Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    766
    Location:
    North of the 38th parallel.
    Hello @Roberteyewhy

    @alexandrud may have much better and more appropriate advice. However, please read the https://support.malwarebytes.com/docs/DOC-1144 document and consider adding a startup delay to MB3 Real-Time Protections while Malwarebytes WFC is performing its startup housekeeping.

    If you do consider using the above technique, please update this thread with your experiences. Thank you.
     
  2. Roberteyewhy

    Roberteyewhy Registered Member

    Joined:
    Mar 4, 2007
    Posts:
    482
    Location:
    US
    Thanks,1PW. Will try. Yes, hoping to hear from alexandrud.

    Just cannot understand why after all these years this is occurring:eek:.

    Robert
     
  3. Roberteyewhy

    Roberteyewhy Registered Member

    Joined:
    Mar 4, 2007
    Posts:
    482
    Location:
    US
    Delayed MBAM startup. Restarted 3 times and no problems with MWFC. Will monitor and post accordingly.:thumb:

    Did not even dawn on me that MBAM was the culprit. Still have no clue why this is happening though.

    Thanks,
    Robert
     
    Last edited: May 28, 2019
  4. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    766
    Location:
    North of the 38th parallel.
    Hello @Roberteyewhy

    You may not wish to consider MB3 as a culprit but perhaps a momentary competitor for a common resource.

    Please try adjusting the startup delay time for MB3 Real-Time Protections downwards over the period of many days to see what minimum delay time is reliable. When you are confident with that new minimum working delay time, please post your results. This may ask the question if Malwarebytes WFC would benefit from a similar option...

    Cheers

    cc: @alexandrud
     
  5. Roberteyewhy

    Roberteyewhy Registered Member

    Joined:
    Mar 4, 2007
    Posts:
    482
    Location:
    US
    Already at the minimum of 15 seconds. I have nothing but errors in Event Viewer for MWFC. "Cannot connect to MWFC service. The service is not running."

    If MBAM does not show in the Systray before MWFC on restart, same problem.

    Thanks,
    Robert
     
  6. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    115
    Found out that those rules can be brought back in one go, with the PowerShell command found here. I did this yesterday but don't remember which one of the two it was.
     
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,761
    Location:
    Romania
    Please consider (M)WFC a total different software from MBAM, even if they are coming from Malwarebytes. WFC was just rebranded visually and is not integrated in any way with MBAM. Any protection module from MBAM may interfere with the startup of WFC. You can also set the startup of MWFC service to delayed startup and check the result.
     
  8. Roberteyewhy

    Roberteyewhy Registered Member

    Joined:
    Mar 4, 2007
    Posts:
    482
    Location:
    US
    Thanks, alexandrud. Running MWFC now. Have done the delayed startup (15 sec.) as suggested by 1PW. Sometimes it works and sometimes it doesn't. I thought that if MBAM loads in the Systray before either WFC or MWFC that both would work, but it's a crapshoot.

    What I do not understand Alex, is that for years I have run both MBAM and WFC together (no Delayed Start) with absolutely no problems. Then for a about a week, this has occurred with both MWFC and WFC and with backup images too. Those images when made, WFC worked perfectly...wouldn't make an image without testing first.

    Anyway, I have figured out a workaround as posted in page 201. Tedious but effective.

    If I figure this out, I will post...

    Thanks to you and 1PW,
    Robert

    P.S. Still an excellent software!:thumb:
     
    Last edited: May 28, 2019
  9. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,694
    Location:
    Europe then Asia
    so what about the integration? was the main promise.
     
  10. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,761
    Location:
    Romania
    What are you talking about? There was no promise, there was no plan for any integration. Parts of WFC will be included at some point in other MB products, but in the cloud corporate products. We will never see a MBAM+WFC together into the same product.
     
  11. Roberteyewhy

    Roberteyewhy Registered Member

    Joined:
    Mar 4, 2007
    Posts:
    482
    Location:
    US
    Good!

    Robert
     
  12. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    892
    Would have been better if this had been more clear. Since if you go to the Malwarebytes forum some users were expecting WFC to be integrated into MBAM.
     
  13. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,694
    Location:
    Europe then Asia
    +1 and even here.
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,643
    Location:
    The Netherlands
    BTW, I have not installed the newest version yet, but I still wonder why WFC sometimes can't add an allow rule for apps that are running sandboxed with the help of Sandboxie. I'm talking about the "click on a program window to allow connecting" button. It sometimes works, sometimes it doesn't. Can you take a look at this? Perhaps you can install Sandboxie and try to install a couple of apps with the "Run Sandboxed" context menu entry.
     
  15. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,761
    Location:
    Romania
    I will take a look at this. Does it happen randomly with some programs? Can you reproduce it with a specific application?
     
  16. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    148
    Location:
    Poland
    @Umbra
    yes corporate surveillance business is never going to end, that's why we have exploited backdoors in routers, or stuff like Intel AMT
     
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,643
    Location:
    The Netherlands
    I have just tested it. I can't add an allow rule for Opera, but it does work with Sumatra PDF. The allow rule for Opera shows up in red text in the Rules Panel. I think I reported this issue in the past, but I can't remember what the end conclusion was. Perhaps some problem with inter-process communication?

    https://www.opera.com
    https://www.sumatrapdfreader.org/free-pdf-reader.html
     
  18. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    115
    I'm having trouble with updating/installing Store apps lately. I think the current recommended WFC rules are not enough (if all else is blocked). Adding port 80 to the "WFC - Windows Update/svchost.exe" rule (instead of just 443) seems to help things a lot. Perhaps I've made a few more tweaks/additions but I can only remember this now.
     
  19. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,439
    Location:
    Canada
    Yes, svchost needs remote port 80 to Microsoft update server. There's a list of MS update server domain names here:

    -https://social.technet.microsoft.co...indows-update-servers?forum=winserversecurity

    You may know this already, but keep in mind "http" is remote port 80 while "https" is remote port 443
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.