Block more programs / applications with firewall
This commit is contained in:
parent
ca5f72720d
commit
995eb60e9f
1 changed files with 172 additions and 0 deletions
172
modules.d/FW_ProgramsApps.conf
Normal file
172
modules.d/FW_ProgramsApps.conf
Normal file
|
|
@ -0,0 +1,172 @@
|
|||
{
|
||||
"Name" : "Applications (Firewall)",
|
||||
"Description" : "This module Add a firewall rule to desactivate some windows program / application net traffic",
|
||||
"actions" :
|
||||
[
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "explorer",
|
||||
"path" : "$env:systemroot\\explorer.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "SystemSettings",
|
||||
"path" : "$env:systemroot\\ImmersiveControlPanel\\SystemSettings.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "BgTaskHost",
|
||||
"path" : "$env:systemroot\\System32\\backgroundTaskHost.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "BgTransfertHost",
|
||||
"path" : "$env:systemroot\\System32\\BackgroundTransferHost.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "BrowserBroker",
|
||||
"path" : "$env:systemroot\\System32\\browser_broker.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "CompatTelRunner",
|
||||
"path" : "$env:systemroot\\System32\\CompatTelRunner.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "DmClient",
|
||||
"path" : "$env:systemroot\\System32\\dmclient.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "InstallAgentUserBroker",
|
||||
"path" : "$env:systemroot\\System32\\InstallAgentUserBroker.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "lsass",
|
||||
"path" : "$env:systemroot\\System32\\lsass.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "msfeedssync",
|
||||
"path" : "$env:systemroot\\System32\\msfeedssync.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "run32dll",
|
||||
"path" : "$env:systemroot\\System32\\rundll32.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "SettingSyncHost",
|
||||
"path" : "$env:systemroot\\System32\\SettingSyncHost.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "SIHClient",
|
||||
"path" : "$env:systemroot\\System32\\SIHClient.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "SmartScreen",
|
||||
"path" : "$env:systemroot\\System32\\smartscreen.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "TaskHostw",
|
||||
"path" : "$env:systemroot\\System32\\taskhostw.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "WmiPrvSE",
|
||||
"path" : "$env:systemroot\\System32\\wbem\\WmiPrvSE.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "WerFault",
|
||||
"path" : "$env:systemroot\\System32\\WerFault.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "WerMgr",
|
||||
"path" : "$env:systemroot\\System32\\wermgr.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "Wsqmcons",
|
||||
"path" : "$env:systemroot\\System32\\wsqmcons.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "WWAHost",
|
||||
"path" : "$env:systemroot\\System32\\WWAHost.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "ContactSupport",
|
||||
"path" : "$env:systemroot\\systemapps\\ContactSupport_cw5n1h2txyewy\\ContactSupport.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "Edge",
|
||||
"path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "cleanw10_Cortana",
|
||||
"path" : "$env:systemroot\\systemapps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\SearchUI.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "BackgroundTaskHost64",
|
||||
"path" : "$env:systemroot\\SysWOW64\\backgroundTaskHost.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "BackgroundTransferHost64",
|
||||
"path" : "$env:systemroot\\SysWOW64\BackgroundTransferHost.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "InstallAgentUserBroker64",
|
||||
"path" : "$env:systemroot\\SysWOW64\\InstallAgentUserBroker.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "MsFeedsSync64",
|
||||
"path" : "$env:systemroot\\SysWOW64\\msfeedssync.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "rundll3264",
|
||||
"path" : "$env:systemroot\\SysWOW64\\rundll32.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "SettingSyncHost64",
|
||||
"path" : "$env:systemroot\\SysWOW64\\SettingSyncHost.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "WmiPrvSE64",
|
||||
"path" : "$env:systemroot\\SysWOW64\\wbem\\WmiPrvSE.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "WerFault64",
|
||||
"path" : "$env:systemroot\\SysWOW64\\WerFault.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "WerMgr64",
|
||||
"path" : "$env:systemroot\\SysWOW64\\wermgr.exe"
|
||||
},
|
||||
{
|
||||
"action" : "FwBlockProgram",
|
||||
"name" : "WWAHost64",
|
||||
"path" : "$env:systemroot\\SysWOW64\\WWAHost.exe"
|
||||
}
|
||||
]
|
||||
}
|
||||
Reference in a new issue