Since Windows Vista I have always been using the Windows Firewall with "blocked outgoing traffic". As this is not the default setting, some basic windows services seem not to be included as firewall rules on the outgoing side.
My Problem is with the Windows Update:
On Windows Vista and 7 it was sufficient to create a rule for "wuauserv".
On Windows 8.1 however this seems not to be enough. The UI gives me error code 80240438 and the WindowsUpdate.log shows the following lines:
--------
2014-06-14 20:11:08:150 952 538 IdleTmr WU operation (CAgentProtocolTalker::SyncUpdates_WithRecover) started; operation # 2044; does use network; is at background
priority
2014-06-14 20:11:08:151 952 538 WS WARNING: Nws Failure: errorCode=0x803d0010
2014-06-14 20:11:08:151 952 538 WS WARNING: Original error code: 0x80072efd
2014-06-14 20:11:08:151 952 538 WS WARNING: Fehler bei der Kommunikation mit dem Endpunkt bei "https://fe2.update.microsoft.com/v6/ClientWebService/client.asmx".
2014-06-14 20:11:08:151 952 538 WS WARNING: Fehler beim Senden der HTTP-Anforderung.
2014-06-14 20:11:08:151 952 538 WS WARNING: Der Remoteendpunkt konnte nicht erreicht werden.
(.... and a lot of similar WARNING lines)
2014-06-14 20:11:12:921 952 538 IdleTmr WU operation (CAgentProtocolTalker::SyncUpdates_WithRecover, operation # 2044) stopped; does use network; is at background priority
--------
If I create a rule for the whole svchost.exe, the update works fine. Giving all services internet access is however not an option for me. Could you please tell me through which service(s) except wuauserv Windows Update performs its network activities?