Add dell MAxAudio App

(cherry picked from commit 3aef40fd40e25ae00cee37cb30af69ce2cfd9ad1)

README.md

@@ -1,31 +1,251 @@
-Win10 privacy helper script
-==========================
+Clean Win10
+===========
 
-This Powershell script disable some anti-privacy Windows 10 features.
-I created this for my work needs.
+CleanW10 est un script powershell pour rendre Windows plus respectueux de la
+vie privée de son|ses utilisateur(s) - Utilisatrice(s). Il réalise tout un tas
+d'actions afin de désactiver, supprimer, modifier des composant du système et
+applications tierces.
 
-   * redirect some Microsoft domain known to 0.0.0.0
-   * add firewall rules to block some Ms IP used to collect data
-   * disable some Windows 10 features (Fax, MediaPlayer ...)
-   * disable somes services
-   * disable most Modern Apps (because there are useless ...)
-   * disable some task
-   * write plenty of reg key to disable some features :
-      * advertising
-      * geolocation
-      * telemetry
-      * disable apps righs
-      * disable MS Account for login
-      * Onedrive
-      * (...)
+Ce script est avant tout destiné aux utilisateurs avancés, il réalise beaucoup
+d'actions normalement réservées aux GPO (version pro et entreprise de Windows
+mais accessible) via la base de registre, ou autre (désactivation de
+services par exemple)
 
-### Warning!
+# Actions réalisées
 
-Do not use this script if you're logged with a MS Account on your
-Windows sesssion. Because this script disable MS Account, your account 
-may be blocked and you could not login again.
+CleanW10 réalise beaucoup d'actions, en voici une liste non exhaustive :
+
+  * Désinstallation d'applications universelles (ModernApp) pour l'utilisateur
+  et en version provisionnée. Attention, **Windows Store sera aussi supprimé**.
+  * Blocage d'applications dans le pare-feu Windows (explorer, Cortana,
+  Edge). Attention, **vous ne pourrez plus utiliser Edge**.
+  * Blocage d'adresse IP Microsoft connue pour récolter des données de
+  télémétrie. Attention, des IP utilisées pour **Skype et Outlook** seront
+  bloquées.
+  * Blocage de noms de domaine appartenant à Microsoft connus pour récolter des
+  données
+  * Désintallation de OneDrive
+  * Désactivation des comptes Microsoft. Attention, si vous utilisew des
+  comptes Microsoft sous Windows 10, **transformez-le en compte local AVANT de
+  lancer CleanW10**.
+  * Désactivation des droits pour les applications (caméra, localisation,
+  synchronisation des contacts / calendriers etc.)
+  * Modifications des paramètres relatifs au programme d’amélioration de 
+  l’expérience utilisateur (apprentissage de la saisie clavier, envoi de 
+  rapports d'erreurs ...)
+  * Désactivation des services relatifs aux données personnelles / de
+  télémétrie.
+  * Supression des tâches planifiées problématiques pour les données
+  personelles
+
+# Lancer le CleanW10
+
+Par défaut, Windows n'autorise pas l'execution de script powershell non signé
