It doesn't state which app attemped that, just what it shows on the screenshot. It was me who asked about edge, and here it works. I ran the .reg file "Allow Only Core Networking + Allow Windows Update" and configured the WFC according to your screenshots. But i see that a lot of stuff is still allowed in the "WFC Manage Rules". I had to disable Store, SearchUI.exe, explorer.exe, etc. I believe these were the ones calling for msn-bot because since i blocked them i didn't saw it anymore. But the question is, shouldn't they be blocked by default? In Windows Firewall Advanced Settings i have the correct configuration, just like your .reg looks.
IP address blocking is uselss, you know that, right ? Both methods use the same approach through the Windows Firewall, which is currently the only way you could block actual services from the Internet instead of just .exe files.
CODYQX4, I did a reset "Restore Windows Firewall default set of rules" and merged again the .reg file and it looks good this time, WFC only reports Windows components now on the "Manage Rules" Regarding the screenshot, just checked and it looks just like yours, seems good now.
If you want Edge you will need to "Allow through windows firewall" by right clicking on MicrosoftEdge.exe and MicrosoftEdgeCP.exe located in C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe
Maybe but before the reset i took a look at Windows Firewall advanced settings and it only had your .reg entries (windows components + windows update). It did have Cortana entries but that was on WFC and i didn't add them. Weird, but it works good now, so no problem.
Windows Firewall Control is WELL worth the small $10 donation to have unlimited registered installs on unlimited systems. I've been a paid supporter of this fantastic program for years. Thanks for the information you've provided here, CODYQX4.
Good guide. But be aware that any program with admin privileges can modify and add rules in Windows Firewall very easily. Sadly there's no option to set custom password so that no new rules can be added or modified without user confirmation. On the other hand Windows Firewall Control does offer feature "Secure rules" it should theoretically fix that if it works like it's supposed to - but I didn't try yet. Also Windows connects to internet even before it fully boots up (at loading screen), Windows firewall is not yet active at that point, so effectively not everything is blocked - some traffic still comes through before windows starts. Also as per my testing last weekend (*) I found out that Windows Update did create a new rules without asking, so anyone going with this method I recommend always disconnect from internet (disable network adapter) before proceeding to install update(s) and check if any new rules were created during the update so that ou can delete them before going online again. * - forums.mydigitallife.net/threads/63874-REPO-Windows-10-TELEMETRY-REPOSITORY/page50?p=1129793&viewfull=1#post1129793
Might be a idea to try this same idea but with a third party firewall like Comodo which is a little more flexible and is freeware.
i'm afraid just microsoft owns your machine and systems. some of the traffic still flows through if you use windows built-in firewall or other built-in features. for example, as stated above by tolanri, on boot-up, before the fw comes to play data already gets exchanged with microsoft without even asking.. you set "permissions" on windows 10? yeah, only for yourself.
@ CODY - I've made an 'Allow' exception for WL Mail, but it still can't connect, any ideas? Worked fine for FF and uTorrent Also, peerblock is still blocking MS IPs? Shouldn't the firewall rules stop them before peerblock sees them?