Windows Firewall Control (WFC) by BiniSoft.org

You open source people are funny.

 

You do not upset me but your request can't have a positive result. The new owner payed a good amount of money for the source code and for my knowledge and for my future help for the new product. They won't make it open source, that's for sure. Fixing things in code written over the years in a large code base, by someone else is not something trivial.

 

I'm in front of my machines. I have one Windows 10 version 1803 installed from scratch from an ISO file and one Windows 10 updated to the same version 17134.48 through Windows Update. WFC works normally on both these two machines. I don't see any errors related to WFC in Event Viewer and Connections Log works as expected. I use only Windows Defender and no other security software. Is there anything else that I should try? When you check the details of the errors about reading the security event log, does it contain any other info? Thank you.

 

Damn that's not good that you can't reproduce, I also only use Windows Defender and WFC as my security software goes, and I get this error every time I check event viewer on a fresh boot, once I clear Event Viewer logs (which I do often) the error won't show up again until I reboot my PC.,

I've also had the "errors about reading the security event log" before too, but not everytime and I'm not sure how to 100% reproduce that one.

 

I get the error consistently on both my computers running Win 10 Pro V1803. Both were installed from scratch a few months ago. The only other security software is Windows Defender. Disabling UAC and software restriction policy does not help.

The error says (with a different index each time):

Reading Security log failed.
Exception: System.ArgumentException: Index 21722 is out of bounds. at System.Diagnostics.EventLogInternal.GetEntryAt(Int32 index) at WindowsFirewallControl.Proxy.ProxyServer.GetLogConnections(Int32 logEntries, Int32 direction, Int32 eventId)

 

I also get that empty security log (and error) with WFC running (Windows 1803) as a standard user account. However, when I am active as administrator account the event log is working correctly. So I'm thinking it has to do with administratieve rights.

 

@nickelson

I haven't tested that all on my new 1803. However, that's a good finding, thanks - and which should be solvable then from Alexandru.

 

Sorry, after several tests I must conclude that I have been too optimistic. Now also as administrator the security log often remains empty.

 

I was going to say, I have one account and one account only and it's setup as an administrator, so it's not that.

 

It happens upon booting or rebooting into Windows.

When opening the WFC [Connections Log] with [Auto refresh on open] checked, [Connections Log] is empty and event id 323 is logged.

Then, subsequent clicks of [Refresh list] do not populate the [Connections Log] but yield additional event id 323 entries.

However, once [Clear log] is clicked, [Refresh list] and the [Connections Log] begin to work normally with no more additional event id 323 entries, until the next Windows boot.

Event ID 323. Error. Reading Security log failed. Exception: System.ArgumentException: Index <> is out of bounds. at System.Diagnostics.EventLogInternal.GetEntryAt(Int32 index) at WindowsFirewallControl.Proxy.ProxyServer.GetLogConnections(Int32 logEntries, Int32 direction, Int32 eventId)

 

You're right, I find the same result.

 

i predicted it

 

There are worse companies then Malwarebytes, so this is fine news by me. Congrats on the paychecks Alexandrud.

Though I do feel their main product has gone to **** since Windows 10, and they did recently kill off that other smaller malware program not to long ago that they acquired, heres hoping WFC doesn't become bloated and that there's a lightweight standalone option.

 

Nightmare to lose Alexandrud...but thanks and good luck!

 

i think it will change like adwcleaner. better luck next time.

 

Read this - link:

https://press.malwarebytes.com/2018...xpand-security-offering-and-global-footprint/

Gordon7

 

Congrats to Alexandru Dicu!

This must be a very exciting time for him, and WFC really is a pretty good tool. Now let's see what Malwarerbytes will do with it, I'm guessing they will integrate it into Malwarebytes for Windows, and hopefully the standalone WFC will stay. BTW, didn't even know they bought Saferbytes a year ago.

https://www.zdnet.com/article/malwarebytes-acquires-italian-security-firm-saferbytes/

 

Still no update on this... I hope this bug can get squashed, it's really annoying.

 

Sad time... Another good software bites the dust... So long Alexandrud, and thanks for all the fish

 

Not necessarily...MB may well keep the standalone version as well as integrating some of the WFC elements in their other offerings.

 

Well, I'm happy Alex has a decent pay-scale coming in, he deserves it.

Anyway, technical question. I have some address ranges (a.b.c.d-a.e.f.g) blocked outbound, but it seems I need to poke holes in the shield: will Windows Firewall get horribly confused if I Allow (a.b.d.e) out in the blanket range? Or should I get more granular in the Block Rule?

This is a wonderful front-end, but much study is required to understand the magic of the back end.

 

Everything will be good and understandable.
1. Create one allowed rule for the IP Range you need.
2. Create one common blocked rule for IP Range 1 and for IP Range 2.

https://www.wilderssecurity.com/thr...c-by-binisoft-org.347370/page-99#post-2594982
https://www.wilderssecurity.com/thr...-by-binisoft-org.347370/page-100#post-2598780

 

I hope they make the standalone into a free beta, like with Anti-Exploit.

 

I thought I read on zdnet article that they didn't reveal the pay. How would you know?