+ou dont il ne connait pas la signature. Pour exécuter ce script, Il est donc
+conseillé d'exécuter la commande suivante dans une fenêtre powershell en mode
+administrateur :
+
+```
+Set-ExecutionPolicy unrestricted
+```
+
+Vous pouvez cependant lancer ``launcher.cmd`` en tant qu'administrateur.Il se
+chargera de basculer la politique de sécurité relative à powershell, de lancer
+CleanW10 puis de la remettre à son état initial.
+
+## Options de la ligne de commande
+
+voici les options du script en ligne de commande :
+
+```
+CleanW10.ps1 -module <path> -dir <path> -debug
+```
+
+### -module
+
+Avec cette option vous pouvez executer un seul module. Le paramètre est suivi
+par le chemin complet du fichier module.
+
+### -dir
+
+Cette option donne le chemin complet vers le répertoire contenant les modules à
+executer, par défaut ``./modules.d/``. Elle est imcompatible avec ``-module``
+
+### -debug
+
+Affiche des information de debug en plus des messages relatifs au script.
+
+# Comment ça marche?
+
+Le script fonctionne à partir de modules sous forme de fichiers écrits en JSON.
+Un module contient un ensemble d'actions à réaliser ainsi que leurs paramètres.
+Voici un exemple de fichier module :
+
+```JSON
+{
+    "name" : "Block Telemetry IPs",
+    "description" : "Block IPs relative to Microsoft telemery.",
+    "actions" :
+    [
+        {
+            "_comment" : "Block telemetry IPS",
+            "action" : "FwBlockOutputIP",
+            "file" : "telemetry.txt"
+        },
+        {
+            "_comment" : "Block IP relative to Skype and Messenger",
+            "action" : "FwBlockOutputIP",
+            "file" : "skype-msn.txt"
+         }
+    ]  
+}
+```
+
+Chaque module contient un nom (``name``), une description (``description``) et
+une série d'actions à réaliser (``actions``).
+
+Une action contient une instruction à réaliser (ici ``FwBlockOutputIP``),
+éventuellement un commentaire (``_comment``) puis un ou plusieurs paramètre(s)
+en fonction de l'action. Voici une liste des actions disponibles :
+
+## Liste des actions
+
+### BlockHost
+
+Bloque un ou plusieurs noms d'hôtes via le fichier hosts, les paramètres de
+cette action sont :
+
+  * ``host`` : nom d'hote à bloquer
+  * ``file`` :  nom du fichier contenant une adresse IP par ligne pour un
+  traitement par lots. Voir la section  (#fichiers-externes)[fichiers]
+  * ``firewall`` [Booléen] :  Bloque la ou les adresse(s) IP relative au nom
+  d'hôte par le module FwBlockOutputIP
+
+  Activer ce paramètre permet de bloquer par le firewall certains hôtes pour
+  lesquels Windows ne prends pas en compte le fichier hosts.
+
+### FwBlockOutputIP
+
+Bloque une ou plusieurs adresse(s) IP, les paramètres relatifs à cette action
+sont :
+
+  * ``ip`` : adresse IP à bloquer
+  * ``file`` : nom du fichier contenant une adresse IP par ligne pour un
+  traitement par lot. Voir la section [#fichiers-externes](fichiers)
 
