Windows 10 Firewall AGGRESIVELY resists any control!

firemcd

New Member
Joined
Sep 28, 2016
Messages
4
I have windows 10 Home with all current updates. Just in the last 3 weeks my firewall has become uncontrollable. ANY, meaning any, app or game gets a warning box thrown up immediatley and for some of my games, this kicks me from the server. When I add apps to exception list and hit OK, they are removed immediately. When I try to turn off the firewall both in the regular settings and in the advanced settings it immediately turns itself back on. It has made my gaming experience a nightmare. I do not need it really because I have AVAST firewall (currently off). When I turn AVAST firewall on and add exceptions it performs correctly. I am capable of registry edits and other intermediate fixes. Help please, so I can go back to controlling my computer and not the other way around. THIS SUCKKKKKS!
(Thank you for reading)
 


Solution
It wouldn't be too much work.
  • Download procmon Process Monitor
  • Launch procmon
  • Click on Filter > Filter...
  • Change the first drop down to Path, change the second to contains, in the text box type in part or all of the above mentioned path, click Add
  • Repeat for the other path, click Apply then Ok
  • Then try and add a rule you should see a RegSetValue Operation when you create it, in the result section if it says SUCCESS it was added, if it says something else let me know
  • If you see any RegDelete(key | value) look in the Process Name column and that will tell you what removed the rule
Windows firewall stores it's rules in the following locations
HKLM\Software\Policies\Microsoft\WindowsFirewall
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy

It's possible Avast or another application is removing the rules. You could download procmon and set up filters to watch these two paths. When something makes a change you will see an event in procmon.
 


AVAST is only running in Antivirus Mode, and was always there before operating the same as it is now BEFORE this problem began.
Windows firewall stores it's rules in the following locations
HKLM\Software\Policies\Microsoft\WindowsFirewall
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy

It's possible Avast or another application is removing the rules. You could download procmon and set up filters to watch these two paths. When something makes a change you will see an event in procmon.
Is there any way to use the above mentioned registry items to make this go away forever?
 


Not really, you need to determine why the rules are being removed or if they are not being written.
 


Neemobeer; that is beyond my skills. Is there anyone else here with a walkthrough of how to fix this? I cannot possibly be the only one suffering this....
 


It wouldn't be too much work.
  • Download procmon Process Monitor
  • Launch procmon
  • Click on Filter > Filter...
  • Change the first drop down to Path, change the second to contains, in the text box type in part or all of the above mentioned path, click Add
  • Repeat for the other path, click Apply then Ok
  • Then try and add a rule you should see a RegSetValue Operation when you create it, in the result section if it says SUCCESS it was added, if it says something else let me know
  • If you see any RegDelete(key | value) look in the Process Name column and that will tell you what removed the rule
 


Solution
While you are getting up the courage to run neemo's procedure, would you mind telling us what your Hardware is you are using to connect to the Internet with? Do you have 1 or 2 boxes that connect the computer with the above mentioned problem to the Internet? In other words do you have a box from your ISP that connects your home to the Internet via Broadband such as a Cable Modem (Charter, Comcast, Cox) or a DSL Modem (Verizon, Dish, AT&T U-verse)? If your Cable Modem box has 4 yellow ports on the back with RJ-45 connectors for Ethernet cables then it is a combo box which is a Broadband Modem with a built in router or Wi-Fi router function built in.

Next question is how does the affected computer connect to this box or boxes? Do you connect with a physical cable (Ethernet Cat5e or Cat6)? Or does it connect via wireless? Please post Make/Model of your Combo box connecting you to the Internet or the Make/Model of your Broadband Modem (provided to you by your ISP--Internet Service Provider) and the Make/Model of your router/Wi-Fi router.

This would help us to determine if your Broadband Cable Modem/Cable Modem Combo Box or Wi-Fi router has been affected by a hardware issue. Often what happens is that when your computer gets upgraded to the latest version of windows, the hardware firewall is often ignored. Your hardware firewall is in 1 or possibly 2 places; they live inside of the Broadband Cable Modem/Cable Modem Combo Box or Wi-Fi router. Most Broadband modems/modem combo boxes contain a hardware firewall as do most routers/Wi-Fi routers.

