1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

2 questions (HJT log if it helps)

Discussion in 'Windows XP' started by jpittner, Feb 8, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. jpittner

    jpittner Thread Starter

    Joined:
    Feb 8, 2007
    Messages:
    21
    First thanks to those who provide the less computer savvy like me info...much appreciated.


    1. When I go to access my firewall I get an error saying "Windows firewall settings cannot be displayed because of the associated service is not running. do you want to start the windows firewall/internet connection sharing (ics) service?"
    I then hit yes and "windows cannot start the windowsfirewall/internet connection sharing (ics) service"

    I went to microsoft and found info on it but as I read all it seemed to say was "blah blah tech talk tech talk blah blah blah"
    I got no where...I really did try!

    Did something take over my firewall...should I be scared?

    2. when the microsoft update runs it will "install" then at the end say " this setup will only upgrade over an existing version microsoft VM"
    Again I went at it alone and found info but WAY over my head...no idea what it was saying.


    I'm a little lost. Well here is my Hijack..

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\All Users\Ad-Aware.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\JIM\Desktop\hijackthis\HijackThis.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)



    Thanks again!
     
  2. jpittner

    jpittner Thread Starter

    Joined:
    Feb 8, 2007
    Messages:
    21
    Anyone?

    If not how to fix it should I be worried about it?
     
  3. stantley

    stantley

    Joined:
    May 22, 2005
    Messages:
    7,091
    Usually when Windows can't start a service it means that there is another service that has to be started first. Go into Administrative Tools > Services and make sure the following services are running. If not, set them to automatic and start them.

    Network Connections
    Remote Procedure Call (RPC)
    Windows Management Instrumentation
    Event Log

    When they are all running try starting the firewall again.
     
  4. ozrom1e

    ozrom1e

    Joined:
    May 15, 2006
    Messages:
    11,849
    Welcome to TSG....

    First thing is please post the entire HijackTHis log file there seems to be a lot of it missing.

    I would venture to say that your computer might be infected and the diagnosing of your log file would have to be done by a certified expert and those folks have a little gold shield to the right of their name.
     
  5. jpittner

    jpittner Thread Starter

    Joined:
    Feb 8, 2007
    Messages:
    21
    Thanks for the help.

    Ok running into a little snag.

    Tried to start

    Network Connections
    Remote Procedure Call (RPC)
    Windows Management Instrumentation
    Event Log

    All are on or turned on except Windows management instrumentation. whe i try it says "could not start the windows management intrumentation service on local comuter. error 126: the specified module could not be found."



    Next HJT. I read on here how to do it so i think that is the whole file. everyone else who posts a HJT seems to be much longer but I don't know what I'm doing wrong. THis is the one i just ran...

    Logfile of HijackThis v1.99.1
    Scan saved at 11:00:53 PM, on 2/9/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\JIM\Desktop\hijackthis\HijackThis.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
     
  6. kdd9

    kdd9

    Joined:
    Mar 24, 2005
    Messages:
    516
    Hello jpittner.

    Try this: locate hijackthis.exe again, right-click on it, choose "Rename", and rename the program to jackhigh.exe
    Then run another scan with it and post the logfile here just as you did the other two.
     
  7. jpittner

    jpittner Thread Starter

    Joined:
    Feb 8, 2007
    Messages:
    21
    changed to jackhigh.exe

    Logfile of HijackThis v1.99.1
    Scan saved at 7:19:08 PM, on 2/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\JIM\Desktop\hijackthis\jackhigh.exe.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
     
  8. kdd9

    kdd9

    Joined:
    Mar 24, 2005
    Messages:
    516
    OK, good. I am reviewing your HijackThis log now and will be back with a reply as soon as possible.

