It seems as much as we look into changing, tweaking, etc, there's always more crap phoning home.
I was working on a script, like 1000 others, to block via blacklist, but it has proven futile so far.
So, I'm going to take the approach I use with my browser: Block EVERYTHING by Default unless specified.
We're going to use Windows Firewall and some preconfigured registry, and WFC for our little setup...
Here's the base registry (Blocks Everything by Default, even Windows Updates):
Allow Only Core Networking + Block Windows UpdateSpoiler:Code:Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"CoreNet-DHCP-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=68|RPort=67|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|Name=@FirewallAPI.dll,-25301|Desc=@FirewallAPI.dll,-25303|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-DHCP-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=68|RPort=67|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|Name=@FirewallAPI.dll,-25302|Desc=@FirewallAPI.dll,-25303|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-DHCPV6-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=546|RPort=547|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|Name=@FirewallAPI.dll,-25304|Desc=@FirewallAPI.dll,-25306|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-DHCPV6-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=546|RPort=547|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|Name=@FirewallAPI.dll,-25305|Desc=@FirewallAPI.dll,-25306|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-DNS-Out-UDP"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|RPort=53|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-25405|Desc=@FirewallAPI.dll,-25406|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-GP-LSASS-Out-TCP"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\lsass.exe|Name=@FirewallAPI.dll,-25407|Desc=@FirewallAPI.dll,-25408|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-GP-NP-Out-TCP"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|RPort=445|App=System|Name=@FirewallAPI.dll,-25401|Desc=@FirewallAPI.dll,-25401|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-GP-Out-TCP"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Name=@FirewallAPI.dll,-25403|Desc=@FirewallAPI.dll,-25404|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP4-DUFRAG-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=1|ICMP4=3:4|App=System|Name=@FirewallAPI.dll,-25251|Desc=@FirewallAPI.dll,-25257|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-DU-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=1:*|App=System|Name=@FirewallAPI.dll,-25110|Desc=@FirewallAPI.dll,-25112|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-LD-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=132:*|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-25082|Desc=@FirewallAPI.dll,-25088|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LD-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=132:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25083|Desc=@FirewallAPI.dll,-25088|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LQ-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=130:*|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-25061|Desc=@FirewallAPI.dll,-25067|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LQ-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=130:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25062|Desc=@FirewallAPI.dll,-25067|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LR-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=131:*|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-25068|Desc=@FirewallAPI.dll,-25074|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LR-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=131:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25069|Desc=@FirewallAPI.dll,-25074|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LR2-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-25075|Desc=@FirewallAPI.dll,-25081|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LR2-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25076|Desc=@FirewallAPI.dll,-25081|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-NDA-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=136:*|App=System|Name=@FirewallAPI.dll,-25026|Desc=@FirewallAPI.dll,-25032|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-NDA-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=136:*|Name=@FirewallAPI.dll,-25027|Desc=@FirewallAPI.dll,-25032|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-NDS-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=135:*|App=System|Name=@FirewallAPI.dll,-25019|Desc=@FirewallAPI.dll,-25025|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-NDS-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=135:*|Name=@FirewallAPI.dll,-25020|Desc=@FirewallAPI.dll,-25025|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-PP-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=4:*|App=System|Name=@FirewallAPI.dll,-25116|Desc=@FirewallAPI.dll,-25118|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-PP-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=4:*|Name=@FirewallAPI.dll,-25117|Desc=@FirewallAPI.dll,-25118|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-PTB-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=2:*|Name=@FirewallAPI.dll,-25001|Desc=@FirewallAPI.dll,-25007|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-PTB-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=2:*|Name=@FirewallAPI.dll,-25002|Desc=@FirewallAPI.dll,-25007|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-RA-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=134:*|RA6=fe80::/64