2 questions (HJT log if it helps)

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

jpittner

Thread Starter
Joined
Feb 8, 2007
Messages
21
First thanks to those who provide the less computer savvy like me info...much appreciated.


1. When I go to access my firewall I get an error saying "Windows firewall settings cannot be displayed because of the associated service is not running. do you want to start the windows firewall/internet connection sharing (ics) service?"
I then hit yes and "windows cannot start the windowsfirewall/internet connection sharing (ics) service"

I went to microsoft and found info on it but as I read all it seemed to say was "blah blah tech talk tech talk blah blah blah"
I got no where...I really did try!

Did something take over my firewall...should I be scared?

2. when the microsoft update runs it will "install" then at the end say " this setup will only upgrade over an existing version microsoft VM"
Again I went at it alone and found info but WAY over my head...no idea what it was saying.


I'm a little lost. Well here is my Hijack..

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Ad-Aware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\JIM\Desktop\hijackthis\HijackThis.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)



Thanks again!
 
Joined
May 22, 2005
Messages
7,091
jpittner said:
I then hit yes and "windows cannot start the windowsfirewall/internet connection sharing (ics) service"
Usually when Windows can't start a service it means that there is another service that has to be started first. Go into Administrative Tools > Services and make sure the following services are running. If not, set them to automatic and start them.

Network Connections
Remote Procedure Call (RPC)
Windows Management Instrumentation
Event Log

When they are all running try starting the firewall again.
 
Joined
May 15, 2006
Messages
11,849
Welcome to TSG....

First thing is please post the entire HijackTHis log file there seems to be a lot of it missing.

I would venture to say that your computer might be infected and the diagnosing of your log file would have to be done by a certified expert and those folks have a little gold shield to the right of their name.
 

jpittner

Thread Starter
Joined
Feb 8, 2007
Messages
21
Thanks for the help.

Ok running into a little snag.

Tried to start

Network Connections
Remote Procedure Call (RPC)
Windows Management Instrumentation
Event Log

All are on or turned on except Windows management instrumentation. whe i try it says "could not start the windows management intrumentation service on local comuter. error 126: the specified module could not be found."



Next HJT. I read on here how to do it so i think that is the whole file. everyone else who posts a HJT seems to be much longer but I don't know what I'm doing wrong. THis is the one i just ran...

Logfile of HijackThis v1.99.1
Scan saved at 11:00:53 PM, on 2/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\JIM\Desktop\hijackthis\HijackThis.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
 
Joined
Mar 24, 2005
Messages
516
Hello jpittner.

Try this: locate hijackthis.exe again, right-click on it, choose "Rename", and rename the program to jackhigh.exe
Then run another scan with it and post the logfile here just as you did the other two.
 

jpittner

Thread Starter
Joined
Feb 8, 2007
Messages
21
changed to jackhigh.exe

Logfile of HijackThis v1.99.1
Scan saved at 7:19:08 PM, on 2/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\JIM\Desktop\hijackthis\jackhigh.exe.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
 
Joined
Mar 24, 2005
Messages
516
OK, good. I am reviewing your HijackThis log now and will be back with a reply as soon as possible.

Please note that I am currently an undergraduate at a malware removal school which means that all of my responses are checked by an expert (teacher) before they reach the persons that I am helping. So there may be a slight lag in response time, but this assures that you receive quality assistance and that I get properly trained. Your patience is appreciated.:)

Here are a few tips to help make things go smoothly:

  • * Feel free to stop and ask about anything that you are unsure of before proceeding.
    * It is often worth reading through the instructions and printing them for ease of reference.
    * Please reply only to this thread rather than start a new one.
    * Leave System Restore enabled during the handling.
    * If possible, continue to follow the topic until the system is pronounced clean; absence of symptoms does not necessarily mean absence of all malware.
 
Joined
Mar 24, 2005
Messages
516
Let's tackle one problem at a time. First the firewall/security center, then the Updates.

I need to ask a question first.

I see that you may have Windows Live Safety Center installed.
Do you have an icon in your System Tray (the area at the bottom right-hand side of your screen by the clock) that looks like this:



If so what color is it -- Green, Yellow, or Red?
 

jpittner

Thread Starter
Joined
Feb 8, 2007
Messages
21
I didnt' think I had windows live. I went to microsoft and scan from there but didn't think i had the whole package.

I have windows defender.

*sorry I'm so sparatic w/ my responese times...married w/ kids.. =^)

I have a yellow shield w/ a "!" in it but it is for microsoft update but that is the one when i do it it give me the "...existing VM" error.
 
Joined
Mar 24, 2005
Messages
516
OK. A program list would be useful here.

