Honestly speaking I do not know when exactly it happened and why, but one day I found out that the Windows Firewall service on my computer was stopped. Not a big deal, I tried to start it up and got the Access Denied error. Pretty short investigation showed that the service did not have permissions to modify the HKLM\SYSTEM\CurrentControlSet\services\SharedAccess registry key.
Even though it can be done via Registry Editor, I decided to spend a few more minutes to have a script for this.
Here it is:
$ACL = Get-ACL -path “HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess”
$Inherit = [system.security.accesscontrol.InheritanceFlags]”ContainerInherit, ObjectInherit”
$Propagation = [system.security.accesscontrol.PropagationFlags]”None”
$Rule = New-Object system.security.accesscontrol.registryaccessrule “NT SERVICE\mpssvc”,”FullControl” ,$inherit,$propagation,”Allow”
$ACL | Set-ACL
Note: The service name is “NT SERVICE\mpssvc” (with a space!), but after applying the change it’ll look like MpsSvc”