Any way to re-load original, default Windows 7 Firewall Rules...?

Page 1 of 3 123 LastLast

  1. Darkstrike
    Posts : 142
    Windows 7 Ultimate 64-bit
       New #1

    Any way to re-load original, default Windows 7 Firewall Rules...?


    Hi guys,

    I'm in a bit of a pickle. My brother, being the brilliant *cough* sarcasm *cough* chap he is, never does any software maintenance on his computer, isn't very careful about what he downloads, and never tells me about anything odd. He simply ignores it all and assumes all will be fine, despite my constant warnings to the contrary. Being the family tech. guy, this means I have to deal with the "all hell" when it eventually "breaks loose".

    While using his desktop this morning to help him with something, I noticed a warning in the taskbar from the Action Center that his firewall was down plus some other odd errors and learned that Windows Update and a few system services were not only not running, but NOT EVEN SHOWING UP IN services.msc!

    It took me all day to find the right registry keys to get everything working again, plus run a few billion AntiVirus and Anti-Malware scans for good measure...and, knock on wood, all seems fine now. HOWEVER...

    Now that his firewall is back, it seems ALL the Firewall rules that were there in the list for his programs, and, indeed, all the default Firewall rules for Windows and it's updates, itself, are completely gone. My question is: Is there a way to re-load all the default Windows firewall rules back instead of having to enter them all manually? I already tried the "Restore Defaults" option, but that doesn't seem to have done anything as none of the Firewall rules have changed at all. Would loading an older System Restore point do the trick...? Do System Restore Points even store Firewall Rules...?

    I'd love to try the System Restore point method, as it's easy, but I don't know when this whole problem originally started and I don't want to accidentally load a Restore Point and have it re-screw up all the registry entries I just repaired...

    Any help would be GREATLY appreciated! Thanks so much!

    EDIT: Sorry, forgot to mention, he's running Windows 7 Home Premium with SP1.
    Last edited by Darkstrike; 22 Jul 2013 at 16:45. Reason: Adding info.
      My Computer
    Quote Quote

  3. derekimo
    Posts : 17,322
    Win 10 Pro x64
       New #2

    How about this,

    Windows Firewall - Restore Default Settings
      My Computer
    Quote Quote

  4. Darkstrike
    Posts : 142
    Windows 7 Ultimate 64-bit
    Thread Starter
       New #3

    Thanks for the suggestion Derekimo, but, as I said in my original post, I tried doing that with no result

    Darkstrike said:
    Hi guys,

    ...I already tried the "Restore Defaults" option, but that doesn't seem to have done anything as none of the Firewall rules have changed at all....
    I've got another issue as well now...File Sharing isn't working. I noticed it's turned off in the "Advanced Sharing Settings", but if I try to turn it back on and hit save, when I go back in, it's set to off again.

    I ran the FarBar Services Scanner earlier and noticed the only anomalies it reported were:

    "Other Services:
    ==============
    Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
    Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
    Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
    Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
    Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
    Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist."

    Is there any way to repair this "iphlpsvc" service or "SharedAccess"...?
      My Computer
    Quote Quote

  6. Darkstrike
    Posts : 142
    Windows 7 Ultimate 64-bit
    Thread Starter
       New #4

    UPDATE: First off, sorry for the double-post but I managed to fix the issues I listed above with iphlpsvc and SharedAccess.

    I still have the issue with the Firewall though...any other ideas on how to restore the Windows Firewall default rules...?
      My Computer
    Quote Quote

  7. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #5

    Can you run a new FSS report please and upload the results
      My Computer
    Quote Quote

  8. Darkstrike
    Posts : 142
    Windows 7 Ultimate 64-bit
    Thread Starter
       New #6

    Hi VistaKing,

    I can if you'd like, but I ran an FSS scan on my working machine and then another one on his machine - now that I've seemed to get everything working, the FSS reports match (EDIT: the reports matched with the settings I had been using in FSS, but they DIDN'T match when I ran one on his machine with all of FSS's options checked, see below...), so I THINK everything's back to normal with it after hours of effort!

    EDIT - Everything is ALMOST back to rights, FSS is still saying there's a problem with Windows Defender....it's in services.msc, but the description says "Failed To Read Description: Error Code 5" and it's Disabled. If I try to run it, it says "Flag could not be set: Error 87: The parameter is incorrect."

    Log output of FSS with all options checked is as follows:

    Farbar Service Scanner Version: 13-07-2013
    Ran by Kristan Dagley (administrator) on 22-07-2013 at 21:35:49
    Running from "C:\Users\Kristan Dagley\Downloads"
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Action Center:
    ============


    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    The start type of WinDefend service is set to Disabled. The default start type is Auto.
    The ImagePath of WinDefend service is OK.
    The ServiceDll of WinDefend service is OK.


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => MD5 is legit
    C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
    C:\Windows\System32\dhcpcore.dll => MD5 is legit
    C:\Windows\System32\drivers\afd.sys => MD5 is legit
    C:\Windows\System32\drivers\tdx.sys => MD5 is legit
    C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
    C:\Windows\System32\dnsrslvr.dll => MD5 is legit
    C:\Windows\System32\mpssvc.dll => MD5 is legit
    C:\Windows\System32\bfe.dll => MD5 is legit
    C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
    C:\Windows\System32\SDRSVC.dll => MD5 is legit
    C:\Windows\System32\vssvc.exe => MD5 is legit
    C:\Windows\System32\wscsvc.dll => MD5 is legit
    C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
    C:\Windows\System32\wuaueng.dll => MD5 is legit
    C:\Windows\System32\qmgr.dll => MD5 is legit
    C:\Windows\System32\es.dll => MD5 is legit
    C:\Windows\System32\cryptsvc.dll => MD5 is legit

    ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll Reparse point on file detected.

