Windows Firewall damaged by 'Windows 7 antivirus 2012'

I run Windows 7. I think 64bit, not sure.
I have been getting hit with a lot of rogue antiviruses and up till now have been fighting them off, but last night I was hit by a new rendition of "Windows 7 Antivirus 2012".
I got a window saying explorer.exe wanted to make changes to my computer, I would tell it no and each time it would return. In between the constantly returning window I managed to open the task manager, find the process, and end the process. I then found
the file and destroyed it with killbox.
Everything seems to be back in working order now, except for the firewall. Every page in the control panel for windows firewall gives me an Administrator button that says use reccomended settings', when I click it it says it can't do that and gives
me error 0x800705b4, which I understand to be an authentication error.
The last time I had this I tried to reset my firewall with an admistrator command prompt, it would tell me it could not load wshelper.dll, so I did some stuff I cannot remember to reset my winsock and was then able to reset my firewall and all was good again.
This time when I go into command.com and type 'netsh advfirewall reset' instead of the DLL message, I get 'An error occoured while attempting to contact the  Windows Firewall service. Make sure the service is running and try your request again'.
In my attempts to fix this myself I have been to the device manager. I had it 'show hidden devices' and located my Windows Firewall Authorization driver. I found it had been stopped, and so I started it again. It currently says it is started, but nothing
has changed functionally.
I have been into Services as an Administrator; Windows Firewall is not there. I was also told to look for Windows Event Controller and Base Filtering Engine and they are not there either.
I have done an administrator command promtp with sfc /scannow and the first time it said it had made changes and the second time it said everythign was alright but nothing functionally has changed.
I have been told to enter the following command prompts and gotten - the following results
netsh advfirewall reset - error stated above
net start mpsdrv - The requested service has already been started
net start bfe - The service name is invalid
net start mpssvc - the service name is invalid
regsvr32 firewallapi.dll - Popup window stating DllRegisterServer in firewallapi.dll succeeded
no functional change after that.
I have also been told to try:
sc config wuauserv start= auto - [SC] ChangeServiceConfig SUCCESS
sc config bits start= auto - [SC] ChangeServiceConfig SUCCESS
sc config DcomLaunch start= auto - Access is denied.
net stop wuauserv - The Windows Update service was stopped successfully.
net start wuauserv - The Windows Update service was started successfully.
net stop bits - The Backround Intelligent Transfer Service was stopped successfully.
net start bits - The Backround Intelligent Transfer Service was started successfully.
net start dcomlaunch - The requested service has already been started.
I have also tried a system restore, but whatever is screwing with my firewall is also screwing with that an it will not complete successfully.
A Windows XP thread steered me toward a file called, I believe, netfw.inf in my windir folder, related to the firewall. This does not seem to be on my Windows 7 machine and I have been unable to find the Windows 7 equivalent.
So, it appears my firewall is gone, or just pretending to be. I fixxed it last time by making some correction to my winsock but I cannot seem to find the process I used for that. Additionally, Microsoft Security Essentials has dissapeared from my system
tray, though otherwise seems to be working fine.
I am confident that this can be fixxed without a wipe and reinstall. Please help.

Hi
Make sure that PC is clean(free from zero access rootkit before trying this fixes)
This firewall issue is commonly found on vista and windows 7 (64 BIT OS)
It is recommended to contact malware removal forums to remove it first and try the fix
Run the services repair tool by ESET
http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe
Restart the PC.Firewall and critical missing services should work.
Manual Fix
Download both the registry files
Windows firewall - 
Firewall
Base filtering engine - 
BFE
Launch them,You should get a UAC prompt now
Click YES  & Restart your PC
Now,Press Windows+ R key and type
regedit and click ok
go to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
Right click on it-permissions
Click on ADD and type
Everyone and click ok
Now Click on Everyone
Below you have permission for users
Select full control and click ok
Now,open RUN and type
services.msc and click ok
start base filtering engine service and then windows firewall service
If you still have this error
Windows could not start Windows Firewall on local Computer. See event log, if non-windows services contact vendor. Error code 5.
Download and launch this key,click YES
Shared access
give full control permission to this key similar to previous one
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess
Right click on it -permissions
Click on Add and type
Everyone and select Full control
You should able to start firewall now
You may also be missing security center windows defender ,BITS and windows update services
Download
Security center  -wscsvc
Windows defender - windefend
BITS    -  BITS
Windows update  - 
wuauserv
Launch them and click YES when you get a UAC prompt
Good luck

Similar Messages

  • Can't connect to the Hyper-V manager after upgrading to Windows Hyper-V 2012 R2

