used to do most of my work on NT4 SP6.
NT4.0 SP6 is on another disk and that is where I became aware of this error.
It motivated me to install the antivirus and Win2K and move all my working
files to another hard drive, but I found the error there as well, once I
finished.
I think is related to a software update but whose: Windows or McAfee?
Could it be that McAfee introduced this to "induce" people to upgrade?
Please help, thank you