 
-### Licence
+### FwBlockProgram
 
-Do what you're want with it and feel fre to offer me a beer :)
+Bloque un ou plusieurs programmes dans le pare-feu, les paramètres relatifs à
+cette action sont :
+
+  * ``name`` : ce paramètre est utilisé pour créer le nom de la règle du
+  pare-feu Windows - facultatif, utilise le chemin complet si absent
+  * ``path`` : chemin complet vers l'exécutable à bloquer.
+  * ``file`` : nom du fichier contenant un chemin par ligne pour un traitement
+  par lot. Voir la section [#fichiers-externes](fichiers)
+
+
+### AddRegKey
+
+Ajoute ou modifie une clé de registre. Si une clé concerne l'utilisateur
+courant (HKCU) alors la clé sera ajoutée / modifiée pour tous les utilisateurs
+mais aussi sur le gabarit de registre pour la création d'utilisateurs. Les
+paramètres sont :
+
+  * ``path`` : chemin vers la clé
+  * ``key`` : la clé
+  * ``value`` : la nouvelle valeur - facultatif
+  * ``type`` : le type de valeur (DWord QWord, Multistring ...) - facutlatif,
+    DWord par défaut
+
+### DelRegKey
+
+Supprime une clé de registre, les mêmes actions que pour ``AddRegKey`` seront
+réalisées si la clé concerne HKCU. Les paramètres sont :
+
+  * ``path`` : chemin vers la clé
+  * ``key`` : clé à supprimer.
+
+### UninstallModernApp
+
+Désintalle une ou plusieurs applications universelles, les paramètres sont :
+
+  * ``name`` : nom de l'application à désintaller
+  * ``removeProvisionned`` [Booléen] : supprimer aussi des application
+  provisionnées (que le système réinstallera pour tout nouvel utilisateur créé)
+  * ``file`` : nom du fichier contenant un nom d' application par ligne pour un
+  traitement par lots. Voir la section [fichiers externes](#fichiers-externes)
+
+### DisableService
+
+Désactive un service, les paramètres sont :
+
+  * ``name`` : nom du service à désactiver
+  * ``userService`` [Booléen] : service est lancé en mode utilisateur. Pour
+  désactiver la création du service par utilisateur, la clé de registre
+  ``userServiceFlag`` sera modifiée.
+  * ``file`` : nom du fichier contenant un nom de service par ligne pour un
+  traitement par lots. Voir la section  [fichiers externes](#fichiers-externes)
+
+
+### RemoveSchedukedTask
+
+Désactive une tâche planifiés, les paramètres sont :
+
+  * ``name`` : nom de la tache planifiée
+  * ``path`` : chemin de la tache planifiée - facultatif
+  * ``file`` : nom du fichier contenant un nom de tâche par ligne pour un
+  traitement par lots. Voir la section  [fichiers externes](#fichiers-externes)
+
+### DisableFeature
+
+Désactive une fonctionnalité de Windows (accessible via dism.exe) les paramètres
+sont :
+
+  * ``name`` : nom de la fonctionnalité
+  * ``file`` : nom du fichier contenant un nom de fonctionnalité par ligne pour
+  un traitement par lot. Voir la section [fichiers externes](#fichiers-externes)
+
+### KillProcess
+
+Tue un processus, le paramètre est :
+
+ * ``name`` : nom du processus à tuer
+
+### DelFile
+
+Supprime un fichier / dossier, les paramètres sont :
+
+  * ``path`` : chemin du fichier / dossier à supprimer
+  * ``recurse``[Booléen] : supprimmer de manière récursive. - facultatif
+
+### ExecCommand
+
+Executer un commande, les paramètres sont :
+
+  * ``path`` : chemin vers l'exécutable. Celui-ci peut contenir des variables
+  d'environnement powershell comme par exemple ``"$env:systemroot\``, Si la
+  * ``arguments`` : liste des arguments
+
+## Fichiers externes
+
+Pour certaines actions il est possible de charger un fichier externe pour du
+traitement par lot. Ce peut être le cas pour ``BlockHost`` par exemple. Il
+faut alors renseigner le paramètre ``file`` dans l'action correspondante avec
+le nom du fichier à charger, Celui-ci decra se trouver **obligatoirement** dans
+un sous-dossier portant le même nom que le fichier module.
+
+Prenons l'exemple du module FW_Hosts.conf, il contient l'action ``BlockHost``
+avec commr paramètre ``file`` hosts.txt, voici donc l'arborescence obtenue :
+
+```
+modules.d\FW_Hosts\hosts.txt
+modules.d\FW_Hosts.conf
+```
+
+# Licence
+
+Ce script est disponible sous licence Beeware : utilisez, copiez, modifiez,
+redistribuez comme ça vous chante. Et offrez-moi une bière si l'on se recontre
+un de ces 4 (et si ça vous chante).