  • * Open up HijackThis again. (jackhigh.exe)
    * Click on "Open the Misc Tools section".
    * Click on "Open Uninstall Manager".
    * Click on "Save list".
    * Save it to your Desktop.
    * Copy and paste the list here.
 

jpittner

Thread Starter
Joined
Feb 8, 2007
Messages
21
Ad-Aware SE Personal
Adobe Download Manager 2.2 (Remove Only)
Adobe Flash Player 9 ActiveX
Adobe Reader 8
Adobe Shockwave Player
Avanquest update
BigFix
Boggle Supreme
BUM
Canon PIXMA iP1500
CCleaner (remove only)
Chuck's Planted Aquarium Calculator v1.0i
cl_screensaver
CompuCram Illinois Real Estate
Critical Seeker 4.1
Deer Drive (remove only)
Desktop Weather by The Weather Channel
Digital Media Reader
Dr Watson for Microsoft Windows OneCare Live v0.9.0929.18
eGames GameButler
Free Internet Eraser 2.10
Galapago
Google Earth
Greedy Words
Gutterball
HijackThis 1.99.1
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB914811)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Image Resizer Powertoy for Windows XP
Infinite Crosswords
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 9
Little Bear Rainy Day Activities
Lyra Jukebox Applications
Magic Match
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Office XP Web Components
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
Mirror Magic
Motorola Phone Tools
Mozilla Firefox (1.5.0.7)
MSN
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 Parser and SDK
Multimedia Keyboard Driver
Musicmatch® Jukebox
My Sam's Club Digital Photo Center
Nero BurnRights
Nero OEM
NVIDIA Drivers
Offroad Arena
Pacific Heroes
PCFriendly
Penguin Puzzle
PowerDVD
Puzzle Master 3
RealPlayer
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver
Saints & Sinners Bowling
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
SiL
Slingo Quest
SoftV92 Data Fax Modem with SmartCP
Steam(TM)
The Poppit! Show
The Weather Channel Toolbar
Twistingo (remove only)
Typer Shark Deluxe 1.01
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB914882)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
URGE
Viewpoint Media Player
Weather Services
Windows Backup Utility
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Wobbly Bobbly
Word Mojo
Word Shake
Yahoo! Messenger
Yahoo! Photos Easy Upload Tool
Your Guide to Passing the AMP Real Estate Exam
 
Joined
Feb 13, 2007
Messages
150
I can log into your PC and fix this for you remotely if you wish...

PM me if you'd like to try this.
 
Joined
Mar 24, 2005
Messages
516
First we need to back up the registry before making any changes to it. If everything is OK after a few days, and you do not wish to keep the registry backup file, you can delete it.
Here's how to make the backup:


  • Click the Start button.
    Click Run.
    In the box, type regedit
    Press the Return button. The registry editor opens.
    In the Registry Editor click on File.
    Click Export. The "Export Registry File" window will open.
    Near the bottom, under "Export Range", select All".
    In the "File name" box, type RegBackup
    Near the top, in the "Save in" box choose a place to save it to such as "My Documents".
    Then click the Save button.
    You now have a backup of the registry saved in case you need it.


After you have done that, copy and paste the contents of the Code box below into Notepad. It must be Notepad, not Wordpad.
Make sure that there is NO space before "REGEDIT4".
Make sure that there is a blank line at the bottom or the fix will not work.

Code:
REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]
"DependOnGroup"=hex(7):00,00
"DependOnService"=hex(7):4e,00,65,00,74,00,6d,00,61,00,6e,00,00,00,57,00,69,00,\
  6e,00,4d,00,67,00,6d,00,74,00,00,00,00,00
"Description"="Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network."
"DisplayName"="Windows Firewall/Internet Connection Sharing (ICS)"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"ObjectName"="LocalSystem"
"Start"=dword:00000002
"Type"=dword:00000020

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]
"Epoch"=dword:00002cd0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  69,00,70,00,6e,00,61,00,74,00,68,00,6c,00,70,00,2e,00,64,00,6c,00,6c,00,00,\
  00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup]
"ServiceUpgrade"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate]
"All"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum]
"0"="Root\\LEGACY_SHAREDACCESS\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001
Click "File" > "Save As" and save the file as fix.reg
Choose to save as type *all files and save it to the desktop.
Now, doubleclick on the new fix.reg icon on the desktop and when it asks you if you want to merge the contents to the registry, click yes/ok.


Now RESTART the computer.


When the pc has restarted click the Start button, then click Run.
In the box that appears, type cmd then click "OK". A command prompt window will open.
Type in or Copy/Paste the following line:

NETSH FIREWALL RESET

Now see if you can access the Windows Firewall.

If this seems to solve the problem please don't run off just yet. The pc is quite vulneralbe at the moment and there is still more to do. We're just taking one step at a time. :)
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top