Stripping out Symantec Client Security problem

Posted on by

As part of testing, I was playing with a couple of laptops with Symantec Client Security.

Removing Symantec when smoothly, that was until I tried to enable the Window XP Sp 2 firewall after rebooting.

This charming error appeared when I attempted to start the Firewall service:

Error 0×80004015: The class is configured to run as a security id different from the caller

I guessed that Symantec had mangled something in the registry and hadn’t clean it up on removal.

After a bit of digging KB892199 provide to have the answer. Basically the permissions in two registry keys were stuffed up.

Using my mastery of the batch file, I knocked up this as part of a script to prepare a system for Forefront install

REG DELETE HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Security /f
REG DELETE HKLM\SOFTWARE\Classes\AppID\{ce166e40-1e72-45b9-94c9-3b2050e8f180} /f

After a reboot the XP firewall started up as if Symantec had never been there.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>