Can't activate windows firewall

soluicius · Apr 28, 2011

Hi everyone
I can't activate windows firewall..
I get this error( see atachment)

Layback Bear · Apr 28, 2011

Are you using another firewall. If you are it will turn off Windows firewall.

soluicius · Apr 28, 2011

no... i don't use any other windows firewall:|

Capt.Jack Sparrow · Apr 28, 2011

soluicius said:
no... i don't use any other windows firewall:|

Hi there,

Follow this tutorial and run a scan http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html

soluicius · Apr 28, 2011

i have followed that steps.. here is the log

Capt.Jack Sparrow · Apr 28, 2011

Hi there,

Seems like SLWGA.dll (Software Licensing Windows Genuine Advantage ) in the system32 folder seems to be corrupted. Download Malwarebytes : Free anti-malware, anti-virus and spyware removal download and go to Safe Mode and run a complete scan.

Once that's done

Go to Start under search type in Regedit
There go to Computer and Right click and Click on Export
Under File name type in Regback

You have to give permission to the following keys :

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp\Configurations
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DPS\Parameters

To give permission

Right click the key, and click Permissions.
Make sure Locations is selected to be the local computer.
In the "Enter the object names to select field, type "NT SERVICE\mpssvc". Then click "Check name."
Click OK.
Then select the account which appears in the list, and add the appropriate permission for it.
When this is done, click OK.

Make sure you have click mark under Allow "Full control" for all the Permissions.

soluicius · Apr 28, 2011

done the scan(see atachment for the log)

problem with permissions with this:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DPS\Parameters
Error: Acces denied.
:|

Capt.Jack Sparrow · Apr 28, 2011

Seems like it found infection on your system. I'll ask a security expert to look at the logs again.

Thanks,
Captain

Carolyn · Apr 28, 2011

Backdoor Warning
Your computer has multiple infections, including a Backdoor.
A backdoor is a software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user's knowledge.
A backdoor compromises system integrity by making changes to the system that allow it to by used by the attacker for malicious purposes unknown to the user.
Typically it's installed without user interaction through security exploits, and can severely compromise system security.
Such infections may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install additional malware.
These backdoor infections may also collect and transmit personally identifiable information, without your consent and severely degrade the performance and stability of your computer.
A backdoor infection can give intruders complete control of your computer, logs your keystrokes, obtain passwords, steal personal information, etc.

You are strongly advised to do the following:

Disconnect the computer from the Internet and from any networked computers until it is cleaned.
Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft
and put a watch on your accounts. If you don't mind the hassle, change all your account numbers.
From a clean computer, change all your passwords
(ISP login password, your email address(es) passwords, financial accounts, PayPal, eBay, Amazon, any online activity you perform, requiring a username and password).
Do NOT change your passwords from this computer as the attacker will be able to get all the new passwords and transaction records.
Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.

Due to its backdoor functionality, your computer is very likely to have been compromised and there is no way that it can be trusted again.
Many experts in the security community believe that once infected with this type of trojan, the best course of action would be to do a reformat and re-installation of the operating system (OS).
This decision will have to be made by you...

To help you understand more, please take some time to read the following articles:
When should I re-format and reinstall my OS
What are Remote Access Trojans and why are they dangerous
How do I respond to a possible identity theft and how do I prevent it
How and Where to backup your files
Restoring your backups

Please let me know how you would like to proceed.
Thanks

soluicius · Apr 28, 2011

Ok... i will re-formate my OS

thx very much

Carolyn · Apr 28, 2011

You're welcome

Can't activate windows firewall

soluicius

New member

Attachments

My Computer

Layback Bear

3 Brain Cells

My Computer

soluicius

New member

My Computer

Capt.Jack Sparrow

Crash Dump Analyst

My Computer

soluicius

New member

My Computer

Capt.Jack Sparrow

Crash Dump Analyst

My Computer

soluicius

New member

Attachments

My Computer

Capt.Jack Sparrow

Crash Dump Analyst

My Computer

Carolyn

feathered friend

My Computer

soluicius

New member

My Computer

Carolyn

feathered friend

My Computer