Jake Ludington's Digital Lifestyle

Mike writes, I recently installed an application that put a bunch of spyware on my system. I used Microsoft AntiSpyware to remove the spyware and now my Windows Firewall won't work. The Security Center warns me that I have no firewall active and when I try to start the Windows Firewall I get Error 10047: an address incompatible with the requested protocol was used. Can this be fixed or do I need to reinstall Windows?

I recently had a similar experience after installing a freeware app on my test system that dumped a payload of spyware during the install. Microsoft AntiSpyware caught all the junk, but when it finished cleaning the system, the Windows Firewall was disabled. It's fairly common for spyware applications to install something called a Layered Service Provider (LSP), which are used by the companies distributing spyware to gather information about Internet usage habits of the infected systems. LSP provides an access layer to Windows networking so that third-party developers can implement browsing rules enforceable at the operating system level. A common example of this would be creating a filter on your system that bans access to a specific Web site. This functionality is required for all Windows networking to function properly and there is a default configuration for LSP that is present in absence of a third-party alternative.

Microsoft AntiSpyware is technically still in beta, which means it's not an official software release. One of the few bugs it has relates to LSP. If Microsoft AntiSpyware detects spyware that alters the system LSP, it eliminates the spyware and the spyware LSP configuration. The bug is that Microsoft AntiSpyware currently doesn't restore the default LSP configuration.

To fix this problem you need to type in a command to manually reset the operating system default LSP. To perform a manual reset open the command line by going to Start > Run and typing cmd and then Enter. At the command prompt type netsh winsock reset and press the Enter key again. You need to reboot and your system should come back up with the Windows Firewall enabled.

As an aside, you may want to consider replacing the Windows Firewall with a more powerful alternative. While the Windows Firewall does a great job of blocking traffic coming from outside your system, it does nothing to prevent malicious apps from being able to send information from your computer. Using a free firewall like ZoneAlarm or Sygate will provide you with better protection than the Windows Firewall supporting more configuration options.

When All Else Fails

If following these steps did not solve your problem consider immediate live Tech Support Online.