    C:\Windows\System32\ipnathlp.dll => MD5 is legit
    C:\Windows\System32\iphlpsvc.dll => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit


    **** End of log ****

    I managed to get the "Restore Defaults" option working for the Windows Firewall, so all of those OS default rules seem to be back. My brother will just have to re-allow all his installed programs access through the firewall again...a bit of a pain, but I don't really have the time to do a full install and then reinstall and re-tweak all his programs for him, so that's far better than that alternative! :)
      My Computer
    Quote Quote

  10. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #7

    Run the followering on the PC


    Farbar Recovery Scan Tool

    32-bit Version OS Farbar Recovery Scan Tool <==== Download Link

    Drag the FRST.exe from the Downloads folder to your Desktop

    Right click on FRST.exe and choose

    When the tool opens click Yes on the disclaimer window .
    Press Scan button.


    Please upload both logs in your reply.(FRST.txt and Addition.txt)

    FRST.txt and Addition.txt will be on the Desktop

    If its a x64-bit download below

    Farbar Recovery Scan Tool


    64-Bit Version OS Farbar Recovery Scan Tool x64 <===== Download Link

    Drag the FRST64.exe from the Downloads folder to your Desktop

    Right click on FRST64.exe and choose

    When the tool opens click Yes on the disclaimer window .

    Press Scan button.

    FRST will let you know when the scan is complete and has written the FRST.txt to file

    Upload a File
    Click on the Go Advanced button under the Message box . Scroll down to Additional Options then click on Manage Attachments in the Attach Files sections . Click the Browse button locate the file then click on the Open button . In the Upload File from your Computer section click on the Upload button . Wait until it finishes uploading then close the window . Then click Submit Reply .
      My Computer
    Quote Quote

  11. Darkstrike
    Posts : 142
    Windows 7 Ultimate 64-bit
    Thread Starter
       New #8

    Here's the output file from FRST on his machine.
    Any way to re-load original, default Windows 7 Firewall Rules...? Attached Files
      My Computer
    Quote Quote

  12. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #9

    On his PC do the following

    Open Notepad . Inside Notepad paste the highlighted text inside notepad


    start
    HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
    MountPoints2: {69ca12cd-35ed-11e2-aca5-001d60e2701d} - Z:\setup.exe
    end

    Click on File ====> Save As

    File Name : Fixlist.txt

    Save as type : All Files

    Location : USB flash drive

    Click on the [Save] button .

    Open the FRST tool again inside System Recovey and click on the [Fix] button . Once complete it will create a new log called Fixlog.txt . Upload the new log created in your reply . It should be inside the usb drive .

    AdwCleaner

    Click here AdwCleaner

    Click on Download Now button

    Save to the Desktop

    Right-click on AdwCleaner.exe and choose

    Click on Delete and confirm the prompt.



    Your computer will be rebooted automatically. A text file will open after the restart.

    Upload the log : The log file is at C:\AdwCleaner[Sn].txt
      My Computer
    Quote Quote

  13. Darkstrike
    Posts : 142
    Windows 7 Ultimate 64-bit
    Thread Starter
       New #10

    VistaKing said:
    On his PC do the following

    Open Notepad . Inside Notepad paste the highlighted text inside notepad


    start
    HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
    MountPoints2: {69ca12cd-35ed-11e2-aca5-001d60e2701d} - Z:\setup.exe
    end

    Click on File ====> Save As

    File Name : Fixlist.txt

    Save as type : All Files

    Location : USB flash drive

    Click on the [Save] button .

    Open the FRST tool again inside System Recovey and click on the [Fix] button . Once complete it will create a new log called Fixlog.txt . Upload the new log created in your reply . It should be inside the usb drive .

    When you say "System Recovery"do you mean Safe Mode...?
      My Computer
    Quote Quote

 
Page 1 of 3 123 LastLast

  Related Discussions
I'm setting up my computer so that it back up automatically. For most files I have no problem, but now I want to include my entire firewall configuration in it. Manually, I can just open the firewall advanced configuration and click the link to export the config, which works greatly, but now,...
The firewall's advanced rules all of a sudden don't work anymore. If I tell the firewall to block all incoming connections it does, and Windows says the firewall is working. But all rules, old and new, regarding a particular application, don't work anymore. If I tell the firewall to ...
windows firewall rules
in System Security

Hello. Im attending college and all students have admin rights on windows 7 pc's. Some people are abusing this by accessing others machines and wreaking havoc:mad:. It started out as a bit of fun but the joke is getting old. What rules in Windows firewall can be used to block unwanted access given...
can any one tell me how to write a new rules in windows firewalls ... and how do i change my port no 80 to some other no ?? thanks in advance friends
So my problem is that I deleted several entries in the windows firewall. Now when I open the 'Services' applet, nothing shows and I get the following error message: One or More ActiveX controls could not be displayed because either: 1. Your current security settings prohibit running ActiveX...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 15:58.
Find Us