Archive for the 'Windows Software Tips' Category

NOD32 Antivirus v3.0 Firewall error

Published on August 16, 2008 in Anti-virus Firewalls and Malware, Windows Software Tips and Windows XP. Comments

“Failed to read firewall configuration”

Getting this error when you run v3.x of NOD32 Antivirus? I was and it was tricky finding a solution. Here is what worked.

The Cause

I had installed NOD32 Security Suite by mistake. I uninstalled the Security Suite, restarted the computer, and then installed the Antivirus. Upon system startup NOD32 AV would give the “Failed to read firewall configuration” error. If I tried to go into the Setup it would also give the “Failed to read firewall configuration” error. I uninstalled, reinstalled, did repair installs, etc., and nothing got rid of this.

Hunting through the registry I found that NOD32 Security Suite had not uninstalled completely and had left a lot of data in the registry. Here’s the steps I went through to fix this error:

  1. Uninstall NOD32 Antivirus
  2. Reboot
  3. Delete the folders at these locations:

    C:\Documents and Settings\YOURUSERNAME\Application Data\ESET
    C:\Documents and Settings\ALL USERS\Application Data\ESET

  4. Check your network connection properties (usually Local Area Connection if you are on a LAN). Look to see if NOD32 Firewall is listed in the the “This connection uses the following items” on the General Tab. Uninstall it if it is.
  5. Reboot. Reinstall NOD32. See if it works now.
  6. If it still does not work then the final resort is the following steps
  7. Uninstall NOD32 again
  8. Get a good registry editing tool (perhaps a free one or one that gives a fully functional trial), backup your registry, save a system restore point, and then delete all lines in the registry that have “ESET” in them and which have “EPFW” [upper and lower case] (stands for “eset personal firewall”) in them. I deleted perhaps a hundred or more. I did not find any with “epfw” in them which were not Eset Firewall related. But you might, so check what you are deleting first.
  9. Look for files in c:\windows\system32\drivers which have epfw at the beginning of the filename. There might be three or four. Delete them.

That should fix it.

Technorati Tags: ,

Fixing Access Issues on Windows Home Networking

Published on March 3, 2008 in Networking, Windows Software Tips and Windows XP. Comments

Many people report that one or more computers can’t connect to other computers on their Windows NT / XP / Vista based workgroup networks. Sometimes it’s not possible to access another computer on the network — it won’t appear in the workgroup at all. Other times it appears but then it can not be accessed. Errors like the following may occur:

  • “Login failure: the user has not been granted the requested logon type at this computer”
  • “(XXXX) is not accessible. You might not have permission to use this network resource.
    Contact the administrator of this server to find out if you have access permissions.
    The list of servers for this workgroup is not currently available.
  • Or perhaps you manage to access the PC but it always wants a password and user name to be entered to browse its files?

Here are a few things to check locally on the PC that you are having trouble accessing from another PC on the network. These solutions all assume you are using Windows XP. I would suggest you retry the connection after EACH of these steps… as you may not have to apply all of them. Also, I list these in no specific order.

  1. Guest access may have been disabled.
    Go to Admististrator Tools > Local Security Policy. Then Local Policies > User Rights Management.
    Find “Deny access to this computer from network”. Double-click it if “Guest” is in that list, and remove “Guest”
  2. Go to START > RUN > type in “CMD”
    In the command prompt type in: net user guest /active:yes
  3. Change the networking Node-type to “mixed”. You can check it is set to something else by typing “ipconfig /all” into a command prompt. To change it to “mixed”:
    Start Manu > Run > Type in “regedit” (without the “”) and hit enter.
    Go to this key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netbt\Parameters
    When you click on parameters you should have “DhcpNodeType” or just “NodeType”
    Change the value to 4 (mixed type).
    More info here: http://support.microsoft.com/?id=160177

    If that key does not exist at all (which was the case on my PC) you can create it. Create a new DWORD Value by right clicking on the right panel of the registry editor. Give it the name “DhcpNodeType” and a value of 4

  4. Make sure your third party firewall is not blocking sharing on the local network (see the support site for your firewall system for more info)
  5. If you have Windows Firewall enabled then you’ll also want to ensure that there is an exception set to allow Windows file and print sharing. Google that to find out how if you are not already sure.
  6. Follow the steps found in this article http://support.microsoft.com/kb/913628 in order to allow anonymous access.
  7. Install “NWLink IPXSPXNetBIOS Compatible Transport Protocol” to your Networking configuration:

    8. 1. Go to Control Panel, and select “Network Connections”;
    2. Right-click with your mouse your Network Connection and select “Properties”;
    3.  On the “Connection Properties” screen, select the “Install” tab;
    4. On the “Select networking Component” screen select “Protocol” double-click the > Add…” Tab;
    5. On the “Select Network Protocol” screen, select “NWLink IPXSPXNetBIOS Compatible Transport Protocol” and click the “OK” tab to install the protocol.