    I have some Hyper-V server based on the free version (Windows Hyper-V 2012). I want to upgrade to the new version (Windows Hyper-V 2012 R2). So I begin to test it with
    an already working server (aka I was able to totally manager the server remotely without problem) and so upgrade it to the R2.
    After the upgrade, remote management and Hyper-V manager does not work anymore. So I redo my usual configuration steps (enable remote management, open firewall, uses
    latest hvremote.wsf, etc.). I was able to regain access to Computer Manager but not the Hyper-V manager which still can't connect at all. I can't access the Task Scheduler too without having a lot of XML error like "The task XML contains a value which
    is incorrectly formatted or out of range" (see below for screenshot).
    Is there a new step to do to be able to manage Hyper-V 2012 R2 from a Windows 7 computer?
    It's not a network problem as I can access RDP and MMC Computer Manager.
    To be sure the problem is coming from the R2, I have taken an old computer, install Windows Hyper-V 2012, do my usual configuration step, and
    tada: it works perfectly. I can access the Hyper-V manager from my client.
    Technical details:
    - Client is a Windows 7 SP1 x64 English member of a domain with latest RSAT (Windows6.1-KB958830-x64-RefreshPkg.msu).
    - Servers are in a workgroup (not a domain's member). And no, I can't add them to the same domain as the client.

    HI,
    Can we upgrade HyperV 2012 to hyper v 2012 R2.
    Thanks
    Atul

  • Could not able to execute FTP commands in windows server machines 2012/ windows server 2008.

    Could not able to execute FTP commands in windows server machines 2012/ windows server 2008.
    From windows server 2012 and windows server 2008, Opened port 20,21,22 in firewall bidirectionally. After Establishing connection by passing credentials  230 log in  successful.
    ftp commands executing getting as " 425 Use Port or PASV first" , "500 Illegal PORT command".
    But I could able to do windows client machines like windows 7 and windows 8 with same environment
    Note : Firewall ports are opened.  have tested by making firewall down to avoid filters. 
    Pandiyan Muthuraman

    Hi Pandiyan Muthuraman,
    Did you mean even you disable or open the related port the FTP issue still exist? I found this errors most time occur when we use the ISA firewall and the FTP configured passive
    mode, if you have ISA firewall please refer the following KB to fix this issue.
    How to enable passive CERN FTP connections through ISA Server 2000, 2004, or 2006
    http://support.microsoft.com/kb/300641
    The have a specific form for the IIS question, if you have the further IIS related question you can ask in IIS forum.
    IIS support forum
    http://forums.iis.net/
    Thanks for your understanding and support
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • Windows Live Mail 2012 - Outgoing Email Times Out due to Lost Server Connection

    Using Windows Live Mail 2012 on WIN7 64-bit.
    Been receiving emails seemingly without issues, but...
    Haven't been able to POST any outgoing emails now since September 16th for any of my main/sub accounts.
    Indicator is a Norton Internet Security popup stating:
    "Email Error. Your email message was unable to be sent because the connection to your email server was interrupted. Please open your email client and resend the message from the Sent Messages folder." Then it lists the from/to/subj.
    I recompose and try to resend; same results.
    I've rolled WIN7 back to September 6th, but results are the same.
    I thought perhaps NIS was blocking the SMTP port, but same results when I turn off NIS and Antivirus. I don't see anything of significance in NIS's logs.
    Of course, Verizon's mini-app that sniffs out and corrects email problems does not know or care about Live Mail. Just Outlook and OE.
    Ideas? Things to try? Thanks.
      ...Karl
    Solved!
    Go to Solution.

    GeezingInVA2 wrote:
    I noticed my email account server settings don't match what is defined on the FiOS email setup page on verizon.com.
    The server setting I have for my POP3 is "incoming.verizon.net" (not pop.verizon.net) and my SMTP server setting is "outgoing.verizon.net" (not smtp.verizon.net).
    Why don't these match? 
    Also, my port settings don't seem to match what's posted online.
    My outbound port is 25 (not 465) and my inbound port is 110 (not 995).
    Doesn't seem right to me, and I'm wondering what changed in the past week?
    The changes to pop/smtp from incoming/outgoing have been in the works for a while. Maybe Verizon finally go around to disabling the old servers?
    Either way, you should update to the latest settings.
    For the sake of example, we are going to pretend that we are setting up fictional account "[email protected]" and the password for logging into that account in webmail is "fakepassword" - Again, this is a fictitious account for the sake of an example.
    The settings for using Verizon's servers would be:
    Incoming Server: pop.verizon.net
    Server Requires Authentication: Yes
    Username: fakeacct
    Password: fakepassword
    Requires a Secure Connection (SSL): Yes
    Port: 995
    Outgoing Server: smtp.verizon.net
    Server Requires Authentication: Yes (You can set it to use the same settings as incoming, or manually enter the username and password.)
    Requires a Secure Connection (SSL): Yes
    Port: 465
    If you are given the option anywhere for Secure Password Authentication (SPA), set it to No or Normal
    If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem.
    "All knowledge is worth having."

