New
#11
Download DDS from one of these links:
Mirror 1 Mirror 2 Mirror 3
- Disable any script blocking protection
- Double click the dds icon to run the tool.
- When done, DDS will open two (2) logs:
- DDS.txt
- Attach.txt <--- will be minimized in the task tray
- Save both reports to your desktop.
Include the contents of both logs in your next post.
Hi there, my name is Balon and I am pretty sure I have the way to fix your problem.
IT IS SUGGESTED YOU BACKUP YOUR REGISTRY BEFORE PROCEEDING
Backing Up Your Registry
- Go Here and download ERUNT
(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)- Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)- Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)- Choose a location for the backup
(the default location is C:\WINDOWS\ERDNT which is acceptable).- Make sure that at least the first two check boxes are ticked
- Press OK
- Press YES to create the folder.
Registry Modifications
Download both the registry files
bfe.reg
firewall.reg
Launch and import them to registry
Restart your PC
Now,open RUN and type
regedit and click ok
go to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
Right click on it-permissions
Click on ADD and type
Everyone and click ok
Now Click on Everyone
Below you have permission for users
Select full control and click ok
Now,open RUN and type
services.msc and click ok
start base filtering engine service and then windows firewall service
For further assistance contact me here, I will be checking this thread every few hours, this worked for me and it should work for you too.
@Balon: Thank you, it worked!!
I was a bit nervous following your tip, but in the end I figured I had nothing to lose as I was about ready to reinstall anyway!
I'm still not quite sure what the .reg informations you provide exactly do, but my firewall is up and running again. I've tried many suggestions before that, yours is the only one that worked for me.
I registered on this forum solely so I could post this message!
REG file contents:
bfe.reg
firewall.regCode:Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE] "DisplayName"="@%SystemRoot%\\system32\\bfe.dll,-1001" "Group"="NetworkProvider" "ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\ 74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\ 00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00 "Description"="@%SystemRoot%\\system32\\bfe.dll,-1002" "ObjectName"="NT AUTHORITY\\LocalService" "ErrorControl"=dword:00000001 "Start"=dword:00000002 "Type"=dword:00000020 "DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00 "ServiceSidType"=dword:00000003 "RequiredPrivileges"=hex(7):53,00,65,00,41,00,75,00,64,00,69,00,74,00,50,00,72,\ 00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00 "FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\ 00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters] "ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 62,00,66,00,65,00,2e,00,64,00,6c,00,6c,00,00,00 "ServiceDllUnloadOnStop"=dword:00000001 "ServiceMain"="BfeServiceMain"
Code:Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc] "DisplayName"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23090" "Group"="NetworkProvider" "ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\ 00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00 "Description"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23091" "ObjectName"="NT Authority\\LocalService" "ErrorControl"=dword:00000001 "Start"=dword:00000002 "Type"=dword:00000020 "DependOnService"=hex(7):6d,00,70,00,73,00,64,00,72,00,76,00,00,00,62,00,66,00,\ 65,00,00,00,00,00 "ServiceSidType"=dword:00000003 "RequiredPrivileges"=hex(7):53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,\ 00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,\ 72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,75,\ 00,64,00,69,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\ 00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,\ 00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\ 53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,00,6f,00,62,00,61,\ 00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\ 