The point of this discussion is that when these boxes age, and the ISP's upgrade their networks, new versions of Windows contain components that no longer work the same way with Windows as they did before since your Windows (software) got updated but your hardware did not. :( This has been happening where I live the last 2 years with our 2 major ISP's, Charter and Verizon. What's often required is that you have to call up your ISP provider and ask them to do an "end-to-end" test on your Broadband Cable Modem/Cable Modem Combo Box to see if it has the latest firmware installed. Firmware is hard-coded programs that reside inside of the chips inside of your Cable Modem/Cable Modem Combo box. Those chips can be remotely re-programmed by your ISP technicians over the phone as long as you have Internet working at your home.

What often happens is that these boxes are over 2 years old, they will no longer be compatible with the latest versions of Windows on computers. :ohno: Therefore your ISP tech will attempt to update your boxes via remote control to update them with new programming. That new programming in turn will make your Broadband Cable Modem/Cable Modem Combo Box compatible with changes made to the new Windows version. This process can take a couple of hours on the phone so you'll need to clear some time on your schedule to do this. After your ISP updates your box's firmware, it should work properly with the new W10 update including it's firewall operation and all should be good! :up:.

If your ISP tech tells you that the "end-to-end" test fails on your Broadband Cable Modem/Cable Modem Combo Box, they will usually send you out a new box. :) This is often free of charge unless it's really old say more than 5 years old. :D In that case, when the new box shows up in your Mail, you simply open it up and replace the old one, turn your computer back on (it should be off for the installation), and the new box and it's updated electronics should work with the new W10. You're good to go! :up:

Another important note, when your ISP tech is testing your setup, they will most likely ask you to plug your computer or a laptop if you have one DIRECTLY into their Broadband Cable Modem/Cable Modem Combo Box via Ethernet cable, and not into the router/Wi-Fi router if you have a separate box for that. So, when you receive the replacement Broadband Cable Modem/Cable Modem Combo Box make certain that you remove the router/wif-router box from the back of the Broadband Cable Modem/Cable Modem Combo Box. This way you are only testing the replacement Broadband Cable Modem/Cable Modem Combo Box and your router/Wi-Fi router box is out of the picture! Once this test passes and when you fire up all your equipment and things are working normally including the hardware firewall, you can then shut everything down, and re-attach your router/wi-router to the back of the Broadband Cable Modem/Cable Modem Combo Box, and connect your computer once again to your router/Wi-Fi router via Ethernet cable or wireless connection whichever you are using now before the replacement occurs. With any luck, after you reconnect your router/Wi-Fi router back into the Broadband Cable Modem/Cable Modem Combo Box all will continue to work smoothly! :up:

If it doesn't, your router/Wi-Fi router box is most likely the culprit and you'll need to replace this unit at your own cost unless you purchased that box from your ISP along with your Broadband Cable Modem/Cable Modem Combo Box. These boxes are not that expensive, but can run from $60-$300 depending on the speed and distance capabilities of their wireless broadcast and coverage capabilities are. The better the coverage and faster the Wi-Fi speed, the more the box costs. :cash:

Checking neemo's procedure covers the software solution, but if that fails, you must also not forget to check the hardware as it plays an equally vital role in how your computer accesses the Internet.

Post back if you have further questions. We'll do our best to help you.:encouragement:

<<<BIGBEARJEDI>>>
 


My ISP is AT&T. I followed the advice above with them and it did not fix the problem. For now, I have Windows firewall disabled and Avast disabled and am using the free Comodo Firewall. Stumped......
 


Hi

Just my opinion, but this sounds like some kind of Malware to me.
Run Malwarebytes, and SuperAntiSpyware and see if it finds anything.

Windows shouldn't be overriding your preferences as to what the firewall blocks, but some kind of malware could be messing it up.

You aren't the only one having this problem, I see other people having similar issues.
Some did report that malware was the cause, but not all.

Free Anti-Malware & Malware Removal

SUPERAntiSpyware - Downloads

Just get the free versions, if you don't already have these.
I'm guessing that almost everyone here uses these, and they are safe to use.

Also run CCleaner to clean up the junk on your PC.

CCleaner 5.22.5724

Mike
 


The Windows firewall does do a good job of being a firewall. On the hand it isn't difficult to disable, add or delete rules provided a program has elevated access which is required to change any of those.
 


Back
Top