Windows Firewall Error 1060, Unable To Start

Tavarin

New Member
Messages
5
Hi,

I recently got a virus (not sure which one) that disabled both my Windows Firewall and Windows Defender. I've done virus scans with AVG and ESET and after removing some trojans they are reporting the computer is clean. I also used Windows Malicious Software Removal tool, and it found no viruses.

With the computer cleaned I proceeded to follow the instructions given in this Solved Unable to start Windows Firewall - Page 2 - Windows 7 Forums (Specific instructions shown in quotes below).

I was able to start the BFE service after adding it to the registry without any problems but when I attempt to start the Windows Firewall service I get an error that states that it "could not start Windows Firewall on Local Computer". I queried the Windows Firewall service and get Error 1060.

If anyone knows how to fix this error please let me know.

Cheers

Download both the registry files

bfe.reg

firewall.reg

Launch and import them to registry

Restart your PC

Now,open RUN and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Now,open RUN and type

services.msc and click ok

start base filtering engine service and then windows firewall service

And:

Click Start, Run and type Services.msc
Right-click the Network Connections entry
Set its Startup type to Manual
Click Start to start the service
Right-click Windows Management Instrumentation
Set its Startup type to Automatic
Click Start to start the service.
 

My Computer

System One

  • OS
    Windows 8 Consumer Preview x64
    CPU
    AMD Phenom II 1090T
    Graphics Card(s)
    AMD Radeon 6970
    Monitor(s) Displays
    2x Acer P221w
    Screen Resolution
    1680x1090
Would you open a command prompt ant type:

sc query MpsSvc

Post the results.
 

My Computer

System One

  • OS
    Windows 7 x64 Ultimate/Windows 8.1/Linux
    CPU
    FX-8350
    Motherboard
    GA-990XA-UD3
    Memory
    16GB DDR3 Corsair Vengeance
    Graphics Card(s)
    HD7860
    Sound Card
    Xonar Essence STX
    Monitor(s) Displays
    Benq
    Screen Resolution
    1920x1080
    Hard Drives
    Various
    PSU
    Corsair HX 850W
    Case
    Corsair Obsidian
    Cooling
    Thermalright
    Keyboard
    Logitech
    Mouse
    Logitech
    Internet Speed
    50/50
    Browser
    firefox
Type : 20 WIN32_SHARE_PROCESS
State : 1 Stopped
Win32_exit_code : 1066 (0x42a)
Checkpoint : 0x0
wait_hint : 0x0
 

My Computer

System One

  • OS
    Windows 8 Consumer Preview x64
    CPU
    AMD Phenom II 1090T
    Graphics Card(s)
    AMD Radeon 6970
    Monitor(s) Displays
    2x Acer P221w
    Screen Resolution
    1680x1090
Could you check the permissions on the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy

Post here.

Also, can you check the following driver:

1. Select winkey + R
2. Type devmgmt.msc
3. Select View/Show Hidden Devices
4. Select Non-Plug and Play Drivers
5. Right click Windows Firewall Authorisation Driver
6. Check the status and report

It's also worth running a sfc /scannow for a command prompt
 

My Computer

System One

  • OS
    Windows 7 x64 Ultimate/Windows 8.1/Linux
    CPU
    FX-8350
    Motherboard
    GA-990XA-UD3
    Memory
    16GB DDR3 Corsair Vengeance
    Graphics Card(s)
    HD7860
    Sound Card
    Xonar Essence STX
    Monitor(s) Displays
    Benq
    Screen Resolution
    1920x1080
    Hard Drives
    Various
    PSU
    Corsair HX 850W
    Case
    Corsair Obsidian
    Cooling
    Thermalright
    Keyboard
    Logitech
    Mouse
    Logitech
    Internet Speed
    50/50
    Browser
    firefox
Clean install Windows after a low-level format of the drive.
 

My Computer

System One

  • OS
    8250 x86 + 7 SP1 x86 + Ubuntu 12.04 LTS x86
    CPU
    P4 3.4 GHz HT
    Motherboard
    MSI-7211
    Memory
    OCZ 2 GB DDR @ 400 MHz
    Graphics Card(s)
    HIS AGP HD 3850 Turbo Ice-Q
    Sound Card
    MOTU Traveler firewire interface
    Monitor(s) Displays
    Acer x223w
    Screen Resolution
    1680x1050
    Hard Drives
    WD Caviar Black 1 TB Sata II, WD 400 GB Sata I, WD 120 GB Sata I
    PSU
    300W generic
    Case
    Cybertron
    Keyboard
    Logitech Classic Keyboard 200, Dell RT7D20
    Mouse
    Logitech M510
    Internet Speed
    2 MByte/sec Down, 250 KByte/sec Up
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy

Post here.