  8. In the above Security Policy go to Local Policies > Security Options.
    Find “Network access: Sharing and security model for local accounts”. Set it to “Guest Only - Local users authenticate as guest”
    I DON’T RECOMMEND THIS LAST STEP. Use it as a last resort if all else fails and if it fixes your problem. Why? Because it will prevent you from controlling who can access the various resources you share. All shares will be accessible to the Guest account, meaning you can’t lock out users from anything you share.

The last two options are last resort steps to try. Many people find step 7 resolves the access issues they experience. But I think this step is simply side-stepping another issue that can usually be fixed directly with one of the other actions/changes I’ve outlined.

Let me know which, if any, of these steps fixes your access issues.

Automated Update Checking

Published on November 29, 2007 in Windows Software Tips. Comments

With the fast pace of computer and software development these days, it can be close to impossible to keep up with the latest versions of whatever applications you might be using. I use quite a few apps and most of them get behind in the updates because I don’t want to spend lots of time monitoring when a new version comes out. Some of them include built in update checking, and these are typically the only ones that stay up-to-date on my computer.

FileHippo has released a great looking Update Checker. I just ran it and within 9 seconds it came back with a report of 11 applications with outstanding updates, and links to each of the update downloads. One of them was Firefox which I keep pretty on top of with updates, but a new update come out in the last day or two, and FileHippo Update Checker was on to it.

Technorati Tags: ,,

Latest Windows Live Writer update

Published on July 9, 2007 in Blogging, Internet Topics and Windows Software Tips. Comments

There is a new version (at long last) of Windows Live Writer available. I’ve not tried it yet as I am just downloading it now. If you want to check it out go to http://writer.live.com/

As mentioned in a previous post, having tried nearly all of the various desktop blog editors available (paid and free) I considered Live Writer (the version I am typing in now) to be a close contender as the best one to use. Let’s put it this way, it’s currently the only one I bother to use. Hopefully the new version will fill out the various “missing features” I wanted. I’ll let you know.

Jonathan

Microsoft Sysinternals

Published on December 4, 2006 in Windows Software Tips and Windows XP. Comments

In July 2006 Microsoft purchased the Sysinternals utilities suite. All the various utilities from this suite are now available from Microsoft’s web site. Many of these free tools are very useful for the advanced Windows user and administrator.

The Sysinternals web site was created in 1996 by Mark Russinovich and Bryce Cogswell to host their advanced system utilities and technical information. Microsoft acquired Sysinternals in July, 2006. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications. If you have a question about a tool or how to use them, please visit the Sysinternals Forum for answers and help from other users and our moderators.

Featured Resources

File and Disk Utilities
Utilities for viewing and monitoring file and disk access and usage.
Networking
Networking tools that range from connection monitors to resource security analysers.
Processes & Threads
Utilities for looking under the hood to see what processes are doing and the resources they are consuming.




Security Utilities
Security configuration and management utilities, including rootkit and spyware hunting programs.
System Information
Utilities for looking at system resource usage and configuration.
Miscellaneous
A collection of diverse utilities that includes a screen saver, presentation aid, and debugging tool.

There is also a great video library of many Windows troubleshooting topics.

Sysinternals Video Library
Sysinternals Video Library

We’re pleased to announce The Sysinternals Video Library, a set of six DVDs that cover essential Windows troubleshooting topics. Each video is personally presented by Mark Russinovich and David Solomon. The complete set is available for order at a discounted price and the first video, Tour of the Sysinternals Tools, is free for download.

Securing Access to Terminal Server

Published on September 18, 2006 in Windows Software Tips. Comments

The how-to available at msterminalservices.org outlines a nifty way to tightly control exactly which client installations (which PCs) can access your Terminal Server over RDP. It’s free to impliment and is fairly simple to do. Check it out.

Microsoft OneCare Fails

Published on July 26, 2006 in Anti-virus Firewalls and Malware and Windows Software Tips. Comments

I am not sure how Microsoft manage to do it. It’s just one of those ongoing mysteries in this world of ours…

Microsoft is one of the largest companies in the world, with more money and technical resource than any other software developer in Earthly existence, and yet they consistently fail to turn out software that does what one would expect it to do (and without doing all sorts of crap one would not expect nor want it to do). Microsoft are preparing to launch their first attempt at a full firewall product called OneCare. It one seem that OneCare is more than one step away from caring enough to be worth using as a firewall system. I refer to the following media release from Agnitum, the highly respected makers of Outpost Firewall (a product I’ve been using for a few years now).

