Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    There is a way. The last version which allows standard user accounts to make changes to Windows Firewall without elevated privileges will remain 6.9.9.1. Us that version and do not update WFC to a newer version. Below is the download URL for it: https://binisoft.org/download/old/6991/wfc6setup.exe
    Security event log is used to log everything or nothing. There is no way to exclude specific processes from being logged. This is something handled by the OS and can't be changed by WFC. When there is no Internet, there is no connection blocked or allowed, this is why the log is empty when there is no Internet connection. Once you are connected to a network, packets of data start to move around :)
     
  2. ahzs

    ahzs Registered Member

    Joined:
    Jan 25, 2021
    Posts:
    4
    Location:
    World
    I know about this version and I have this version as well. But it doesn't make much sense for the future. So would it be possible for you to implement the feature? Thank you
     
  3. Etincelle

    Etincelle Registered Member

    Joined:
    Feb 9, 2007
    Posts:
    7
    Hi,
    I use the experimental feature and it is very useful for Windows applications.:thumb:

    But it is often necessary to manually delete the red rules whose path no longer exists

    In a future version would it be possible to automatically delete these unnecessary red rules?

    Have a nice day.
     
  4. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,506
    Location:
    Flat Earth Matrix
    As long as it will not be mandatory, some apps can be used only temporarily, like TOR.
     
  5. Paul04

    Paul04 Registered Member

    Joined:
    Mar 4, 2020
    Posts:
    11
    Location:
    Colorado
    TOPIC: Rules for SVCHOST

    I have a simple question regarding creating a Block rule on "svchost.exe".

    I realise that this may have been asked before, but I did perform a search on the Wilders forum with "svchost" as a keyword and it brought up so many results I gave up after reading about a dozen page hits. I knew the answer to this once upon a time but I am just setting up a new PC for someone so I want to double check and not mess up.

    My question relates to the attached image, which shows my WFC panel that will create a WFC rule on svchost.exe (current showing Allow, but I want to change that to Block)

    There is a Service named "MS ac sign-in assistant" in the Service field of the panel (this service is just an example; I am looking for an answer that would apply to any Service).

    If I create a block rule here I expect that:
    (1) any instance of svchost used by the "MS ac sign-in assistant" service will be blocked
    (2) all other instances of svchost.exe will NOT at all be affected in any way (i.e. be allowed out)

    Is that correct?

    wfc_question2.jpg
     
  6. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    Yes, this is how it should work to block a service. The opposite is not always true. I mean, if you allow a specific service, it doesn't mean it will always work. This is because some services are expected to work on certain protocols and ports and if the allow rule is too generic it will be ignored. Since you setup this for someone else, I suggest to allow svchost.exe to connect on remote ports 80,443 no matter of the service and add svchost.exe in the notifications exceptions list. If you start creating block rules for certain instances for svchost.exe you will end up at some point to block Windows Store, Windows Update and other OS functionalities. svchost.exe is a legitimate process used by Microsoft services. My recommendation is to use Windows Firewall to allow/block third party programs/games, not the OS.
     
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    An invalid rule may be just temporary for a file from a mounted drive, for a portable app. There is no plan to automatically delete these rules. The user must review the rules and decide which rule to delete.
     
  8. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    5,034
    Location:
    .
    On Windows 11 23H2 fully updated and WFC 6.11.0.0
    When I right click on the systray icon to change Filtering profile, color doesn't changes, it stays green.
    Dashboard indicates the profile has changed.
    Don't ask when or what WFC version it started because it's been a month since I don't switch profiles, I think.
    I disabled some Microsoft Defender components, perhaps it's related?
    https://sendvid.com/geq0g90p
     
    Last edited: May 14, 2024
  9. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,155
    Location:
    Lunar module
    That's weird. Try installing WFC over or a clean install, or restoring the system from a backup. On Windows 11 22H2 with v6.9.9.1 everything is fine.
     
