Windows 7: Unable to start Windows Firewall

Zymus · 15 Dec 2011

Quote: Originally Posted by Corrine

Hi, Zymus.

See if the instructions at Error message 0x80070424 when you use Windows Update or Microsoft Update Web sites to install updates work. Let us know how you make out.

It did bring up some updates that weren't previously shown, but I am still getting the error.

Jacee · 15 Dec 2011

Download DDS from one of these links:
Mirror 1 Mirror 2 Mirror 3

Disable any script blocking protection
Double click the dds icon to run the tool.
When done, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt <--- will be minimized in the task tray
Save both reports to your desktop.

Include the contents of both logs in your next post.

Balon · 15 Dec 2011

Hi there, my name is Balon and I am pretty sure I have the way to fix your problem.

IT IS SUGGESTED YOU BACKUP YOUR REGISTRY BEFORE PROCEEDING

Backing Up Your Registry

Go Here and download ERUNT
(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
Choose a location for the backup
(the default location is C:\WINDOWS\ERDNT which is acceptable).
Make sure that at least the first two check boxes are ticked
Press OK
Press YES to create the folder.

Registry Modifications

Download both the registry files

bfe.reg

firewall.reg

Launch and import them to registry

Restart your PC

Now,open RUN and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Now,open RUN and type

services.msc and click ok

start base filtering engine service and then windows firewall service

For further assistance contact me here, I will be checking this thread every few hours, this worked for me and it should work for you too.

MCSmarties · 15 Dec 2011

@Balon: Thank you, it worked!!

I was a bit nervous following your tip, but in the end I figured I had nothing to lose as I was about ready to reinstall anyway!

I'm still not quite sure what the .reg informations you provide exactly do, but my firewall is up and running again. I've tried many suggestions before that, yours is the only one that worked for me.

I registered on this forum solely so I could post this message!

REG file contents:

bfe.reg

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE]
"DisplayName"="@%SystemRoot%\\system32\\bfe.dll,-1001"
"Group"="NetworkProvider"
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00
"Description"="@%SystemRoot%\\system32\\bfe.dll,-1002"
"ObjectName"="NT AUTHORITY\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"ServiceSidType"=dword:00000003
"RequiredPrivileges"=hex(7):53,00,65,00,41,00,75,00,64,00,69,00,74,00,50,00,72,\
00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
62,00,66,00,65,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceMain"="BfeServiceMain"

firewall.reg

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc]
"DisplayName"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23090"
"Group"="NetworkProvider"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00
"Description"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23091"
"ObjectName"="NT Authority\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):6d,00,70,00,73,00,64,00,72,00,76,00,00,00,62,00,66,00,\
65,00,00,00,00,00
"ServiceSidType"=dword:00000003
"RequiredPrivileges"=hex(7):53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,\
00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,\
72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,75,\
00,64,00,69,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,\
00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,00,6f,00,62,00,61,\
00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,\
00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,\
6e,00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,\
00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
6d,00,70,00,73,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters\PortKeywords]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap]
"Collection"=hex:87,00,01,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters\PortKeywords\Teredo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Security]
"Security"=hex:01,00,14,80,b4,00,00,00,c0,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,84,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,15,00,\
00,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,\
0e,a7,8b,eb,ca,7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,\
00,00,00,05,12,00,00,00

