Err yes I did :shake:You've not said anything of the sort :err:
And anyway most trojans and the like make use of windows services that are already granted internet access as the browser wouldn't work without them. CRSS service being the prime example.
An inbound and outbound hardware firewall is the only type of firewall that can really be relied on as if the trojan is on the machine the software is running on it probably has enough control to do what it wants anyway.
And a software firewall is ample enough as it has the most common ports already configured and hardware ports are mostly user configurable, if you dont know how to configure a router port then you may aswell go surfing with no firewall at all, and Java scripts is the best way of infection