lib/hosts.txt

@@ -1,130 +0,0 @@
-184-86-53-99.deploy.static.akamaitechnologies.com
-a-0001.a-msedge.net
-a-0002.a-msedge.net
-a-0003.a-msedge.net
-a-0004.a-msedge.net
-a-0005.a-msedge.net
-a-0006.a-msedge.net
-a-0007.a-msedge.net
-a-0008.a-msedge.net
-a-0009.a-msedge.net
-a-msedge.net
-a.ads1.msn.com
-a.ads2.msads.net
-a.ads2.msn.com
-a.rad.msn.com
-a1621.g.akamai.net
-a1856.g2.akamai.net
-a1961.g.akamai.net
-a978.i6g1.akamai.net
-ac3.msn.com
-ad.doubleclick.net
-adnexus.net
-adnxs.com
-ads.msn.com
-ads1.msads.net
-ads1.msn.com
-aidps.atdmt.com
-aka-cdn-ns.adtech.de
-apps.skype.com
-az361816.vo.msecnd.net
-az512334.vo.msecnd.net
-b.ads1.msn.com
-b.ads2.msads.net
-b.rad.msn.com
-bingads.microsoft.com
-bs.serving-sys.com
-c.atdmt.com
-c.msn.com
-cdn.atdmt.com
-cds26.ams9.msecn.net
-choice.microsoft.com
-choice.microsoft.com.nsatc.net
-compatexchange.cloudapp.net
-corp.sts.microsoft.com
-corpext.msitadfs.glbdns2.microsoft.com
-cs1.wpc.v0cdn.net
-cy2.vortex.data.microsoft.com.akadns.net
-db3aqu.atdmt.com
-df.telemetry.microsoft.com
-diagnostics.support.microsoft.com
-e2835.dspb.akamaiedge.net
-e7341.g.akamaiedge.net
-e7502.ce.akamaiedge.net
-e8218.ce.akamaiedge.net
-ec.atdmt.com
-fe2.update.microsoft.com.akadns.net
-feedback.microsoft-hohm.com
-feedback.search.microsoft.com
-feedback.windows.com
-flex.msn.com
-g.msn.com
-h1.msn.com
-h2.msn.com
-hostedocsp.globalsign.com
-i1.services.social.microsoft.com
-i1.services.social.microsoft.com.nsatc.net
-ipv6.msftncsi.com
-ipv6.msftncsi.com.edgesuite.net
-lb1.www.ms.akadns.net
-live.rads.msn.com
-m.adnxs.com
-m.hotmail.com
-msedge.net
-msftncsi.com
-msnbot-65-55-108-23.search.msn.com
-msntest.serving-sys.com
-oca.telemetry.microsoft.com
-oca.telemetry.microsoft.com.nsatc.net
-pre.footprintpredict.com
-preview.msn.com
-pricelist.skype.com
-rad.live.com
-rad.msn.com
-redir.metaservices.microsoft.com
-reports.wes.df.telemetry.microsoft.com
-s.gateway.messenger.live.com
-s0.2mdn.net
-schemas.microsoft.akadns.net
-secure.adnxs.com
-secure.flashtalking.com
-services.wes.df.telemetry.microsoft.com
-settings-sandbox.data.microsoft.com
-settings-win.data.microsoft.com
-sls.update.microsoft.com.akadns.net
-sqm.df.telemetry.microsoft.com
-sqm.telemetry.microsoft.com
-sqm.telemetry.microsoft.com.nsatc.net
-ssw.live.com
-static.2mdn.net
-statsfe1.ws.microsoft.com
-statsfe2.update.microsoft.com.akadns.net
-statsfe2.ws.microsoft.com
-survey.watson.microsoft.com
-telecommand.telemetry.microsoft.com
-telecommand.telemetry.microsoft.com.nsatc.net
-telemetry.appex.bing.net
-telemetry.microsoft.com
-telemetry.urs.microsoft.com
-ui.skype.com
-v10.vortex-win.data.microsoft.com
-view.atdmt.com
-vortex-bn2.metron.live.com.nsatc.net
-vortex-cy2.metron.live.com.nsatc.net
-vortex-sandbox.data.microsoft.com
-vortex-win.data.metron.live.com.nsatc.net
-vortex-win.data.microsoft.com
-vortex.data.glbdns2.microsoft.com
-vortex.data.microsoft.com
-watson.live.com
-watson.microsoft.com
-watson.ppe.telemetry.microsoft.com
-watson.telemetry.microsoft.com
-watson.telemetry.microsoft.com.nsatc.net
-web.vortex.data.microsoft.com
-wes.df.telemetry.microsoft.com
-www.msftncsi.com
-win10.ipv6.microsoft.com
-www.bingads.microsoft.com
-www.go.microsoft.akadns.net
-www.msftncsi.com

lib/ip.txt

@@ -1,12 +0,0 @@
-2.22.61.43
-2.22.61.66
-64.4.54.254
-65.39.117.230
-65.52.108.33
-65.55.108.23
-23.218.212.69
-134.170.30.202
-137.116.81.24
-157.56.106.189
-184.86.53.99
-204.79.197.200