65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,\ 00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,\ 6e,00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,\ 00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00 "FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\ 00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters] "ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 6d,00,70,00,73,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00 "ServiceDllUnloadOnStop"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters\PortKeywords] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap] "Collection"=hex:87,00,01,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters\PortKeywords\Teredo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc\Security] "Security"=hex:01,00,14,80,b4,00,00,00,c0,00,00,00,14,00,00,00,30,00,00,00,02,\ 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,02,00,84,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\ 05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\ 20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\ 00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,15,00,\ 00,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,\ 0e,a7,8b,eb,ca,7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,\ 00,00,00,05,12,00,00,00
DDS
Attach:Code:. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Zymus at 21:38:45 on 2011-12-15 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8190.6776 [GMT -8:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\lxdecoms.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Lexmark 4800 Series\lxdemon.exe C:\Program Files (x86)\Lexmark 4800 Series\lxdeamon.exe C:\Program Files (x86)\BitTorrent\BitTorrent.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\Zymus\AppData\Local\Apps\2.0\YXDXMO2Q.ENR\49XGNZ6Q.K49\curs..tion_eee711038731a406_0004.0000_2ad57790d5451048\CurseClient.exe C:\Program Files (x86)\No-IP\DUC30.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, optimized for Bing and MSN mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript StartupFolder: C:\Users\Zymus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip StartupFolder: C:\Users\Zymus\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NO-IPD~1.LNK - C:\Program Files (x86)\No-IP\DUC30.exe StartupFolder: C:\Users\Zymus\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll TCP: DhcpNameServer = 68.87.69.150 68.87.85.102 TCP: Interfaces\{9735EF2A-D813-464D-A92C-6410984170C8} : DhcpNameServer = 68.87.69.150 68.87.85.102 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Zymus\AppData\Roaming\Mozilla\Firefox\Profiles\ith252ts.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 lxde_device;lxde_device;C:\Windows\system32\lxdecoms.exe -service --> C:\Windows\system32\lxdecoms.exe -service [?] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248] R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr6164.sys --> C:\Windows\system32\DRIVERS\netr6164.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 lxdeCATSCustConnectService;lxdeCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxdeserv.exe [2007-5-29 33712] S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-12-6 2253120] S2 Secunia Update Agent;Secunia Update Agent;"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service --> C:\Program Files (x86)\Secunia\PSI\sua.exe [?] S3 CorsairCAHS1;CA-HS1 Interface;C:\Windows\system32\drivers\CAHS164.sys --> C:\Windows\system32\drivers\CAHS164.sys [?] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?] S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2011-12-15 09:35:08 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD1C6DCF-DEAF-4035-99DB-4B86081EC7E2}\offreg.dll 2011-12-15 09:35:07 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD1C6DCF-DEAF-4035-99DB-4B86081EC7E2}\mpengine.dll 2011-12-15 00:34:17 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2011-12-15 00:34:16 3145216 ----a-w- C:\Windows\System32\win32k.sys 2011-12-15 00:34:15 723456 ----a-w- C:\Windows\System32\EncDec.dll 2011-12-15 00:34:15 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2011-12-15 00:34:12 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2011-12-15 