Concern expressed over low level of customer protection provided

28 JUNE 2006, ST.PETERSBURG, RUSSIA - SAN JOSE, CALIFORNIA. The firewall security experts at Agnitum, developers of the widely-acclaimed Outpost Firewall product family, have conducted an in-depth analysis of Microsoft’s new OneCare Firewall, part of Microsoft’s “Live” security initiative. The results are so far below industry standards that the company felt obliged to share the results of its analysis with the public.

Highlights of the report include the following:

  • The OneCare firewall failed all but the simplest leak tests and does not offer even the most basic intrusion detection capability, leaving users’ PCs wide open to being hijacked into a botnet

  • The OneCare firewall database of pre-approved applications is very small, and adding each new application requires several user interactions and a reboot

  • Application access rules are limited to ‘allowed’ and ‘not allowed’ - users cannot configure different rules for different types or times of usage, such as allowing IE to connect with some but not all websites

  • Similar limitations apply to network file access and remote desktop operations

  • The Windows Defender anti-spyware component of OneCare imposes significant delays on program execution, and is updated on a separate schedule than other OneCare components

Agnitum engineers also found compatibility issues with OneCare - but not the ones they had expected. Before installing the software, they already had a firewall running, as would most people. OneCare did not request the de-installation of any existing firewall, so Outpost Firewall Pro was left in place. OneCare worked smoothly alongside Outpost Firewall Pro - so smoothly that Outpost was the first to monitor the system, ask questions and protect the user, not OneCare.

The full analysis can be found on the Agnitum website at http://www.agnitum.com/r/firewall/onecare/

“Microsoft has tried to create software for novice users, making it very limited in settings and customization. The problem is, they’ve gone too far. OneCare is too simple. Yes, it’s easy to use. But unfortunately, it doesn’t provide much protection,” says Alexey Belkin, Chief Software Architect at Agnitum. “This ‘one product for everyone’ attempt is likely to end up being ‘one product for no one.’ The product itself looks like it was designed as a mandatory part of the operating system, and that is simply shortchanging users who haven’t yet decided what security solution to invest in.”

The business community worldwide, as well as the firewall security vendor community, has reacted swiftly to the appearance of this new player, not only from a technology perspective but also from the point of view of Microsoft’s business practices. Reactions concerning “predatory pricing” (first discussed by Sunbelt president Alex Eckelberry in his blog http://sunbeltblog.blogspot.com/2006/06/microsoft-practices-predatory-pricing.html) are arising, primarily that Microsoft is setting artificially low prices. But “cheap” doesn’t equal “good value,” as can be seen in the Agnitum analysis of the OneCare firewall.

“No one is underestimating the potential impact of Microsoft entering the Internet Security market, but at Agnitum we are seeing this development having more positive than negative effects,” says Mikhail Penkovsky, Global VP of Sales & Marketing at Agnitum. “The updating of the Windows Firewall in Vista makes a clear statement that the personal firewall is a must-have; Outpost and other third-party firewalls will still be there for customers when they realize - as many will - that the protection provided by OneCare is extremely limited. Our key distributors and resellers are in full agreement that OneCare is nice to look at but that’s pretty much all there is to it.”

About Agnitum ltd.

Founded in 1999, Agnitum (www.agnitum.com) is committed to delivering and supporting high quality security software products. The company’s headline products are Outpost Firewall Pro, securing personal and family computers, and Outpost Network Security, ensuring reliable endpoint protection and performance for small business networks. Agnitum firewall technology is licensed by Novell, Sophos, and Lavasoft.

Microsoft Baseline Security Analyzer (MBSA)

Published on July 11, 2006 in Windows Software Tips. Comments

Microsoft has a free tool called “Microsoft Baseline Security Analyzer” or MBSA for short. If you use Windows XP then this can be a useful tool for checking up on your computer’s security status in accordance with MS security recommendations. Here’s the intro to it from Microsoft.

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.

MBSA 2.0 offers an intuitive user interface and more informative dialogs compared to previous versions. Using the new Windows Update Agent and Microsoft Update catalog, MBSA 2.0 has automatically expanding product support.

It’s home page lives here… Microsoft Baseline Security Analyzer (MBSA).

Bad Behavior has blocked 142 access attempts in the last 7 days.