Also, can you check the following driver:

1. Select winkey + R
2. Type devmgmt.msc
3. Select View/Show Hidden Devices
4. Select Non-Plug and Play Drivers
5. Right click Windows Firewall Authorisation Driver
6. Check the status and report

That registry entry doesn't exist on my system, and I'm unable to find the Firewall Authorization Driver.

Clean install Windows after a low-level format of the drive.

I'd rather try to fix it before starting from scratch. Last time it took me a week to get things running the way I like them again.
 

My Computer

System One

  • OS
    Windows 8 Consumer Preview x64
    CPU
    AMD Phenom II 1090T
    Graphics Card(s)
    AMD Radeon 6970
    Monitor(s) Displays
    2x Acer P221w
    Screen Resolution
    1680x1090
Anytime malware has corrupted a system, the only way to ensure your privacy, security and stability is to low-level format. Nobody at all could ever deem the machine malware free from this point on without low level format. There simply is no way to know what the malware has done at all.

Anything less and there is a significant risk the malware will return all on its own - especially the type that knows how to disable services.

So unfortunately, I am unwilling to offer any other advice than what I've given.

Killdisk is excellent to low-level format and Clonezilla is excellent to make images to restore from (after llf) in the case of a similar event happening.
 

My Computer

System One

  • OS
    8250 x86 + 7 SP1 x86 + Ubuntu 12.04 LTS x86
    CPU
    P4 3.4 GHz HT
    Motherboard
    MSI-7211
    Memory
    OCZ 2 GB DDR @ 400 MHz
    Graphics Card(s)
    HIS AGP HD 3850 Turbo Ice-Q
    Sound Card
    MOTU Traveler firewire interface
    Monitor(s) Displays
    Acer x223w
    Screen Resolution
    1680x1050
    Hard Drives
    WD Caviar Black 1 TB Sata II, WD 400 GB Sata I, WD 120 GB Sata I
    PSU
    300W generic
    Case
    Cybertron
    Keyboard
    Logitech Classic Keyboard 200, Dell RT7D20
    Mouse
    Logitech M510
    Internet Speed
    2 MByte/sec Down, 250 KByte/sec Up
Do you have anything under:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess

Can you also check:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE

It may be worth exporting all three keys, zipping them and attaching the zip to a post.

Finally, can you:

1. Open and Administrative command prompt
2. Type verifier /query > c:\drv.txt
3. Add the drv.txt to the zip file.
 

My Computer

System One

  • OS
    Windows 7 x64 Ultimate/Windows 8.1/Linux
    CPU
    FX-8350
    Motherboard
    GA-990XA-UD3
    Memory
    16GB DDR3 Corsair Vengeance
    Graphics Card(s)
    HD7860
    Sound Card
    Xonar Essence STX
    Monitor(s) Displays
    Benq
    Screen Resolution
    1920x1080
    Hard Drives
    Various
    PSU
    Corsair HX 850W
    Case
    Corsair Obsidian
    Cooling
    Thermalright
    Keyboard
    Logitech
    Mouse
    Logitech
    Internet Speed
    50/50
    Browser
    firefox
Under shared access I only have an entry called Epoch.

BFE and MpsSvc are there. I've zipped all of them and attached them with the drv file.
 

Attachments

  • Registry.zip
    11.4 KB · Views: 349

My Computer

System One

  • OS
    Windows 8 Consumer Preview x64
    CPU
    AMD Phenom II 1090T
    Graphics Card(s)
    AMD Radeon 6970
    Monitor(s) Displays
    2x Acer P221w
    Screen Resolution
    1680x1090
Really think it's an unwise choice to not follow my advice, but by all means, of course you're welcome to continue with your choice here.

Even if you find a way to fix your firewall, your machine for 100% fact is highly unstable at this moment how it stands. <<< Not only is that true, it's a major clue to what is stopping the firewall from starting in the first place. 3rd party junk.

