Deutsch | Français | Italiano

Frequently Asked Questions
How to Un-install
Start/Programs/Windows 10 Firewall Control/Uninstall.
How to register (Plus version only)
  • open the Registration form (W10FC TrayIcon/RightClick/Register)
  • put the VFC/XFC..... License code into the field at item 2
  • press "online" at item 3 (*)
  • check registration code (**) and press "register" at item 4 to store the code within the program.
(*) registration code or error message is displayed within a couple of seconds. "By e-mail" option will require manual up to 48+ hours processing at our side. So, the online method is more preferable.
(**) descriptive error message may be shown instead of registration code. Most probably because of (a) syntax/case errors in the License code, (b) incorrect usage of a License code from another version/product.
Re-registration is required after upgrade or re-installation onto a different media (backup restoration causes the media virtually changed sometimes). The registration code change confirms the re-registration was required for the reasons above.
Windows 10 Firewall Control and the Built-in Firewall
Windows 10 Firewall Control is based on Windows Filtering Platform (WFP), the security core of Windows 11/10/8/7/2008/2012/2016/2019/2022, completely and does not install any third party kernel drivers. The Built-in Firewall is based on the same WFP as well. The both products work independently entirely. You can switch the Built-in Firewall ON or OFF at your option due to complete product independence.
My Application is Blocked...
Windows 10 Firewall Control is based on Windows Filtering Platform (WFP) completely, as the result, some WFP specifics should be taken into consideration. _Any_ initial access attempt of _any_ unlisted application is rejected initially. The rejection is the only way to detect new application access by catching the blocking notification unfortunately. The blocking approach is useful as the firewall blocks any malware trying to send a personal data out on the start.
After the rejection is made, the default zone (DisableAll for the free version only) is applied to the application immediately and the "Edit Application" dialog is prompted to choose a security zone for the application. Pressing Apply (or ApplyOnce) the chosen zone is applied.
Applications make several attempts to reestablish the connection usually and the connection (if enabled finally) is established eventually. Some applications make only single connection attempt unfortunately, so you have to force "reconnection" attempt manually. The initial block occurs only once anyway, till the application is not listed only.
Mutable (Web) Installer Helpers
Setting "EnableAll"to an application and forcing the "reconnect" may be not enough to enable the application. The reason is simple typically. The application (web installer mostly) uses a dedicated separate downloading component/helper for every single download attempt. The helper is generated under a new name (or in a new directory) every time. So, the actual component appears new (unlisted, always rejected initially) to Windows 10 Firewall Control and the scenario of initial rejection repeats endlessly as the result. The helper has to be listed and enabled in advance, manually (before the application detection) to avoid that. AllApplications zone can be used to enable (temporarily) the destination address/port to all the applications as well.
Web browser set with LanOnly can connect worldwide.
The antivirus (AV) online network monitoring produces the unexpected behavior. Modern AVs are very nifty and trap web browsers and e-mail clients "inside" PC before the applications reach real network address on-the-fly. The applications (browsers/e-mail clients) interact with an AV related services locally and real network interaction goes through (in the name of) AVs as the result. Local traffic is important vitally mostly, expected safe and permitted by many predefined firewall rules. Disabling AV online monitoring disables the traffic trapping. The applications will issue the traffic directly and can be controlled/disabled normally after that. DisableAll set to the applications disables the local traffic only otherwise.
Multiple app(1), app(2) etc entries in Programs list.
The firewall distinguishes the applications by full path name, so C:\FolderA\ABC.EXE and C:\FolderB\ABC.EXE will be listed by the firewall separately. That is correct as the applications (executables) are different formally. However, if there are two (or more) instances of absolutely the same executable, the firewall adds (2),(3) etc suffixes listing instances of the executable separately. You can rename the applications in the list if it is required. There are some specific applications (usually installers or update checkers) those generate network active helpers for every single network access attempt. The helpers (executables) are generated randomly and named unpredictably usually, however the helpers are binary equal. As the initial access attempt is blocked by the firewall the helper is blocked accordingly (but listed), the parent application generates new helper under a different name then, the helper is blocked again and the process loops endlessly. If the activity is expected safe, the solution is creating a (temporary) applicationless rule to enable the destination for the updating/installation of any application via Events pane (check the manual for the details). The next helper generated will be permitted to reach the desired destination before the initial detection block as the result. TrayIcon/RightClick/Mode:EnableAll setting switches the firewall off finally. The update/installation can be made manually as well.
Leak found
There are some on-line leak tests saying "failed" to Windows 10 Firewall Control (W10FC). W10FC is based on Windows Filtering Platform (WFP), security core of Windows 11/10/8/7/2008/2012/2016/2019/2022 completely. (Note: The built-in Windows 11/10/8/7/2008/2012/2016/2019/2022 firewall is based on the same security core). So any leaks detected in Windows 10 Firewall Control should be addressed to Microsoft directly probably. Windows 10 Firewall Control is not able to affect quality of the underlying core neither positively nor negatively anyway, Windows 10 Firewall Control is a user friendly front-end to WFP.
On the other hand, there is no a big problem to write a program, which communicates with a site and displays "failed". No detailed information on the performed test is provided usually. The same tests claim that the world market leaders can not pass the test sometimes. The only program passed the test can be just a program advertised at the same page. Please make your own conclusion regarding the "purpose" of the tests.
The Firewall slows down the Internet/Computer.
The slowing down is hardly possible technically directly. Windows 10 Firewall Control does not process the traffic itself (excepting XP Edition); the firewall control just manages the filtering rules of WindowsFilteringPlatform (WFP) - the security core of Windows 11/10/8/7/2008/2012/2016/2019/2022. WFP processes the network traffic solely. An implicit impact could be possible though. Some applications being blocked (regardless partially or entirely, correctly or mistakenly) try to recover, change the behavior and start occupying more CPU/disk/network resources aggressively. TaskManager could help to clarify the problem and find a slowing down suspect. The application reconfiguration or update could help. Reasonable network permission adjustments to the application can be used as well.
Application is enabled, but notifications are coming
The notification balloon displays the entire blocked events regardless of the origin. So the blocking events shown may be originated by another program (WindowsFirewall) or even by the network "peer". Setting "TrayIcon/RightClick/Mode:EnableAll" helps to verify the blocking origin. The option switches the firewall off entirely.
"System" applications default zone
The Free version can not protect "system" applications, formally located in C:\windows\*. So, the Free version blocks any initial network access attempts of the "system" applications (as explained above), forcibly/implicitly sets "EnableAll" zone to the applications implicitly always and prompts you with "Now Enabled:" in the notification balloon. The behavior provides system/network related services with unlimited network access.
Multiple (prev) marked zones
If the upgrade includes a modified zone with the same name, the previous (customized optionally) zone is not overwritten unconditionally but saved and marked with (prev). The (prev) marked zones may be deleted easily if the zones are not customized or will not be required later. The overwriting can be prevented by naming the customized zone accordingly to the modifications made. The zones with equal names are updated only.
The portable version autostart
The portable version requires (real) administrative permissions for running in order to operate with the underlying network security core in full. So, the firewall must be elevated (via the UserAccessControl dialog) to be granted with the real administrative permissions. Windows 11/10/8/7 and Vista limit autostarted program from the full permissions because of the evident security risk, so putting the program in AutoStart folder will not work. The solution is launching the program via the scheduler granting the real administrative permissions to the firewall explicitly. The scheduled task has to be set as "Begin the Task" to "At Log on" (in the Trigger tab) and "run with highest privileges" (in the General tab) checked. All the other steps are as for any other scheduled application.