I have set up exceptions in the Firewall (in the Global Whitelisting) but it won’t stop blocking them all, even more than 24 hours after the change. It seems like it accepts SOME, and others it blocks.
I also don’t understand that according to the firewall event log, ALL traffic are local. That I KNOW isn’t right.
I also don’t understand why it apparently blocks spotify, chrome and msedge (amongst other things).
Another thing is, that if the log is to be believed, than svchost is a bad thing as it blocks traffic to/from it ALL the time.
part of the log:
2024/07/03 11:00:33 AM,C:\Windows\System32\svchost.exe,Block,IN,TCP,192.168.1.57,51060,192.168.1.43,7680,1
2024/07/03 10:59:15 AM,C:\Windows\System32\svchost.exe,Block,IN,TCP,192.168.1.29,50874,192.168.1.43,7680,1
2024/07/03 10:58:38 AM,C:\Windows\System32\svchost.exe,Block,IN,TCP,192.168.1.29,50851,192.168.1.57,7680,1
2024/07/03 10:57:57 AM,C:\Windows\System32\svchost.exe,Block,IN,TCP,192.168.1.29,50830,192.168.1.41,7680,1
2024/07/03 10:54:13 AM,C:\Windows\System32\svchost.exe,Block,IN,TCP,192.168.1.48,57621,192.168.1.43,7680,1
2024/07/03 10:53:13 AM,C:\Windows\System32\svchost.exe,Block,IN,UDP,192.168.1.1,49367,192.168.1.31,62665,1
2024/07/03 10:53:10 AM,C:\Windows\System32\svchost.exe,Block,IN,UDP,192.168.1.1,50098,192.168.1.31,62665,1
2024/07/03 10:53:07 AM,C:\Windows\System32\svchost.exe,Block,IN,UDP,192.168.1.1,54913,192.168.1.31,62665,1
2024/07/03 10:51:27 AM,C:\Windows\System32\svchost.exe,Block,IN,TCP,192.168.1.57,50995,192.168.1.43,7680,1
2024/07/03 10:50:52 AM,C:\Windows\System32\svchost.exe,Block,IN,TCP,192.168.1.57,50992,192.168.1.48,7680,1
2024/07/03 10:50:50 AM,C:\Windows\System32\svchost.exe,Block,IN,TCP,192.168.1.57,50993,192.168.1.41,7680,1
and
2024/07/02 08:06:41 PM,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,Block,IN,UDP,192.168.1.73,38901,192.168.1.71,64405,1
2024/07/02 08:06:39 PM,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,Block,IN,UDP,192.168.1.73,42999,192.168.1.71,64405,1
2024/07/02 08:05:55 PM,C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe,Block,IN,UDP,192.168.1.73,56239,192.168.1.71,64189,1
2024/07/02 08:05:53 PM,C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe,Block,IN,UDP,192.168.1.73,51902,192.168.1.71,64189,1
2024/07/02 08:05:49 PM,C:\Users\<user>\AppData\Roaming\Spotify\Spotify.exe,Block,IN,UDP,192.168.1.73,46744,192.168.1.71,52082,1
2024/07/02 08:05:46 PM,C:\Users\<user>\AppData\Roaming\Spotify\Spotify.exe,Block,IN,UDP,192.168.1.73,53675,192.168.1.71,52082,1
I even tried adding THIS to the whitelist: “C:\Program Files (x86)*|” and it STILL blocks things in that folder.
Is it just broken?