lib/services.txt

@@ -1,17 +0,0 @@
-diagnosticshub.standardcollector.service
-DiagTrack
-dmwappushservice
-HomeGroupListener
-HomeGroupProvider
-lfsvc
-MapsBroker
-NetTcpPortSharing
-RemoteAccess
-RemoteRegistry
-SharedAccess
-TrkWks
-WbioSrvc
-WMPNetworkSvc
-XblAuthManager
-XblGameSave
-XboxNetApiSvc

lib/tasks.txt

@@ -1,11 +0,0 @@
-Microsoft Compatibility Appraiser
-ProgramDataUpdater
-CreateObjectTask
-Consolidator
-KernelCeipTask
-UsbCeip
-SmartScreenSpecific
-Microsoft-Windows-DiskDiagnosticDataCollector
-DmClient
-MNO Metadata Parser
-QueueReporting

modules.d/DisableFeatures.conf

@@ -0,0 +1,11 @@
+{
+	"name" : "Disable Features",
+	"description" : "This module disable some useless Windows Features",
+	"actions" : [
+		{
+			"action" : "DisableFeature",
+			"file" : "features.txt",
+			"name" : ""
+		}
+	]
+}

modules.d/DisableFeatures/features.txt

@@ -1,4 +1,4 @@
 Internet-Explorer-Optional-amd64
 FaxServicesClientPackage
 WindowsMediaPlayer
-MediaPlayback
+MediaPlayback

modules.d/FW_BlockIP.conf

@@ -0,0 +1,17 @@
+{
+    "name" : "Block Telemetry IPs",
+    "description" : "Block IPs relative to Microsoft telemery.",
+    "actions" : 
+    [
+        {
+            "_comment" : "Block telemetry IPS",
+            "action" : "FwBlockOutputIP",
+            "file" : "telemetry.txt"
+        },
+        {
+            "comment" : "Block IP relative to Skype and Messenger",
+            "action" : "FwBlockOutputIP",
+            "file" : "skype-msn.txt"
+        }
+    ]
+}

modules.d/FW_BlockIP/skype-msn.txt

@@ -0,0 +1,29 @@
+2.18.122.78
+2.18.126.223
+23.40.1.36
+40.69.132.130
+40.74.50.25
+40.77.226.192
+40.77.226.194
+40.77.226.246
+40.79.79.123
+40.127.139.224
+64.4.23.151
+65.54.225.167
+92.122.180.48
+93.184.221.200
+95.101.148.83
+104.71.185.14
+104.85.27.201
+104.94.168.220
+104.96.28.184
+131.253.14.76
+134.170.0.216
+134.170.3.200
+157.55.56.161
+157.55.130.155
+157.56.198.14
+157.56.109.8
+157.56.123.82
+157.56.114.104
+157.56.194.24