Zymus · 16 Dec 2011

DDS

Code:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421
Run by Zymus at 21:38:45 on 2011-12-15
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8190.6776 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\lxdecoms.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Lexmark 4800 Series\lxdemon.exe
C:\Program Files (x86)\Lexmark 4800 Series\lxdeamon.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Zymus\AppData\Local\Apps\2.0\YXDXMO2Q.ENR\49XGNZ6Q.K49\curs..tion_eee711038731a406_0004.0000_2ad57790d5451048\CurseClient.exe
C:\Program Files (x86)\No-IP\DUC30.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
StartupFolder: C:\Users\Zymus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\Zymus\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NO-IPD~1.LNK - C:\Program Files (x86)\No-IP\DUC30.exe
StartupFolder: C:\Users\Zymus\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TCP: DhcpNameServer = 68.87.69.150 68.87.85.102
TCP: Interfaces\{9735EF2A-D813-464D-A92C-6410984170C8} : DhcpNameServer = 68.87.69.150 68.87.85.102
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64:     SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Zymus\AppData\Roaming\Mozilla\Firefox\Profiles\ith252ts.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 lxde_device;lxde_device;C:\Windows\system32\lxdecoms.exe -service --> C:\Windows\system32\lxdecoms.exe -service [?]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr6164.sys --> C:\Windows\system32\DRIVERS\netr6164.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 lxdeCATSCustConnectService;lxdeCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxdeserv.exe [2007-5-29 33712]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-12-6 2253120]
S2 Secunia Update Agent;Secunia Update Agent;"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service --> C:\Program Files (x86)\Secunia\PSI\sua.exe [?]
S3 CorsairCAHS1;CA-HS1 Interface;C:\Windows\system32\drivers\CAHS164.sys --> C:\Windows\system32\drivers\CAHS164.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-12-15 09:35:08    69000    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD1C6DCF-DEAF-4035-99DB-4B86081EC7E2}\offreg.dll
2011-12-15 09:35:07    8822856    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD1C6DCF-DEAF-4035-99DB-4B86081EC7E2}\mpengine.dll
2011-12-15 00:34:17    43520    ----a-w-    C:\Windows\System32\csrsrv.dll
2011-12-15 00:34:16    3145216    ----a-w-    C:\Windows\System32\win32k.sys
2011-12-15 00:34:15    723456    ----a-w-    C:\Windows\System32\EncDec.dll
2011-12-15 00:34:15    534528    ----a-w-    C:\Windows\SysWow64\EncDec.dll
2011-12-15 00:34:12    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2011-12-15 00:34:12    2048    ----a-w-    C:\Windows\System32\tzres.dll
2011-12-14 16:22:14    --------    d-----w-    C:\Users\Zymus\AppData\Local\{AEA3F31A-4FFA-431F-A30E-6516373E036A}
2011-12-14 16:22:04    --------    d-----w-    C:\Users\Zymus\AppData\Local\{17CB4CE2-AC78-4403-A149-73002FC4B35F}
2011-12-13 20:15:38    --------    d-----w-    C:\Users\Zymus\AppData\Roaming\Malwarebytes
2011-12-13 20:15:15    --------    d-----w-    C:\ProgramData\Malwarebytes
2011-12-13 20:15:12    25416    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2011-12-13 20:15:12    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-13 04:17:36    --------    d-----w-    C:\Users\Zymus\AppData\Local\{7CA4A4AE-C6C6-4F93-832D-31696CA6B3D4}
2011-12-13 04:17:25    --------    d-----w-    C:\Users\Zymus\AppData\Local\{28C16A3C-A9B7-4839-8825-AF8F122AC1FD}
2011-12-12 09:26:51    --------    d-----w-    C:\Windows\System32\appmgmt
2011-12-12 09:22:00    --------    d-----w-    C:\Users\Zymus\AppData\Local\Secunia PSI
2011-12-12 09:21:54    --------    d-----w-    C:\Program Files (x86)\Secunia