|App=System|Name=@FirewallAPI.dll,-25012|Desc=@FirewallAPI.dll,-25018|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-RA-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=134:*|LA6=fe80::/64|RA6=LocalSubnet|RA6=fe80::/64|RA6=ff02::1|Name=@FirewallAPI.dll,-25013|Desc=@FirewallAPI.dll,-25018|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-RS-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=133:*|App=System|Name=@FirewallAPI.dll,-25009|Desc=@FirewallAPI.dll,-25011|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-RS-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=133:*|RA6=LocalSubnet|RA6=fe80::/64|RA6=ff02::2|Name=@FirewallAPI.dll,-25008|Desc=@FirewallAPI.dll,-25011|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-TE-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=3:*|App=System|Name=@FirewallAPI.dll,-25113|Desc=@FirewallAPI.dll,-25115|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-TE-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=3:*|Name=@FirewallAPI.dll,-25114|Desc=@FirewallAPI.dll,-25115|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IGMP-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=2|App=System|Name=@FirewallAPI.dll,-25376|Desc=@FirewallAPI.dll,-25382|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IGMP-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=2|App=System|Name=@FirewallAPI.dll,-25377|Desc=@FirewallAPI.dll,-25382|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IPHTTPS-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=IPTLSIn|LPort2_10=IPHTTPSIn|App=System|Name=@FirewallAPI.dll,-25426|Desc=@FirewallAPI.dll,-25428|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IPHTTPS-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort2_10=IPTLSOut|RPort2_10=IPHTTPSOut|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|Name=@FirewallAPI.dll,-25427|Desc=@FirewallAPI.dll,-25429|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IPv6-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=41|App=System|Name=@FirewallAPI.dll,-25351|Desc=@FirewallAPI.dll,-25357|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IPv6-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=41|App=System|Name=@FirewallAPI.dll,-25352|Desc=@FirewallAPI.dll,-25358|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-Teredo-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=Teredo|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|Name=@FirewallAPI.dll,-25326|Desc=@FirewallAPI.dll,-25332|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-Teredo-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|Name=@FirewallAPI.dll,-25327|Desc=@FirewallAPI.dll,-25333|EmbedCtxt=@FirewallAPI.dll,-25000|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"WindowsUpdate-IPAddress-65.55.163.222-Out"="v2.24|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=65.55.163.222|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (65.55.163.222)|Desc=Outbound rule to allow Windows Update IP (65.55.163.222)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-157.56.96.123-Out"="v2.24|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=157.56.96.123|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (157.56.96.123)|Desc=Outbound rule to allow Windows Update IP (157.56.96.123)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-157.55.240.220-Out"="v2.24|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=157.55.240.220|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (157.55.240.220)|Desc=Outbound rule to allow Windows Update IP (157.55.240.220)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-191.234.72.183-Out"="v2.24|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=191.234.72.183|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (191.234.72.183)|Desc=Outbound rule to allow Windows Update IP (191.234.72.183)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-191.234.72.186-Out"="v2.24|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=191.234.72.186|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (191.234.72.186)|Desc=Outbound rule to allow Windows Update IP (191.234.72.186)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-191.234.72.188-Out"="v2.24|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=191.234.72.188|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (191.234.72.188)|Desc=Outbound rule to allow Windows Update IP (191.234.72.188)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-191.234.72.190-Out"="v2.24|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=191.234.72.190|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (191.234.72.190)|Desc=Outbound rule to allow Windows Update IP (191.234.72.190)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPRange-173.223.204.0-173.223.204.255-Out"="v2.24|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=173.223.204.0-173.223.204.255|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP Range (173.223.204.0-173.223.204.255)|Desc=Outbound rule to allow Windows Update IP Range (173.223.204.0-173.223.204.255)|EmbedCtxt=Windows Firewall Control|"