  10. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,506
    Location:
    Flat Earth Matrix
    Code:
    https://www.elevenforum.com/t/rebuild-icon-cache-in-windows-11.2049
    https://www.elevenforum.com/t/reset-notification-icons-on-taskbar-system-tray-in-windows-11.247
     
  11. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,155
    Location:
    Lunar module
    This removes icons that are "stuck" under the tray arrow after uninstalling programs. It does not affect the display of the active program icon, imho.
     
  12. Paul04

    Paul04 Registered Member

    Joined:
    Mar 4, 2020
    Posts:
    11
    Location:
    Colorado
    Thank you for the explanatory detail in your reply.
     
  13. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    Please check WFC event log. If you restart the process wfcUI.exe then the icon reports correctly the profile? The problem seems to be with the callbacks which don't get from the service back to the UI. See if there is any log entry related to this. Someone else reported a similar behavior 2 weeks ago over email but did not reply back to my answer. So far you are the second user with this problem which I could not reproduce.
     
  14. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    5,034
    Location:
    .
    Nothing relevant there.
    Nope.

    Well if you can't reproduce then troubleshoot in my machine remotely. I got nothing confidential in it so you can freely connect to it.
     
  15. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    Unfortunately this is not an option for me. I don't have enough time for troubleshooting problems on remote machines. I will try to see if I can reproduce this on my side somehow.
     
  16. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    233
    When deleting a rule, there's a "Do not show again" option. If that is enabled, an option to restore it doesn't seem to exist? I could only disable it by importing all user settings from file.
     
  17. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    691
    Location:
    Switzerland
    @AmigaBoy

    Maybe this is possible in registry:

    Look for:
    Computer\HKEY_CURRENT_USER\SOFTWARE\BiniSoft.org\Windows Firewall Control

    And there the key:
    UserConfirmDeletion
     
  18. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    233
    Thanks. Yes, I looked in the registry (didn't try it) but since this change is made within the UI, it makes sense to be able to revert it within the UI, too.
     
  19. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    A lot of things makes sense, but keep in mind that WFC is still a one man show, which is good and also bad.

    Please open a CMD prompt and execute the following command:
    reg delete "HKCU\Software\BiniSoft.org\Windows Firewall Control" /v "UserConfirmDeletion" /f
    Now, if you try to delete another firewall rule you will be prompted to confirm the action.
     
    Last edited: May 17, 2024
  20. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    233
  21. Etincelle

    Etincelle Registered Member

    Joined:
    Feb 9, 2007
    Posts:
    7
    Hi,

    (Tip for those who don't use Geforce Experience Nvidia, but need the Nvidia control panel)


    Nvdisplay.container.exe telemetry is blocked for me but requests a connection about 30 times per day in the WFC log.
    We can stop that.

    Go to:
    C:\Windows\System32\DriverStore\FileRepository\nvamig.inf_amd64_72a8482547fd21bc\Display.NvContainer\plugins

    In LocalSystem folder delete 3 files:
    _DisplayDriverRAS.dll
    _NvMsgBusBroadcast.dll
    _nvtopps.dll

    In Session folder delete 2 files:
    _NvGSTPlugin.dll
    _nvprofileupdaterplugin.dll

    After that, Nvdisplay.container.exe will stop trying to connect and the Nvidia control panel will still work. :)
     
  22. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,155
    Location:
    Lunar module
    Install NVidia drivers without telemetry and without any other garbage. NVCleanstall or NVSlimmer. Additionally NVSlimmer can repackage the installation distribution without unwanted components.
     
  23. Rules

    Rules Registered Member

    Joined:
    Mar 3, 2009
    Posts:
    730
    Location:
    EU
    can't found a clear answer :
    wfcui.exe request outbound on port 80 (blocked in the logs)
    Do i have to create a rule or leave it blocked?
    Could you explain please ?
    Thanks
     
  24. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,506
    Location:
    Flat Earth Matrix
    I believe that is Windows check to verify the validity of digital signature, not really required.

    capture_05212024_073114.jpg
     
  25. Rules

    Rules Registered Member

    Joined:
    Mar 3, 2009
    Posts:
    730
    Location:
    EU
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.