    Please note that I am currently an undergraduate at a malware removal school which means that all of my responses are checked by an expert (teacher) before they reach the persons that I am helping. So there may be a slight lag in response time, but this assures that you receive quality assistance and that I get properly trained. Your patience is appreciated.:)

    Here are a few tips to help make things go smoothly:

    • * Feel free to stop and ask about anything that you are unsure of before proceeding.
      * It is often worth reading through the instructions and printing them for ease of reference.
      * Please reply only to this thread rather than start a new one.
      * Leave System Restore enabled during the handling.
      * If possible, continue to follow the topic until the system is pronounced clean; absence of symptoms does not necessarily mean absence of all malware.
     
  9. kdd9

    kdd9

    Joined:
    Mar 24, 2005
    Messages:
    516
    Let's tackle one problem at a time. First the firewall/security center, then the Updates.

    I need to ask a question first.

    I see that you may have Windows Live Safety Center installed.
    Do you have an icon in your System Tray (the area at the bottom right-hand side of your screen by the clock) that looks like this:

    [​IMG]

    If so what color is it -- Green, Yellow, or Red?
     
  10. jpittner

    jpittner Thread Starter

    Joined:
    Feb 8, 2007
    Messages:
    21
    I didnt' think I had windows live. I went to microsoft and scan from there but didn't think i had the whole package.

    I have windows defender.

    *sorry I'm so sparatic w/ my responese times...married w/ kids.. =^)

    I have a yellow shield w/ a "!" in it but it is for microsoft update but that is the one when i do it it give me the "...existing VM" error.
     
  11. kdd9

    kdd9

    Joined:
    Mar 24, 2005
    Messages:
    516
    OK. A program list would be useful here.

    • * Open up HijackThis again. (jackhigh.exe)
      * Click on "Open the Misc Tools section".
      * Click on "Open Uninstall Manager".
      * Click on "Save list".
      * Save it to your Desktop.
      * Copy and paste the list here.
     
  12. jpittner

    jpittner Thread Starter

    Joined:
    Feb 8, 2007
    Messages:
    21
    Ad-Aware SE Personal
    Adobe Download Manager 2.2 (Remove Only)
    Adobe Flash Player 9 ActiveX
    Adobe Reader 8
    Adobe Shockwave Player
    Avanquest update
    BigFix
    Boggle Supreme
    BUM
    Canon PIXMA iP1500
    CCleaner (remove only)
    Chuck's Planted Aquarium Calculator v1.0i
    cl_screensaver
    CompuCram Illinois Real Estate
    Critical Seeker 4.1
    Deer Drive (remove only)
    Desktop Weather by The Weather Channel
    Digital Media Reader
    Dr Watson for Microsoft Windows OneCare Live v0.9.0929.18
    eGames GameButler
    Free Internet Eraser 2.10
    Galapago
    Google Earth
    Greedy Words
    Gutterball
    HijackThis 1.99.1
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB914811)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Image Resizer Powertoy for Windows XP
    Infinite Crosswords
    iTunes
    J2SE Runtime Environment 5.0 Update 10
    J2SE Runtime Environment 5.0 Update 9
    Little Bear Rainy Day Activities
    Lyra Jukebox Applications
    Magic Match
    MetaFrame Presentation Server Web Client for Win32
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB886903)
    Microsoft .NET Framework 2.0
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Money 2005
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Professional Edition 2003
    Microsoft Office XP Web Components
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Works
    Mirror Magic
    Motorola Phone Tools
    Mozilla Firefox (1.5.0.7)
    MSN
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 Parser and SDK
    Multimedia Keyboard Driver
    Musicmatch® Jukebox
    My Sam's Club Digital Photo Center
    Nero BurnRights
    Nero OEM
    NVIDIA Drivers
    Offroad Arena
    Pacific Heroes
    PCFriendly
    Penguin Puzzle
    PowerDVD
    Puzzle Master 3
    RealPlayer
    Realtek AC'97 Audio
    REALTEK Gigabit and Fast Ethernet NIC Driver
    Saints & Sinners Bowling
    Security Update for Microsoft .NET Framework 2.0 (KB917283)
    Security Update for Microsoft .NET Framework 2.0 (KB922770)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB926255)
    SiL
    Slingo Quest
    SoftV92 Data Fax Modem with SmartCP
    Steam(TM)
    The Poppit! Show
    The Weather Channel Toolbar
    Twistingo (remove only)
    Typer Shark Deluxe 1.01
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB914882)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    URGE
    Viewpoint Media Player
    Weather Services
    Windows Backup Utility
    Windows Defender
    Windows Defender Signatures
    Windows Genuine Advantage v1.3.0254.0
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Live OneCare safety scanner
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Wobbly Bobbly
    Word Mojo
    Word Shake
    Yahoo! Messenger
    Yahoo! Photos Easy Upload Tool
    Your Guide to Passing the AMP Real Estate Exam
     
