Hello. I'm very new to using TinyWall, installed it a couple of days ago, on a Windows 7 machine. First of all, I'm very impressed by the efficiency and minimalism of this program. A couple of questions come to mind though, so maybe I could try asking them here. 1. A couple of times when I've put TinyWall in learning mode for a short time, a bizarre entry has appeared at the end of the exceptions list. Its icon is a red X, it's listed as an executable, and the application name and path are both listed as "-". If I click it, it's listed in the window as "Unknown application". Well, I've just removed it from the list if it's appeared. So, what could it be? Seems like an invalid item of some kind. Could it have something to do with the fact that when I didn't know what I was doing (or, well, I still don't, which is why I'm asking questions), I was clicking "Unblock" on "System" in the "Show blocked apps" list, until I noticed it couldn't really be done. The mysterious red X hasn't reappeared lately, but then again I haven't needed to go back to learning mode for a while. I'll attach a screenshot here if I can: at the top of that picture is that mysterious last line of the exceptions list, and below that is the window that opens if I click it. https://imgur.com/a/f4ucVCD 2. What to do about all this Windows traffic, block or allow? I realize this is potentially a gigantic topic, and I'm not expecting easy answers, but pointers / opinions / best practices would be helpful. I think my earlier firewall just let almost all Windows traffic through, and that seemed to be all right. I see that TinyWall on the other hand blocks a lot of Microsoft connections by default, but I guess that's all right too? I read in the FAQ that "System" and "svchost" can't even be categorically unblocked in TinyWall, for security reasons. I guess that in TinyWall choosing what Windows connections to allow happens mostly in the "Special Exceptions" tab, which I've left at defaults, and I suppose that's enough to let Windows work as expected. But yeah, whenever I look at the connections blocked in the last 5 min, it's always shown as blocking several system connections. What are those connection attempts all about, what things fall under the "System" heading there? Another thing I've noticed is that although "System" and "svchost" can't be unblocked, other Windows processes will eventually end up on the "Application Exceptions" list if learning mode is used - so far, "lsass.exe", "services.exe", "wininit.exe". And that's another question that confuses me somewhat, should I let those things be there or should I remove them from the list? Or does it make very little difference if any? Initially I let them be there, because I thought Windows knows what it's doing, but now I've removed them from the list, because I guess allowing only the Windows connections listed in "Special Exceptions" is enough and doesn't hamper Windows functioning in any way? 3. This one's not a question really but more of an enhancement suggestion: how about adding another column to the application exception list that shows the type of exception (e.g. unrestricted / outgoing) in the list view without having to click each entry separately to see it? 4. And this one's another feedback thing rather than a question: I notice there's a lot of useful information buried in this discussion thread that's not in the FAQ or anything, but this thread is rather long and some of the useful information might be buried too deep in here. One thing in particular that confused me for a while was whether to keep Windows Firewall on or off, that one's not in the FAQ and unfortunately there's conflicting information about it on the internet. Luckily I browsed this discussion far enough back to find the developer's post #1938, which has the information I was looking for (so, keeping the Windows Firewall also on). Thanks for a very fine firewall.