Allow Only Core Networking + Allow Windows Update*Spoiler:Code:Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"CoreNet-DHCP-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=68|RPort=67|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|Name=@FirewallAPI.dll,-25301|Desc=@FirewallAPI.dll,-25303|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-DHCP-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=68|RPort=67|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|Name=@FirewallAPI.dll,-25302|Desc=@FirewallAPI.dll,-25303|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-DHCPV6-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=546|RPort=547|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|Name=@FirewallAPI.dll,-25304|Desc=@FirewallAPI.dll,-25306|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-DHCPV6-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=546|RPort=547|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|Name=@FirewallAPI.dll,-25305|Desc=@FirewallAPI.dll,-25306|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-DNS-Out-UDP"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|RPort=53|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-25405|Desc=@FirewallAPI.dll,-25406|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-GP-LSASS-Out-TCP"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\lsass.exe|Name=@FirewallAPI.dll,-25407|Desc=@FirewallAPI.dll,-25408|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-GP-NP-Out-TCP"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|RPort=445|App=System|Name=@FirewallAPI.dll,-25401|Desc=@FirewallAPI.dll,-25401|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-GP-Out-TCP"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Name=@FirewallAPI.dll,-25403|Desc=@FirewallAPI.dll,-25404|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP4-DUFRAG-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=1|ICMP4=3:4|App=System|Name=@FirewallAPI.dll,-25251|Desc=@FirewallAPI.dll,-25257|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-DU-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=1:*|App=System|Name=@FirewallAPI.dll,-25110|Desc=@FirewallAPI.dll,-25112|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-LD-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=132:*|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-25082|Desc=@FirewallAPI.dll,-25088|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LD-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=132:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25083|Desc=@FirewallAPI.dll,-25088|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LQ-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=130:*|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-25061|Desc=@FirewallAPI.dll,-25067|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LQ-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=130:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25062|Desc=@FirewallAPI.dll,-25067|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LR-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=131:*|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-25068|Desc=@FirewallAPI.dll,-25074|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LR-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=131:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25069|Desc=@FirewallAPI.dll,-25074|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LR2-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-25075|Desc=@FirewallAPI.dll,-25081|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-LR2-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25076|Desc=@FirewallAPI.dll,-25081|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-NDA-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=136:*|App=System|Name=@FirewallAPI.dll,-25026|Desc=@FirewallAPI.dll,-25032|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-NDA-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=136:*|Name=@FirewallAPI.dll,-25027|Desc=@FirewallAPI.dll,-25032|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-NDS-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=135:*|App=System|Name=@FirewallAPI.dll,-25019|Desc=@FirewallAPI.dll,-25025|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-NDS-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=135:*|Name=@FirewallAPI.dll,-25020|Desc=@FirewallAPI.dll,-25025|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-PP-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=4:*|App=System|Name=@FirewallAPI.dll,-25116|Desc=@FirewallAPI.dll,-25118|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-PP-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=4:*|Name=@FirewallAPI.dll,-25117|Desc=@FirewallAPI.dll,-25118|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-PTB-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=2:*|Name=@FirewallAPI.dll,-25001|Desc=@FirewallAPI.dll,-25007|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-PTB-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=2:*|Name=@FirewallAPI.dll,-25002|Desc=@FirewallAPI.dll,-25007|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-RA-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=134:*|RA6=fe80::/64|App=System|Name=@FirewallAPI.dll,-25012|Desc=@FirewallAPI.dll,-25018|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-RA-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=134:*|LA6=fe80::/64|RA6=LocalSubnet|RA6=fe80::/64|RA6=ff02::1|Name=@FirewallAPI.dll,-25013|Desc=@FirewallAPI.dll,-25018|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-RS-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=133:*|App=System|Name=@FirewallAPI.dll,-25009|Desc=@FirewallAPI.dll,-25011|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-RS-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=133:*|RA6=LocalSubnet|RA6=fe80::/64|RA6=ff02::2|Name=@FirewallAPI.dll,-25008|Desc=@FirewallAPI.dll,-25011|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-ICMP6-TE-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=3:*|App=System|Name=@FirewallAPI.dll,-25113|Desc=@FirewallAPI.dll,-25115|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE|"
"CoreNet-ICMP6-TE-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=3:*|Name=@FirewallAPI.dll,-25114|Desc=@FirewallAPI.dll,-25115|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IGMP-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=2|App=System|Name=@FirewallAPI.dll,-25376|Desc=@FirewallAPI.dll,-25382|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IGMP-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=2|App=System|Name=@FirewallAPI.dll,-25377|Desc=@FirewallAPI.dll,-25382|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IPHTTPS-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=IPTLSIn|LPort2_10=IPHTTPSIn|App=System|Name=@FirewallAPI.dll,-25426|Desc=@FirewallAPI.dll,-25428|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IPHTTPS-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort2_10=IPTLSOut|RPort2_10=IPHTTPSOut|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|Name=@FirewallAPI.dll,-25427|Desc=@FirewallAPI.dll,-25429|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IPv6-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=41|App=System|Name=@FirewallAPI.dll,-25351|Desc=@FirewallAPI.dll,-25357|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-IPv6-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=41|App=System|Name=@FirewallAPI.dll,-25352|Desc=@FirewallAPI.dll,-25358|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-Teredo-In"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=Teredo|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|Name=@FirewallAPI.dll,-25326|Desc=@FirewallAPI.dll,-25332|EmbedCtxt=@FirewallAPI.dll,-25000|"
"CoreNet-Teredo-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|Name=@FirewallAPI.dll,-25327|Desc=@FirewallAPI.dll,-25333|EmbedCtxt=@FirewallAPI.dll,-25000|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"WindowsUpdate-IPAddress-65.55.163.222-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=65.55.163.222|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (65.55.163.222)|Desc=Outbound rule to allow Windows Update IP (65.55.163.222)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-157.56.96.123-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=157.56.96.123|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (157.56.96.123)|Desc=Outbound rule to allow Windows Update IP (157.56.96.123)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-157.55.240.220-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=157.55.240.220|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (157.55.240.220)|Desc=Outbound rule to allow Windows Update IP (157.55.240.220)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-191.234.72.183-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=191.234.72.183|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (191.234.72.183)|Desc=Outbound rule to allow Windows Update IP (191.234.72.183)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-191.234.72.186-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=191.234.72.186|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (191.234.72.186)|Desc=Outbound rule to allow Windows Update IP (191.234.72.186)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-191.234.72.188-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=191.234.72.188|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (191.234.72.188)|Desc=Outbound rule to allow Windows Update IP (191.234.72.188)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPAddress-191.234.72.190-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=191.234.72.190|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP (191.234.72.190)|Desc=Outbound rule to allow Windows Update IP (191.234.72.190)|EmbedCtxt=Windows Firewall Control|"
"WindowsUpdate-IPRange-173.223.204.0-173.223.204.255-Out"="v2.24|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=80|RPort=443|RA4=173.223.204.0-173.223.204.255|App=%WINDIR%\\system32\\svchost.exe|Name=Windows Update IP Range (173.223.204.0-173.223.204.255)|Desc=Outbound rule to allow Windows Update IP Range (173.223.204.0-173.223.204.255)|EmbedCtxt=Windows Firewall Control|"
*IMPORTANT: Windows Update IPs may vary from person or region. Those were what I needed for it to work.
ALWAYS MAKE A COPY OF YOUR REGISTER BEFORE TRY THIS
Source: http://forums.mydigi...lock-EVERYTHING
This can be reinforced with a local DNS proxy installed on your machine: http://reboot.pro/to...xy/#entry195379
EDIT: We can also use Windows Firewall Control for easier management.
Notes:
1. Be warned that this setup is for someone with the time and knowledge to put up with apps, network services, the entire internet, etc, not working, and to figure out what is needed to whitelist. There is a log feature in WFC that will help you view connections, but it's mostly trial and error if you're trying to unblock something like Windows Update (in case by registry above doesn't work for you).
2. Don't blindly enable WFC Recommended Rules. It allows the Windows Store to talk to the internet, in case you don't want that.
3. I tested with a fully activated WFC. You will not have Notification Levels to control if not activated.
4. This may cause lower level services and networking to fail (even LAN Drives). It may require more effort than simply right click to whitelist to handle said services.
5. Some apps may have multiple exe files that need whitelisted to fully function. You'll likely only need to worry about EXE files.
6. Unless Microsoft compromises their own Firewall Software (which is terrible as it should do what it is told, and the Pro and up version are supposed to be Enterprise grade (*cough*), this should kill all possibilities for talking to MS, except those you knowingly (or unknowingly, with too permissive whitelisting) allow via WFC.
EDIT 2: If you want to dowlnoad this see: http://reboot.pro/fi...ock-everything/
Best Regards
alacran
Edited by alacran, 15 September 2015 - 10:28 PM.