Hi,
I use my Windows Firewall in this way: I configured it to block all INBOUND/OUTBOUND traffic. After that I added my own exception rules using Windows Firewall Advanced Settings interface. The problem is that last week I realized 2 other rules that I had not added to my exception list were presented in the Windows Firewall rules. I removed that rules and scaned my computer with antivirus and it found and removed a virus.
I am very sure that virus added that exception rule. I know there is a Windows Firewall app that allows apps to add exceptions but it's unveliveable how easy it was to a virus add this exception. It is possible to disable Windows Firewall changes, allowing it only to be done manually? Is it possible to disable Windows Firewall API to prevent apps to add exceptions to Windows Firewall?