Either that, or the malware actually uninstalled the service or deleted files necessary for the service to start.

Without low level format to guarantee clean HDD and then clean install of Windows, this current install is doomed to be plagued, and will cause so many more problems then its worth.
 

My Computer

System One

  • OS
    8250 x86 + 7 SP1 x86 + Ubuntu 12.04 LTS x86
    CPU
    P4 3.4 GHz HT
    Motherboard
    MSI-7211
    Memory
    OCZ 2 GB DDR @ 400 MHz
    Graphics Card(s)
    HIS AGP HD 3850 Turbo Ice-Q
    Sound Card
    MOTU Traveler firewire interface
    Monitor(s) Displays
    Acer x223w
    Screen Resolution
    1680x1050
    Hard Drives
    WD Caviar Black 1 TB Sata II, WD 400 GB Sata I, WD 120 GB Sata I
    PSU
    300W generic
    Case
    Cybertron
    Keyboard
    Logitech Classic Keyboard 200, Dell RT7D20
    Mouse
    Logitech M510
    Internet Speed
    2 MByte/sec Down, 250 KByte/sec Up
Really think it's an unwise choice to not follow my advice

That's fair, but with my system I'm running 5 hard drives with years of work files and too much to lose. I can't just format everything (and if this virus is as bad as you think it's in everything at this point). I stupidly haven't backed up in months, and I can't risk plugging the backup drive back in to add my more recent files. I wish I could easily just reformat and restore from a recent backup, but at this point I can't, and I have too much on this to lose.
 

My Computer

System One

  • OS
    Windows 8 Consumer Preview x64
    CPU
    AMD Phenom II 1090T
    Graphics Card(s)
    AMD Radeon 6970
    Monitor(s) Displays
    2x Acer P221w
    Screen Resolution
    1680x1090
Unfortunately, problems can easily have the chance of migrating to all of your other computers too if any of them were worms. There's a large base of malware that looks to spread itself across lans.

I never said I think what you had was bad. I said there is no way to know. It likely deleted Windows files or uninstalled service(s) - I would consider that bad with the potential to having done much worse that you don't even know of.
 

My Computer

System One

  • OS
    8250 x86 + 7 SP1 x86 + Ubuntu 12.04 LTS x86
    CPU
    P4 3.4 GHz HT
    Motherboard
    MSI-7211
    Memory
    OCZ 2 GB DDR @ 400 MHz
    Graphics Card(s)
    HIS AGP HD 3850 Turbo Ice-Q
    Sound Card
    MOTU Traveler firewire interface
    Monitor(s) Displays
    Acer x223w
    Screen Resolution
    1680x1050
    Hard Drives
    WD Caviar Black 1 TB Sata II, WD 400 GB Sata I, WD 120 GB Sata I
    PSU
    300W generic
    Case
    Cybertron
    Keyboard
    Logitech Classic Keyboard 200, Dell RT7D20
    Mouse
    Logitech M510
    Internet Speed
    2 MByte/sec Down, 250 KByte/sec Up
Under shared access I only have an entry called Epoch.

BFE and MpsSvc are there. I've zipped all of them and attached them with the drv file.

looking at the differences between your exported registry files and default keys, I'm not sure it's worth trying to correct this in situ, there's just to many anomalies. I think, at this point, you have a couple of choices, you could follow the advice given by GMan, or you could attempt either:

Refresh Windows 8
or
Reset Windows 8

The main difference between them is, a refresh will attempt to retain any personal data on the system volume, whereas a rest will not. Obviously, a reset is more thorough and in your situation, would probably be preferable.
 

My Computer

System One

  • OS
    Windows 7 x64 Ultimate/Windows 8.1/Linux
    CPU
    FX-8350
    Motherboard
    GA-990XA-UD3
    Memory
    16GB DDR3 Corsair Vengeance
    Graphics Card(s)
    HD7860
    Sound Card
    Xonar Essence STX
    Monitor(s) Displays
    Benq
    Screen Resolution
    1920x1080
    Hard Drives
    Various
    PSU
    Corsair HX 850W
    Case
    Corsair Obsidian
    Cooling
    Thermalright
    Keyboard
    Logitech
    Mouse
    Logitech
    Internet Speed
    50/50
    Browser
    firefox
Back
Top