  • I cannot send an email with attachment from elements 11 via windows live mail 2012 on my windows 8.1 pc.  Can anyone help?

    I am using elements 11, windows live mail 2012 on a windows 8.1 PC.  When trying to attach an elements 11 image to an email via the sharing option in Organizer, I get a message that the email message cannot be completed, and to try Adobe mail.  I have set preferences to windows live mail, but no success.

    Hi,
    With Windows 8, the new message sometimes hides in the taskbar
    When you see the spinning circle, look at the taskbar to see if the Windows Live Mail has grown another task. Hover over the icon on the taskbar to shown the two images, right click on the right hand image and then select maximize. That should show the message ready for sending.
    Good luck.
    Brian

  • Windows storage server 2012 share not connecting by share name but connecting thru IP address from windows XP machines

    We have a windows storage server 2012 (HP storage server) in our domain. All of sudden We had a issue, connecting the server shares using the share name only from XP machines, but it is connecting through IP address with a delayed response. We are getting
    the below error message from all the windows XP SP2 machines in our domain.
    "\\<share name> is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have a access permissions.
    Login Failure: The target account name is incorrect."
    But it is connecting while we are trying from windows 7 machines.  Also the other server shares (Windows 2003 server) are connecting without any issues using the share name. In addition to this we gave everyone permission for this share. And it worked
    well before but not now. Could you please suggest any solution for this complex issue?
    Thanks,
    UdayaKumar S

    Hi,
    We are getting the below critical alert mail often from our storage server. This could be the problem? 
    vent from Blade NODE01.*****.com, In Enclosure: EM-E83935ED70F6, Network Interface Lost Connectivity.
    Description: "A network interface has failed. An Ethernet adapter's status changed from OK to Error, or an Ethernet team's status changed to Error from another state."
    Source: CIM Indication from CSP Provider
    Date: 02-06-2014 Time: 18:52:26
    Blade: NODE01.****.com
    NetworkAddresses:
    Severity is Critical
    Recommended Actions: Check the network cables, switches, and hubs for the cause of the failure.
    Note: For More information please refer the Windows System Logs in the Event Viewer

  • Windows Deployment Services 2012 - Driver Group filter by Model value not working - Drivers are not installed!

    Hi,
    I'm using Windows Deployment Services 2012 to deploy Windows 7 Pro x64 driverless images to different hardware models (drivers are injected using WDS). I already have organized the drivers in driver groups per
    hardware model. I'm experiencing driver conflicts so I decided to start using driver group filters to make sure that the driver groups are available only available for the corresponding hardware model.
    To get the correct values for the filters i have used the following method: (as described in this article: http:// technet.microsoft.com/en-us/library/dd759191.aspx)
    so I checked msinfo32.exe
    (System Manufacturer: Dell Inc.     System Model: OptiPlex 790)
    and set these values in the driver group filter:
    Then fired up WDS using PXE booting on my OptiPlex but when finished: No drivers are installed! I investigated further and found on forums to use the following commands (which return the same values btw):
    wmic bios get manufacturer      
    (returns: Dell Inc.)
    wmic computersystem get manufacturer
    (returns: Dell Inc.)
    wmic computersystem get model
    (returns: OptiPlex 790)
    Values are the same so no problem there.
    Then I checked the output of the following commands: 
    wmic bios get model (returned: error, invalid query)
    wmic bios get /all (returned: all kind of information but no model value)
    When I remove the value "OptiPlex 790" from the filter list the drivers are installed correctly. So this has to be some problem with the Model value.
    Could someone please help me?
    As a workaround I now disable all the driver groups exept the one that I need for the hardware. But as more new hardware models are added this is a lot of work to do everytime.
    Extra info:
    I'm using a WINPE 4.0 image (windows 7 media boot.wim file). 6.1.7.601
    Windows Server version: Windows Server 2012 - version 6.2 (Build 9200) - All Windows updates are installed
    Windows Deployment Services version 6.2.9200.16384
    Having this problem on multiple systems
    Questions:
    - Does WDS/WinPE uses only the Bios values for determining system info? (then this problem could be with Dell in this example, because no model value is available)
    - Is this the correct way to set up driver group filters? (then this is a problem with MS. Does anyone have solution??)
    Thank you for your answers & help!

