From Rules Panel you could always select the service name when defining a firewall rule. Only recently the notification dialog is able to recognize that service based on the Process ID. Before this, you had to look in Task Manager and check which service had that Process ID. Now, WFC does this automatically. Yes, there are still connections which are not under a specific service name. I usually ignore them. A block rule will always overwrite any allow rule because block rules have higher precedence than allow rules. These are too many feature requests. Probably none of them will see the daylight in the near future. Remember that WFC is now freeware and I am not in charge anymore. Too much complexity. After a few days of using your computer and creating svchost.exe rules for main usage scenarios, you can add svchost.exe in the notifications exceptions list and forget about it.