2011-12-12 08:48:36    --------    d-----w-    C:\Users\Zymus\AppData\Local\{73997405-0101-45AE-9A0B-F35E2534B60B}
2011-12-12 08:06:03    --------    d-----w-    C:\Users\Zymus\AppData\Local\Diagnostics
2011-12-12 04:06:14    --------    d-----w-    C:\Users\Zymus\AppData\Roaming\X-Chat 2
2011-12-12 04:05:42    --------    d-----w-    C:\Program Files (x86)\X-Chat 2
2011-12-10 20:45:54    --------    d-----w-    C:\Users\Zymus\AppData\Local\{76BFF25A-68D1-4994-856D-7BBDCB051A78}
2011-12-10 20:45:44    --------    d-----w-    C:\Users\Zymus\AppData\Local\{AC859404-D0EF-4FF3-ADCB-E25C41E272F7}
2011-12-10 20:45:44    --------    d-----w-    C:\Users\Zymus\AppData\Local\{793C00A9-93A2-41A9-9287-B6A2D683A6C9}
2011-12-10 00:29:32    --------    d-----w-    C:\Users\Zymus\AppData\Local\ElevatedDiagnostics
2011-12-10 00:21:26    --------    d-----w-    C:\Users\Zymus\AppData\Local\Vitalwerks
2011-12-10 00:21:21    --------    d-----w-    C:\Program Files (x86)\No-IP
2011-12-09 21:21:18    --------    d-----w-    C:\Users\Zymus\AppData\Local\{64C20062-6E5A-445B-B7DE-534B29089419}
2011-12-09 21:21:08    --------    d-----w-    C:\Users\Zymus\AppData\Local\{DF44B589-F919-4B70-BC90-3B919A45FB1A}
2011-12-09 00:22:39    --------    d-----w-    C:\Users\Zymus\AppData\Local\{10C1847A-5269-4894-BB3E-8BA08B51F93D}
2011-12-09 00:22:29    --------    d-----w-    C:\Users\Zymus\AppData\Local\{968D589C-9E4B-4560-AEF6-86F2EEA10BFF}
2011-12-07 22:51:14    --------    d-sh--w-    C:\Users\Zymus\AppData\Local\1d5c0c79
2011-12-07 21:49:43    --------    d-----w-    C:\Users\Zymus\AppData\Local\{9D278FD4-C0A5-4C6F-A170-CAA8CCAF53EF}
2011-12-07 21:49:33    --------    d-----w-    C:\Users\Zymus\AppData\Local\{527BF1D7-742C-463A-9771-8D5703DEADC0}
2011-12-07 09:02:59    --------    d-----w-    C:\Program Files (x86)\Android
2011-12-07 08:46:08    --------    d-----w-    C:\Program Files (x86)\Eclipse
2011-12-07 08:31:13    --------    d-----w-    C:\Users\Zymus\android-sdks
2011-12-07 08:30:30    --------    d-----w-    C:\Users\Zymus\.android
2011-12-07 08:28:42    --------    d-----w-    C:\ProgramData\Lx_cats
2011-12-07 08:25:59    983107    ----a-w-    C:\Windows\SysWow64\lxdegf.dll
2011-12-07 07:22:10    --------    d-----w-    C:\Windows\SysWow64\Wat
2011-12-07 07:22:10    --------    d-----w-    C:\Windows\System32\Wat
2011-12-07 07:14:35    8822856    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-12-07 07:11:58    --------    d-----w-    C:\Windows\System32\SPReview
2011-12-07 07:11:49    --------    d-----w-    C:\Windows\System32\EventProviders
2011-12-07 07:10:43    1544192    ----a-w-    C:\Windows\System32\DWrite.dll
2011-12-07 07:10:43    1139200    ----a-w-    C:\Windows\System32\FntCache.dll
2011-12-07 07:10:43    1076736    ----a-w-    C:\Windows\SysWow64\DWrite.dll
2011-12-07 07:10:42    902656    ----a-w-    C:\Windows\System32\d2d1.dll
2011-12-07 07:10:42    739840    ----a-w-    C:\Windows\SysWow64\d2d1.dll
2011-12-07 07:07:59    297808    ----a-w-    C:\Windows\SysWow64\mscoree.dll
2011-12-07 07:06:59    90112    ----a-w-    C:\Windows\System32\nci.dll
2011-12-07 07:05:59    9728    ----a-w-    C:\Windows\SysWow64\sscore.dll
2011-12-07 07:04:21    529408    ----a-w-    C:\Windows\System32\wbemcomn.dll
2011-12-07 07:02:02    --------    d-----w-    C:\Users\Zymus\.m2
2011-12-07 07:00:31    --------    d-----w-    C:\Windows\PCHEALTH
2011-12-07 07:00:27    --------    d-----w-    C:\Users\Zymus\AppData\Local\Eclipse
2011-12-07 06:58:54    --------    d-----w-    C:\Users\Zymus\.eclipse
2011-12-07 06:55:57    --------    d-----r-    C:\Program Files (x86)\Skype
2011-12-07 06:52:55    --------    d-----w-    C:\Users\Zymus\AppData\Local\Apps
2011-12-07 06:52:54    --------    d-----w-    C:\Users\Zymus\AppData\Local\Deployment
2011-12-07 06:49:49    --------    d-----w-    C:\e96a5da4bc0b41984c65
2011-12-07 06:49:33    15712    ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\5f2aa3041ccb4ac08\MeshBetaRemover.exe
2011-12-07 06:48:24    --------    d-----w-    C:\Users\Zymus\AppData\Local\Windows Live
2011-12-07 06:48:21    --------    d-----w-    C:\Program Files (x86)\Common Files\Windows Live
2011-12-07 06:43:58    --------    d-----w-    C:\Program Files (x86)\Common Files\Steam
2011-12-07 06:40:29    --------    d-----w-    C:\Users\Zymus\AppData\Roaming\OpenOffice.org
2011-12-07 06:37:09    --------    d-----w-    C:\Program Files (x86)\OpenOffice.org 3
2011-12-07 06:36:37    472808    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2011-12-07 06:28:30    --------    d-----w-    C:\NVIDIA
2011-12-07 06:07:35    --------    d-----w-    C:\Users\Zymus\AppData\Local\Adobe
2011-12-07 06:07:06    --------    d-----w-    C:\Users\Zymus\AppData\Local\Solid State Networks
2011-12-07 06:03:41    414368    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-07 06:00:59    627600    ----a-w-    C:\Windows\System32\deployJava1.dll
2011-12-07 05:55:36    --------    d-----w-    C:\Program Files (x86)\BitTorrent
2011-12-07 05:53:54    421888    ----a-w-    C:\Windows\System32\KernelBase.dll
2011-12-07 05:47:07    976896    ----a-w-    C:\Windows\System32\inetcomm.dll
2011-12-07 05:47:07    741376    ----a-w-    C:\Windows\SysWow64\inetcomm.dll
2011-12-07 05:47:06    974336    ----a-w-    C:\Windows\System32\WFS.exe
2011-12-07 05:47:06    267776    ----a-w-    C:\Windows\System32\FXSCOVER.exe
2011-12-07 05:47:03    90624    ----a-w-    C:\Windows\System32\drivers\bowser.sys
2011-12-07 05:47:02    5561216    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2011-12-07 05:47:01    3967872    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2011-12-07 05:47:01    3912576    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2011-12-07 05:46:55    861696    ----a-w-    C:\Windows\System32\oleaut32.dll
2011-12-07 05:46:55    571904    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
2011-12-07 05:46:55    331776    ----a-w-    C:\Windows\System32\oleacc.dll
2011-12-07 05:46:55    233472    ----a-w-    C:\Windows\SysWow64\oleacc.dll
2011-12-07 05:37:19    917840    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9207E304-0BC2-473E-8DF1-73061BBFB194}\gapaengine.dll
2011-12-07 05:37:09    270720    ------w-    C:\Windows\System32\MpSigStub.exe
2011-12-07 05:36:04    --------    d-----w-    C:\Program Files (x86)\Microsoft Security Client
2011-12-07 05:35:57    --------    d-sh--w-    C:\Windows\Installer
2011-12-07 05:35:57    --------    d-----w-    C:\Program Files\Microsoft Security Client
2011-12-07 05:33:58    --------    d-----w-    C:\Program Files\NVIDIA Corporation
2011-12-07 05:31:02    --------    d-----w-    C:\Users\Zymus\AppData\Local\VirtualStore
2011-12-07 05:22:08    --------    d-----w-    C:\Windows\Panther
2011-11-25 06:23:32    203320    ----a-w-    C:\Windows\System32\drivers\ssudmdm.sys
2011-11-25 06:23:28    98616    ----a-w-    C:\Windows\System32\drivers\ssudbus.sys
.
==================== Find3M  ====================
.
2011-12-07 07:31:40    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2011-12-07 07:31:39    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2011-11-04 01:53:39    2309120    ----a-w-    C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47    1390080    ----a-w-    C:\Windows\System32\wininet.dll
2011-11-04 01:44:21    1493504    ----a-w-    C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42    1798144    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21    1427456    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47    1127424    ----a-w-    C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2011-10-15 08:54:52    321856    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2011-09-29 16:29:28    1923952    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 21:39:36.83 ===============