    Hi Microsoft,
    I still have no answer to my Questions.
    Thank you for your answers & help!

  • Receive a "Server is Not Available" error when trying to connect win 7 pro PC to Windows Server Essentials 2012 R2 Domain via Connector

    I am trying to connect Windows 7 Pro 64 bit SP1 Computers to a Windows Server 2012 Essentials R2 domain and I receive the following error: "The server is not available.  Try connecting to this computer again, or for more information, see Troubleshoot
    connecting computers to the server."  I have tried all of the steps in the Microsoft technet article "http://technet.microsoft.com/library/jj635102.aspx" and still am receiving this error.  A little background on this specific case...
    All of these computers were already attached to a different Windows Server Essentials 2012 R2 domain.  They have all been taken off the existing domain and added to a workgroup.  I have uninstalled the Server Essentials 2012 Connector and deleted
    all log files.  Has anyone else had this issue?  Any help would be greatly appreciated!  This is an urgent issue...  Thanks in advance all!

    Would you be willing to run this script on your server?
    http://gallery.technet.microsoft.com/Windows-Server-Essentials-556159c3
    Also on a client to test connectivity?
    Robert Pearman SBS MVP
    itauthority.co.uk |
    Title(Required)
    Facebook |
    Twitter |
    Linked in |
    Google+

  • Windows Server Essentials 2012 error code: 2147942403 The system cannot find the path specified

    Running Windows Server 2012 Essentials with an external usb 3 drive as a backup device.  Using a Vantec hx enclosure with a WD Red drive. Last night the Dashboard saw the drive with about half the 4TB available for backup. A.M., I get "error code:
    2147942403 The system cannot find the path specified".
    Going to the server desktop, I see a message indicating that the usb device malfunctioned.  unplugging it, and plugging it back in, I now have it available via the dashboard.
    This has happened a couple times with two different drives in Vantec hx enclosures.
    A couple possibilities come to mind:
    the enclosures may both be bad...
    there is some problem with the system software and external usb drive.
    Thoughts?
    Suggestions for external enclosures?
    Thanks!

    Hi,
    According to your description, my understanding is that you cannot backup the Windows Server Essentials 2012 and got "error code: 2147942403 The system cannot find the path specified". You found the usb device malfunctioned. 
    Can you backup the server when you unplugged the usb device, and plugged it back in? If you can backup the server when you replug the usb device, you need to engage the vendor to resolve the hard drive issues.
    Best Regards,
    Mandy 
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • Move Windows Domain Controller 2012 to other Windows Domain Controller 2012 eniveroment

    Dear All,
    I Have Windows Domain Controller 2012 and but this server have a lot of issue so I need to ask you if I can move this server to other new server as is old server if yes can you please guide me how to do that ?
    Regards, 

    Hello Khaleel,
    Your question doesnt specify what kind of errors are there on DC 2012. Try to resolve those errors.
    Incase the server cannot be remediated, you can demote the server from being a DC.
    you can demote the server using:
    http://terrytlslau.tls1.cc/2012/03/domain-controller-demotion-on-windows.html
    Please ensure, there is another DC in the domain and the FSMO roles , GC have been transferred to another server.
    http://support.microsoft.com/kb/223346/en-us
    http://www.archy.net/windows-server-2012-migrating-fsmo-roles/
    I LOVE MS..... Thanks and Regards, Kshitiz (Posting is provided "AS IS" with no warranties, and confers no rights.)

  • Best practices for upgrading Windows Server Essentials 2012 to R2?

    Hi,
    I need to upgrade my Windows Server Essentials 2012 on an HP microserver to Essentials R2 (specifically the R2 role on Standard rather than as a VM). After a reasonable amount of searching, I haven't found anything online that specifically addresses this in-place
    upgrade scenario. Since this is already an Essentials server, it's the PDC in its own domain, etc. Has anyone that's done this upgrade have any experiences or warnings to share?
    Thanks,
    Sean

    Hello there,
    There is no upgrade path from Server 2012 Essentials to R2.  R2 is not an upgrade, it is a new build.  Essentials does not upgrade easily, you will want to perform a migration of the server.  This will require additional hardware.  You
    can possibly backup the 2012 Essentials, build a temp server on workstation hardware just to do the migration from,  restore the backup to the new server and then perform the migration to R2. 

  • What are the netsh cmd line for windows server 2008,2012 ?

