banned applications making connections according to activity monitor

i have a problem with banned traffic persisting

for btdna.exe and mDNSResponder.exe i’ve created rules not to allow for TCP/UDP In/Out for any port source or destination.
and since for btdna that didn’t work i created specifically a rule to disallow UDP inward trafiic since that is what it’s getting.

i’ve also added them both to the banned apps

they continue to receive and to send data

maybe i’ve got some network control rules that overcome the above. but i’m not sure how to recognise which might be the problem ones. atm am not running the modem with the static IPs setup

[attachment deleted by admin]