Attach:

EDIT: @Balon: As stated in the first post

Quote: Originally Posted by Zymus

I don't have a Windows Firewall service, a Base Filtering Engine service, or a Firewall Client Agent service.

Even after applying your registry changes.

EDIT: After updating and restarting a second time, the Windows Firewall, and Base Filtering Engine are now in the Services window, and the firewall is working. With that, I thank you.

Balon · 16 Dec 2011

no problem buddy! if you need anymore help let me know or one of these nice people here im sure any of us can assist you.

Tugotti · 16 Dec 2011

Balon,

I have tried your fix. the windows firewall services shows up again, but i cant start the services says "Error 1068: The dependency services or group failed to start" any suggestion?

Thanks,
Tugotti

Quote: Originally Posted by Balon

Hi there, my name is Balon and I am pretty sure I have the way to fix your problem.

IT IS SUGGESTED YOU BACKUP YOUR REGISTRY BEFORE PROCEEDING

Backing Up Your Registry

Go Here and download ERUNT
(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
Choose a location for the backup
(the default location is C:\WINDOWS\ERDNT which is acceptable).
Make sure that at least the first two check boxes are ticked
Press OK
Press YES to create the folder.

Registry Modifications

Download both the registry files

bfe.reg

firewall.reg

Launch and import them to registry

Restart your PC

Now,open RUN and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Now,open RUN and type

services.msc and click ok

start base filtering engine service and then windows firewall service

For further assistance contact me here, I will be checking this thread every few hours, this worked for me and it should work for you too.

Balon · 16 Dec 2011

Refer to post below

Balon · 16 Dec 2011

Quote: Originally Posted by Tugotti

Balon,

I have tried your fix. the windows firewall services shows up again, but i cant start the services says "Error 1068: The dependency services or group failed to start" any suggestion?

Thanks,
Tugotti

Click Start, Run and type Services.msc
Right-click the Network Connections entry
Set its Startup type to Manual
Click Start to start the service
Right-click Windows Management Instrumentation
Set its Startup type to Automatic
Click Start to start the service.

Then start the BFE service first then the Windows Firewall service. Now tell me if you are able to access your firewall?

Tugotti · 16 Dec 2011

Thanks Balon,
I will give it a try. I'll report back when i try it.

Tugotti

Quote: Originally Posted by Balon

Quote: Originally Posted by Tugotti

Balon,

I have tried your fix. the windows firewall services shows up again, but i cant start the services says "Error 1068: The dependency services or group failed to start" any suggestion?

Thanks,
Tugotti

Click Start, Run and type Services.msc
Right-click the Network Connections entry
Set its Startup type to Manual
Click Start to start the service
Right-click Windows Management Instrumentation
Set its Startup type to Automatic
Click Start to start the service.

Then start the BFE service first then the Windows Firewall service. Now tell me if you are able to access your firewall?

Windows 7: Unable to start Windows Firewall

Unable to start Windows Firewall problems?