00:34:12 2048 ----a-w- C:\Windows\System32\tzres.dll 2011-12-14 16:22:14 -------- d-----w- C:\Users\Zymus\AppData\Local\{AEA3F31A-4FFA-431F-A30E-6516373E036A} 2011-12-14 16:22:04 -------- d-----w- C:\Users\Zymus\AppData\Local\{17CB4CE2-AC78-4403-A149-73002FC4B35F} 2011-12-13 20:15:38 -------- d-----w- C:\Users\Zymus\AppData\Roaming\Malwarebytes 2011-12-13 20:15:15 -------- d-----w- C:\ProgramData\Malwarebytes 2011-12-13 20:15:12 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-12-13 20:15:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-12-13 04:17:36 -------- d-----w- C:\Users\Zymus\AppData\Local\{7CA4A4AE-C6C6-4F93-832D-31696CA6B3D4} 2011-12-13 04:17:25 -------- d-----w- C:\Users\Zymus\AppData\Local\{28C16A3C-A9B7-4839-8825-AF8F122AC1FD} 2011-12-12 09:26:51 -------- d-----w- C:\Windows\System32\appmgmt 2011-12-12 09:22:00 -------- d-----w- C:\Users\Zymus\AppData\Local\Secunia PSI 2011-12-12 09:21:54 -------- d-----w- C:\Program Files (x86)\Secunia 2011-12-12 08:48:36 -------- d-----w- C:\Users\Zymus\AppData\Local\{73997405-0101-45AE-9A0B-F35E2534B60B} 2011-12-12 08:06:03 -------- d-----w- C:\Users\Zymus\AppData\Local\Diagnostics 2011-12-12 04:06:14 -------- d-----w- C:\Users\Zymus\AppData\Roaming\X-Chat 2 2011-12-12 04:05:42 -------- d-----w- C:\Program Files (x86)\X-Chat 2 2011-12-10 20:45:54 -------- d-----w- C:\Users\Zymus\AppData\Local\{76BFF25A-68D1-4994-856D-7BBDCB051A78} 2011-12-10 20:45:44 -------- d-----w- C:\Users\Zymus\AppData\Local\{AC859404-D0EF-4FF3-ADCB-E25C41E272F7} 2011-12-10 20:45:44 -------- d-----w- C:\Users\Zymus\AppData\Local\{793C00A9-93A2-41A9-9287-B6A2D683A6C9} 2011-12-10 00:29:32 -------- d-----w- C:\Users\Zymus\AppData\Local\ElevatedDiagnostics 2011-12-10 00:21:26 -------- d-----w- C:\Users\Zymus\AppData\Local\Vitalwerks 2011-12-10 00:21:21 -------- d-----w- C:\Program Files (x86)\No-IP 2011-12-09 21:21:18 -------- d-----w- C:\Users\Zymus\AppData\Local\{64C20062-6E5A-445B-B7DE-534B29089419} 2011-12-09 21:21:08 -------- d-----w- C:\Users\Zymus\AppData\Local\{DF44B589-F919-4B70-BC90-3B919A45FB1A} 2011-12-09 00:22:39 -------- d-----w- C:\Users\Zymus\AppData\Local\{10C1847A-5269-4894-BB3E-8BA08B51F93D} 2011-12-09 00:22:29 -------- d-----w- C:\Users\Zymus\AppData\Local\{968D589C-9E4B-4560-AEF6-86F2EEA10BFF} 2011-12-07 22:51:14 -------- d-sh--w- C:\Users\Zymus\AppData\Local\1d5c0c79 2011-12-07 21:49:43 -------- d-----w- C:\Users\Zymus\AppData\Local\{9D278FD4-C0A5-4C6F-A170-CAA8CCAF53EF} 2011-12-07 21:49:33 -------- d-----w- C:\Users\Zymus\AppData\Local\{527BF1D7-742C-463A-9771-8D5703DEADC0} 2011-12-07 09:02:59 -------- d-----w- C:\Program Files (x86)\Android 2011-12-07 08:46:08 -------- d-----w- C:\Program Files (x86)\Eclipse 2011-12-07 08:31:13 -------- d-----w- C:\Users\Zymus\android-sdks 2011-12-07 08:30:30 -------- d-----w- C:\Users\Zymus\.android 2011-12-07 08:28:42 -------- d-----w- C:\ProgramData\Lx_cats 2011-12-07 08:25:59 983107 ----a-w- C:\Windows\SysWow64\lxdegf.dll 2011-12-07 07:22:10 -------- d-----w- C:\Windows\SysWow64\Wat 2011-12-07 07:22:10 -------- d-----w- C:\Windows\System32\Wat 2011-12-07 07:14:35 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-12-07 07:11:58 -------- d-----w- C:\Windows\System32\SPReview 2011-12-07 07:11:49 -------- d-----w- C:\Windows\System32\EventProviders 2011-12-07 07:10:43 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2011-12-07 07:10:43 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2011-12-07 07:10:43 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-12-07 07:10:42 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-12-07 07:10:42 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-12-07 07:07:59 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll 2011-12-07 07:06:59 90112 ----a-w- C:\Windows\System32\nci.dll 2011-12-07 07:05:59 9728 ----a-w- C:\Windows\SysWow64\sscore.dll 2011-12-07 07:04:21 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2011-12-07 07:02:02 -------- d-----w- C:\Users\Zymus\.m2 2011-12-07 07:00:31 -------- d-----w- C:\Windows\PCHEALTH 2011-12-07 07:00:27 -------- d-----w- C:\Users\Zymus\AppData\Local\Eclipse 2011-12-07 06:58:54 -------- d-----w- C:\Users\Zymus\.eclipse 2011-12-07 06:55:57 -------- d-----r- C:\Program Files (x86)\Skype 2011-12-07 06:52:55 -------- d-----w- C:\Users\Zymus\AppData\Local\Apps 2011-12-07 06:52:54 -------- d-----w- C:\Users\Zymus\AppData\Local\Deployment 2011-12-07 06:49:49 -------- d-----w- C:\e96a5da4bc0b41984c65 2011-12-07 06:49:33 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5f2aa3041ccb4ac08\MeshBetaRemover.exe 2011-12-07 06:48:24 -------- d-----w- C:\Users\Zymus\AppData\Local\Windows Live 2011-12-07 06:48:21 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2011-12-07 06:43:58 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2011-12-07 06:40:29 -------- d-----w- C:\Users\Zymus\AppData\Roaming\OpenOffice.org 2011-12-07 06:37:09 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3 2011-12-07 06:36:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-12-07 06:28:30 -------- d-----w- C:\NVIDIA 2011-12-07 06:07:35 -------- d-----w- C:\Users\Zymus\AppData\Local\Adobe 2011-12-07 06:07:06 -------- d-----w- C:\Users\Zymus\AppData\Local\Solid State Networks 2011-12-07 06:03:41 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-12-07 06:00:59 627600 ----a-w- C:\Windows\System32\deployJava1.dll 2011-12-07 05:55:36 -------- d-----w- C:\Program Files (x86)\BitTorrent 2011-12-07 05:53:54 421888 ----a-w- C:\Windows\System32\KernelBase.dll 2011-12-07 05:47:07 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2011-12-07 05:47:07 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll 2011-12-07 05:47:06 974336 ----a-w- C:\Windows\System32\WFS.exe 2011-12-07 05:47:06 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe 2011-12-07 05:47:03 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2011-12-07 05:47:02 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe 2011-12-07 05:47:01 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2011-12-07 05:47:01 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2011-12-07 05:46:55 861696 ----a-w- C:\Windows\System32\oleaut32.dll 2011-12-07 05:46:55 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2011-12-07 05:46:55 331776 ----a-w- C:\Windows\System32\oleacc.dll 2011-12-07 05:46:55 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2011-12-07 05:37:19 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9207E304-0BC2-473E-8DF1-73061BBFB194}\gapaengine.dll 2011-12-07 05:37:09 270720 ------w- C:\Windows\System32\MpSigStub.exe 2011-12-07 05:36:04 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2011-12-07 05:35:57 -------- d-sh--w- C:\Windows\Installer 2011-12-07 05:35:57 -------- d-----w- C:\Program Files\Microsoft Security Client 2011-12-07 05:33:58 -------- d-----w- C:\Program Files\NVIDIA Corporation 2011-12-07 05:31:02 -------- d-----w- C:\Users\Zymus\AppData\Local\VirtualStore 2011-12-07 05:22:08 -------- d-----w- C:\Windows\Panther 2011-11-25 06:23:32 203320 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys 2011-11-25 06:23:28 98616 ----a-w- C:\Windows\System32\drivers\ssudbus.sys . ==================== Find3M ==================== . 2011-12-07 07:31:40 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-12-07 07:31:39 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll 2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-10-15 08:54:52 321856 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 21:39:36.83 ===============
EDIT: @Balon: As stated in the first post
Even after applying your registry changes.
EDIT: After updating and restarting a second time, the Windows Firewall, and Base Filtering Engine are now in the Services window, and the firewall is working. With that, I thank you.
Last edited by Zymus; 16 Dec 2011 at 02:52.
no problem buddy! if you need anymore help let me know or one of these nice people here im sure any of us can assist you.
- Click Start, Run and type Services.msc
- Right-click the Network Connections entry
- Set its Startup type to Manual
- Click Start to start the service
- Right-click Windows Management Instrumentation
- Set its Startup type to Automatic
- Click Start to start the service.
Then start the BFE service first then the Windows Firewall service. Now tell me if you are able to access your firewall?