  13. jpittner

    jpittner Thread Starter

    Joined:
    Feb 8, 2007
    Messages:
    21
  14. Carey934

    Carey934

    Joined:
    Feb 13, 2007
    Messages:
    150
    I can log into your PC and fix this for you remotely if you wish...

    PM me if you'd like to try this.
     
  15. kdd9

    kdd9

    Joined:
    Mar 24, 2005
    Messages:
    516
    First we need to back up the registry before making any changes to it. If everything is OK after a few days, and you do not wish to keep the registry backup file, you can delete it.
    Here's how to make the backup:


    • Click the Start button.
      Click Run.
      In the box, type regedit
      Press the Return button. The registry editor opens.
      In the Registry Editor click on File.
      Click Export. The "Export Registry File" window will open.
      Near the bottom, under "Export Range", select All".
      In the "File name" box, type RegBackup
      Near the top, in the "Save in" box choose a place to save it to such as "My Documents".
      Then click the Save button.
      You now have a backup of the registry saved in case you need it.


    After you have done that, copy and paste the contents of the Code box below into Notepad. It must be Notepad, not Wordpad.
    Make sure that there is NO space before "REGEDIT4".
    Make sure that there is a blank line at the bottom or the fix will not work.

    Code:
    REGEDIT4
    
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]
    "DependOnGroup"=hex(7):00,00
    "DependOnService"=hex(7):4e,00,65,00,74,00,6d,00,61,00,6e,00,00,00,57,00,69,00,\
      6e,00,4d,00,67,00,6d,00,74,00,00,00,00,00
    "Description"="Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network."
    "DisplayName"="Windows Firewall/Internet Connection Sharing (ICS)"
    "ErrorControl"=dword:00000001
    "ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
      74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
      00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
      6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
    "ObjectName"="LocalSystem"
    "Start"=dword:00000002
    "Type"=dword:00000020
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]
    "Epoch"=dword:00002cd0
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters]
    "ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
      00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
      69,00,70,00,6e,00,61,00,74,00,68,00,6c,00,70,00,2e,00,64,00,6c,00,6c,00,00,\
      00
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup]
    "ServiceUpgrade"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate]
    "All"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum]
    "0"="Root\\LEGACY_SHAREDACCESS\\0000"
    "Count"=dword:00000001
    "NextInstance"=dword:00000001
    
    
    Click "File" > "Save As" and save the file as fix.reg
    Choose to save as type *all files and save it to the desktop.
    Now, doubleclick on the new fix.reg icon on the desktop and when it asks you if you want to merge the contents to the registry, click yes/ok.


    Now RESTART the computer.


    When the pc has restarted click the Start button, then click Run.
    In the box that appears, type cmd then click "OK". A command prompt window will open.
    Type in or Copy/Paste the following line:

    NETSH FIREWALL RESET

    Now see if you can access the Windows Firewall.

    If this seems to solve the problem please don't run off just yet. The pc is quite vulneralbe at the moment and there is still more to do. We're just taking one step at a time. :)
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/542493

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice