TF's custom rules are an excellent capability EXCEPT that the only allowed actions are "Allow" & "Quarantine." There is no option to simply "Deny" a given action by an otherwise safe process. If a process is quarantined, it ceases to function. Thus, the mere act of trying to block an outgoing connection by (for example) explorer.exe will cause explorer.exe to be quarantined, thereby causing bad things to happen. Thus, a "safe process" cannot be limited as to its actions. Any & all actions must be allowed BECAUSE the only other option is "Quarantine" -- which will "break" the process. It's an absurd limitation for an otherwise superb security app. Oddly enough, TF's proponents have long been aware of this fault, but user complaints have not yet resulted in a fix being made. I am posting this issue here at Wilders with the positive goal of perhaps motivating TF's programmers to give timely attention to this issue.