    Hi
        I am try to config ip,subnet,gateway,preferred and secondary dns using netsh for windows server 2008,2012,
    Before Netsh cmd support for all os including Win 8,win 8.1.
    I need to config form client machine to server machine using netsh cmd lines,i will try in remote login also like i will give server name,username and password with netsh cmd.Below is sample cmd line,using process i will change ip config.
    netsh -r Admin-pc -u admin-pc\administrator -p XXXXX interface ip set address name="Local Area Connection" Static 192.168.0.60 255.255.255.0 192.168.0.1
    when i run in windows server using cmd prompt it show error like "some commands line not found in specified file"
    This is my code in asp.net using vb
     Dim pip As New Process()
            Dim pipa As New ProcessStartInfo("netsh -r Admin-pc -u admin-pc\administrator -p XXXXX interface ip set address name="Local Area Connection" Static 192.168.0.60 255.255.255.0 192.168.0.1")
            pip.StartInfo = pipa
            pip.StartInfo.UseShellExecute = False
            pip.StartInfo.RedirectStandardOutput = True
            pip.Start()
            pip.WaitForExit()
    And if change  ip,subnet and default gateway,internet not work,if i change preferred and secondary dns then only internet work and can browse.
    I can change ip,subnet,gateway,both dns is some other way,below is the link
    http://www.codeproject.com/Questions/795642/How-to-change-IP-Subnet-Gateway-DNS-Prefers-and-al?arn=0
    but what problem is if server is logoff,changes not reflect in server machine,may be it logoff.
    So i need is if server is logoff,need to change ip,subnet,gateway and both dns using netsh or some other vb codings in asp,net.I am try to change ip address form client machine also.
    Pls reply asap
     Regards
         Aravind 

    For the shell scripting I'd try them here.
    Scripting forum on MSDN
    Scripting Guys forum on TechNet
    For the asp.net I'd ask over here.
    Microsoft ASP.Net forums
    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

  • Windows Server Standard 2012 downgrade to windows 2008 r2 ent. hyper-v vm support

    Dear All,
    please suggest what i have to purchase for running more than 4 vm in downgraded windpws 2008 r2 ent
    if i purchased Windows Server Standard 2012 SNGL OLP NL 2 Processor and installed in one ibm server with downgrade OS windows 2008 r2 & wants to use more than 4 vm on this server.
    then what is the way & which license i need to purchase.
    pls help
    Sunil
    SUNIL PATEL SYSTEM ADMINISTRATOR

    i have 2 nos license of Windows Server Standard 2012 SNGL OLP NL 2 Processor
    if i want to run 8 vm then need another 2 lice..of same??
    its depends on processor???????
    pls confirm..
    SUNIL PATEL SYSTEM ADMINISTRATOR

  • Windows Live Mail 2012 Ovi Mail settings and delet...

    Hello
    Does anybody know the correct settings for Ovi Mail in Windows Live Mail 2012?
    And is it possible to recover deleted e-mails from your Ovi Mail?
    Lars

    Does this help?
    LVT89 wrote:
    Is it possible to recover deleted e-mails from your Ovi Mail?
    Does this help » Folder » Trash?

  • How do I download windows live mail 2012 ? I have it on my desk top computer, but I would like it on my PC . . .

    I have downloaded "Windows Essentials" and now I want to download "Windows Live Mail 2012"  How do I do it ?  I currently have it on my desk top and I would like it on my PC . .

    This one may help.
    https://support.office.microsoft.com/en-GB/article/Set-up-email-in-Windows-Live-Mail-2011-or-Windows-Live-Mail-2012-35af1bfa-7e4a-4d9a-9b42-38d486cb5f4f#__toc340043458
    Or try asking them here.
    http://answers.microsoft.com/en-us/windowslive/forum/livemail?tab=Threads
    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Maybe you are looking for

  • What is the purpose of GL account in the account assignment tab of PO scree

    hi, in the purchase order screen, in the account assignment tab, there is a field labelled as GL account. May i know what is the purpose of this gl account because as far as i am concerned we need to specify the vendor gl account (in the vendor maste

  • How do I prevent the use of electronic signatures?

    I have numerous fillable forms that my office makes available to the general public.  The forms must be printed and signed by hand.  However, we continually receive the documents with digital signatures, and I need to find a way to prevent Reader fro

  • Colour profiles etc. workspace & pdf

    Hi there I know that there will always be a difference between onscreen and printed results. Although I would like to know what are the best settings to avoid a huge difference between the bright and colourful colours I get in InDesign when working o

  • Regarding the B.I 7 and docs

    Hi In my present project i need work on BI7.0,Still now i have a bit of experience in BW3.0B and 3.5.and also this project is starts from starting that mean preparing of docs.still now i don't have experience in those area So can any one one help out

  • Newbie books

    what is the best book for Log 7 beginner to get to Log8 with?