Windows XP SP2 firewall still not working right

Archived from groups: comp.security.firewalls,microsoft.public.windowsupdate,microsoft.public.windowsxp.help_and_support,microsoft.public.windows.networking.firewall (More info?)

This is an update and maybe clarification of earlier messages.

My Windows XP Home SP2 firewall is not working as expected.
It ignores its checkboxes for network connections and exceptions.
Is there a way to repair it without uninstalling SP2?
For example, can just the Windows firewall be reinstalled?

Here is some history of what has happened and how it behaves.

I use a DSL gateway which includes a hardware firewall. There are no
other computers connected to the gateway.

I cloned my boot disk drive to a new disk drive, disconnected the
original drive, made the clone my boot disk drive, and defragged it.

I used the computer that way for a while with no significant problems
under Windows XP SP1. Firewall settings were: Firewire and Ethernet
(DSL) network connections were unselected but my rarely-used dialup
connection was selected. Default exceptions were used.

Then I installed SP2 via Windows Update. That went smoothly except my
modem was not recognized on the first reboot. It was automatically
reinstalled. Since then, the firewall has not worked as expected or
described anywhere. That is still true after I disabled my unused
firewire connection in BIOS, and made several changes required to get
SP2 to work right: reinstalled Windows Media Player, uninstalled two
versions of Java and installed the latest JRE, removed and reinstalled
the HP Laserjet 2300d PCL5e driver.

If the Windows firewall is ON: It ignores its checkboxes for network
connections (Control Panel - Windows Firewall - Network Connections
Settings). It also ignores its checkboxes for exceptions (Control
Panel - Windows Firewall - Advanced - Exceptions). It operates as if
all such checkboxes are marked regardless of whether they are actually
marked. Unmarking a checkbox has no effect.

If these two programs are not in its exceptions list, the Windows
firewall blocks them after I log into my user account of Windows:
Java(TM 2 Platform Standard Edition binary (javaw.exe)
HP SocketPing Server (hpbspsvr.exe)
The latter is only blocked if the Laserjet is in Standby. It has
always had a minor problem of trying to notify me about printer status
even it I selected nothing to be monitored and never to be notified.

If the two programs are in the exceptions list, they are not blocked
regardless of whether their checkboxes are marked.

Running "netsh firewall show state" and "netsh firewall show config"
show nothing that seems unexpected. Here are details with default
configuration except both network connections are deselected. The two
programs are blocked with this configuration.

Firewall status:
-------------------------------------------------------------------
Profile = Standard
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Group policy version = None
Remote admin mode = Disable

Ports currently open on all network interfaces:
Port Protocol Version Program
-------------------------------------------------------------------
No ports are currently open on all network interfaces.

Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable

Allowed programs configuration for Domain profile:
Mode Name / Program
-------------------------------------------------------------------
Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe

Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable

Allowed programs configuration for Standard profile:
Mode Name / Program
-------------------------------------------------------------------
Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe

Log configuration:
-------------------------------------------------------------------
File location = C:\WINDOWS\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable

Local Area Connection firewall configuration:
-------------------------------------------------------------------
Operational mode = Disable

Dialup firewall configuration:
-------------------------------------------------------------------
Operational mode = Disable