Hello! I have Windows 2008 R2 standard server with SQL 2008 and Configuration Management system installed. This is virtual vmware server. After updates released 9.8.2011, inbound network connectivity to this server does not work because firewall service is not running. Outbound connection from this server works fine. Error messages: Windows could not start the Windows Firewall on Local Computer. Error code 5. and The Windows Firewall service terminated with spesific error Access is denied. I already did some fixes, but none of them solved the problem: netsh winsock reset secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbosem (this resets security permission of entire Windows OS) service is running with Local Service permission Windows Firewall Authorization Driver works propertly In registery key CurrentControlSet\services\mpssvc has been added NT Service\mpssvc account with full control Please help!

Please help! Any ideas? Next I have in mind, to start this virtual machine from 2008 R2 installation media, and try to recover or reinstall it.

I pull this up once again, if there would be any MVP starting his week at the office :) I have 2 other options in mind, before re-installing the system: - to renew WMI by deleting wbem\repository - to re-join server do domain What do you guys thing?

I´ve been fighting with this server whole evening. These has been tried not: - group policy with firewall service and rules has been applied - same GPO with firewall has been disabled - WMI has been rebuild - server has been dropped from domain to workgroup - service still not starting - server has been joined to domain again, no change

I´m aware of this article and I replaced 3 registery paths with copies I got from server where Firewall service works fine: http://blogs.technet.com/b/networking/archive/2011/06/08/the-windows-firewall-service-fails-to-start-introduction.aspx

Just pulling this up once again. After I copied registery keys from other server, even Base Filtering Engine fails to start now because of access denied. Local Service account is used to start this service, as it should by default.

Anyone? Please help! I tried 2 more things: - I started server in restore mode command promt and tried to do sfc /scannow with proper windir and winboot options. - I tried to repair WMI with wmimgmt.exe No help! Here are 3 important logs: Event 7023, WMI Driver service terminated, access is denied Event 7024, Windows Firewall service terminated, access is denied Event 10009, DistributedCOM cannot be found. Not installed or corrupted. You can install or repair the component.

I got firewall service up by resetting security inheritance of firewall registery key. Still, WMI driver service does not come up, and the bigger issue I have, I cannot join this machine back to domain. I have now DistributedCOM Event 10009 happening all the time. How can I reset the operating system settings by the best way?

Now I have another server with exact same situation...

I had the same problem: Windows Firewall would not start. If I clicked a button to start the firewall in dialog, it would just fail. If I tried from the command line, with net start mpssvc, it would give me Error 5. To fix it, I followed the steps here - http://support.microsoft.com/kb/943996 . Mostly. I had to resort to some extra steps, which I will describe below. First - The article says it applies to Windows Vista, but I have Windows 7 and it applied to Windows7 as well, at least in my case. I found several problems with the article, described here: The article includes a link to a "Fix it" program which is intended to provide an automated way to apply the required fixup. It sounds like a good idea but it did not work for me. The fixit ran, but after 45 seconds it said "The problem is still present" or something like that. It was ineffective. This is a shame because the diagnosis of the problem in the article is EXACTLY RIGHT. I then went through the steps described for manually editing the security permissions on the registry keys associated to HKLM\CurrentControlSet\Services\SharedAccess as described in the article. The article provides enumerated steps to do this. The list of steps is missing one critical step, between step 2 and 3, which is , click Add.... The article says I need to modify the ACL for the Epoch key, and the ACL on 2 different Parameters keys. I did this, adding permissions for the MpsSvc user to the ACLs on these keys, remembering to perform the missing step I just described. Then I tried restarting the service with net start mpssvc. It failed once again with the same error - ENOACCESS, 0x5, Access is denied. I then examined a working Windows7 computer and checked the ACL for these keys. On the working computer the Epoch2 key also had access for the MpsSvc User. I modified that ACL as well, and then tried restarting - it worked. The original scenario was a Windows 7 computer running McAfee Security Center, or whatever its called. I didn't want that, because McAfee seemed to be interfering with multiple other programs that needed to download and install updates - Java, Flash, Zune. So my idea was to scrap McAfee and replace it with the free Microsoft Security Essentials. I stopped and uninstalled McAfee, and here I had to resort to a special Mcafee-provided tool to uninstall. (That McAfee requires a special install tool ought to be a crime). After uninstalling McAfee and installing MSE, the Windows Firewall could not or would not start. I found that the registry keys in HKLM\CurrentcontrolSet\Services\MpsSvc were completely missing. Nice one, McAfee! So in order to fix THAT, I had to export the appropriate regkey tree from a working Windows7 computer, and then import it on the ailing computer. I don't actually know if that step was necessary, because when I tried net start mpssvc after importing the reg keys, the firewall still did not start. But it seemed that adding the missing regy keys was at least benign. It could be that the firewall once started would have created those keys anyway. I don't know. In any case, try doing the copy/graft I described here if you still have the problem. Good luck to everyone, and Happy Thanksgiving. This problem REALLY, REALLY should not be so complicated.

Try this http://winplat.net/post/2011/10/07/Troubleshooting-for-Services-issue-on-Windows-2008-R2.aspx

above link has been moved here http://winplat.net/post/2011/10/07/Troubleshooting-for-Services-issue-on-Windows-2008-R2.aspx

Hi There, Try the following link to resolve - worked for me! The cause is due to the BFE service failing usually due to permissions - the firewall is dependent on the BFE: Base Filtering Engine Service failed to start That should help.

I needed the permission for Epoch2 as well. Thank you for documenting this. After adding the additional step for key on Epoch2 the firewall started right up again.