[adiii]

Hi, i did everything you asked. What's next? I still have those shaded desktop.ini icons.

[Advertisements]

Hi,

The desktop.ini files are related to the customizing folder. If you have any custom icons, the desktop.ini will tell to the Windows how display him. If the desktop.ini is deleted, the customizing will disappear.

I will give instructions to you about how to hide the desktop.ini when we finish.

Please, run Farbar Service Scanner again and post the log.

[WhiteHat]

Hi,

The desktop.ini files are related to the customizing folder. If you have any custom icons, the desktop.ini will tell to the Windows how display him. If the desktop.ini is deleted, the customizing will disappear.

I will give instructions to you about how to hide the desktop.ini when we finish.

Please, run Farbar Service Scanner again and post the log.

[adiii]

Farbar Service Scanner Version: 22-07-2012
Ran by owner (administrator) on 17-08-2012 at 00:05:11
Running from "C:\Users\owner\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-09 22:02] - [2012-03-30 08:39] - 0905600 ____A (Microsoft Corporation) 27D470DABC77BC60D0A3B0E4DEB6CB91

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

[WhiteHat]

Hold down the Windows key + R on your keyboard. This will display the Run dialogue box:
Type services.msc and press [ENTER]

Search for the Windows Firewall service > Right-click and choose start

Repeat the instructions for the Internet Connection Sharing (ICS) service.

PS: Let me know if you received any error message

[adiii]

The windows firewall service was already running. I got the following error msg for ICS "The Internet Connection Sharing (ICS) service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs."

[WhiteHat]

Hi,

1. Reregister the ipnathlp.dll. To do this, follow these steps:

• Click in Start > Run and type regsvr32 ipnathlp.dll and then click OK two times.
• Restart the computer.

2. Manually start ICS (Internet Connection Sharing) service.

• Click Start, click Run, type services.msc, and then click OK
• Double-click Internet Connection Sharing.
• In the Service status area, click Start.
• If ICS does not start successfully, continue to step 3.

3. Click Start, click Run, type the following command, and then click OK:

Reg add HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters /v ServiceDll /t REG_EXPAND_SZ /d %SystemRoot%\System32\ipnathlp.dll

4. Restart the computer
5. Try to start the ICS (Internet Connection Sharing) service again.

[adiii]

When i try to run regsvr32 ipnathlp.dll i get the following error message "The module "ipnathlp.dll" was loaded but the entry-point DllRegisterServer was not found. Make sure that "ipnathlp.dll" is a valid DLL or OCX file and then try again"

[WhiteHat]

Ok. Go to Step 3:

3. Click Start, click Run, type the following command, and then click OK:

Reg add HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters /v ServiceDll /t REG_EXPAND_SZ /d %SystemRoot%\System32\ipnathlp.dll

4. Restart the computer
5. Try to start the ICS (Internet Connection Sharing) service again.

[adiii]

Hi

I did step 3 and i got the same error message as before when trying to start ICS.

[WhiteHat]

Hi,

• Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
• Type cmd and press [ENTER]
• Next, type Net Start SharedAccess and tell me the result.

[adiii]

Hi i get the following:

System error 5 has occurred.

Access is denied.

[WhiteHat]

Please set a new restore point before following these instructions:

• Go to Control Panel and select System
• Select System
• On the left select System Protection and accept the warning if you get one
• Select System Protection Tab
• Select Create at the bottom
• Type in a name i.e. SharedAccess
• Select Create

NEXT:

Type regedit into the start box and when regedit.exe populates in the window above > right click it and choose "Run as an Administrator"

Registry Editor will open.

Navigate to : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess

Right click on SharedAccess, click "Permissions" then "Administrators (Your_username-PC/Administators)" then tick "Full control" in "Allow" box, click OK:


Go to Start=>Run (alternatively use Windows key+R), type cmd and click OK.

Type Net Start SharedAccess and tell me the result.

[adiii]

I get the same error message.

System error 5 has occurred.

Access is denied.

[WhiteHat]

Hi,

Download the Reset Registry Permissions and run the tool.

Click in start.


Restart the computer.

Go to Start=>Run (alternatively use Windows key+R), type cmd and click OK.

Type Net Start SharedAccess and tell me the result

[adiii]

i still get the same error.

System error 5 has occurred.

Access is denied.