modules.d/FW_BlockIP/telemetry.txt

@@ -0,0 +1,361 @@
+2.17.21.70
+2.18.126.144
+2.18.126.99
+2.18.245.121
+2.18.245.81
+2.18.245.97
+2.19.224.131
+2.19.225.200
+2.22.61.43
+2.22.61.66
+4.23.62.126
+13.81.59.242
+13.107.3.128
+13.107.4.50
+13.107.4.52
+13.107.5.88
+13.107.21.200
+23.101.115.193
+23.101.156.198
+23.101.187.68
+23.102.17.214
+23.102.21.4
+23.103.189.125
+23.103.189.126
+23.193.225.197
+23.193.230.88
+23.193.236.70
+23.193.238.90
+23.193.251.132
+23.206.42.56
+23.210.48.42
+23.210.5.16
+23.210.63.75
+23.211.159.37
+23.211.170.9
+23.217.138.11
+23.217.138.122
+23.217.138.18
+23.217.138.25
+23.217.138.43
+23.67.60.97
+23.74.8.80
+23.74.8.99
+23.74.9.198
+23.74.9.217
+23.9.123.27
+23.96.212.225
+23.97.178.173
+23.97.197.207
+23.99.10.11
+31.13.92.2
+37.252.162.217
+37.252.163.144
+37.252.163.145
+37.252.170.141
+40.113.10.78
+40.113.11.93
+40.117.145.132
+40.122.214.188
+40.69.66.208
+40.77.134.24
+40.77.226.249
+40.77.226.250
+40.77.229.2
+40.77.229.133
+40.77.229.141
+40.84.199.233
+52.71.117.99
+52.164.227.208
+52.166.197.207
+52.169.118.173
+52.178.167.109
+64.4.6.100
+64.4.11.42
+64.4.54.18
+64.4.54.22
+64.4.54.32
+64.4.54.98
+64.4.54.99
+64.4.54.116
+64.4.54.117
+4.4.54.153
+64.4.54.167
+64.4.54.253
+64.4.54.254
+65.39.117.230
+65.52.100.7
+65.52.100.9
+65.52.100.11
+65.52.100.91
+65.52.100.92
+65.52.100.93
+65.52.100.94
+65.52.108.3
+65.52.108.27
+65.52.108.29
+65.52.108.33
+65.52.108.92
+65.52.108.94
+65.52.108.103
+65.52.108.153
+65.52.108.154
+65.52.108.252
+65.52.161.64
+65.52.236.160
+65.54.226.187
+65.55.29.238
+65.55.39.10
+65.55.44.85
+65.55.44.108
+65.55.44.109
+65.55.57.27
+65.55.83.120
+65.55.108.23
+65.55.113.13
+65.55.128.80
+65.55.128.81
+65.55.130.50
+65.55.138.110
+65.55.138.111
+65.55.138.114
+65.55.138.126
+65.55.138.186
+65.55.163.221
+65.55.163.222
+65.55.176.90
+65.55.206.154
+65.55.252.190
+65.55.252.43
+65.55.252.63
+65.55.252.71
+65.55.252.92
+65.55.252.93
+66.119.144.157
+66.119.144.158
+66.119.144.189
+66.119.144.190
+66.119.147.131
+66.119.152.204
+66.119.152.205
+68.232.34.200
+72.21.81.200
+72.21.91.8
+74.125.206.148
+74.125.206.149
+77.67.29.176
+8.23.91.254
+8.253.7.126
+8.253.91.126
+8.253.91.254
+8.253.92.126
+8.254.226.254
+8.254.227.126
+82.199.68.72
+82.199.80.143
+88.221.113.72
+88.221.113.96
+88.221.14.168
+88.221.15.43
+88.221.15.59
+92.123.182.27
+92.123.182.58
+94.245.121.176
+94.245.121.177
+94.245.121.178
+94.245.121.179
+94.245.121.251
+94.245.121.253
+94.245.121.254
+95.101.148.186
+95.101.149.158
+98.124.243.41
+104.101.172.250
+104.121.1.194
+104.208.28.54
+104.40.208.40
+104.47.166.140
+104.69.67.29
+104.69.119.19
+104.69.135.172
+104.73.92.149
+104.73.138.217
+104.73.143.160
+104.73.153.9
+104.73.160.16
+104.73.160.51
+104.73.160.58
+104.82.14.146
+104.82.22.249
+104.85.17.76
+104.85.38.129
+104.91.166.82
+104.91.188.21
+104.94.111.30
+104.94.163.155
+104.94.172.176
+104.96.20.117
+104.96.28.44
+104.96.147.3
+111.221.29.177
+111.221.29.253
+128.63.2.53
+131.107.113.238
+131.107.255.255
+131.253.14.121
+131.253.14.153
+131.253.14.76
+131.253.34.240
+131.253.40.109
+131.253.40.37
+131.253.40.53
+131.253.40.59
+131.253.61.100
+131.253.61.66
+131.253.61.82
+131.253.61.84
+131.253.61.96
+134.170.30.202
+134.170.51.190
+134.170.51.246
+134.170.51.247
+134.170.51.248
+134.170.51.250
+134.170.52.151
+134.170.53.29
+134.170.53.30
+134.170.58.118
+134.170.58.121
+134.170.58.123
+134.170.58.189
+134.170.58.190
+134.170.104.154
+134.170.111.154
+134.170.115.60
+134.170.115.62
+134.170.165.248
+134.170.165.251
+134.170.165.253
+134.170.179.87
+134.170.185.70
+134.170.188.248
+134.170.188.84
+137.116.74.190
+137.116.81.24
+137.117.235.16
+157.55.129.21
+157.55.133.204
+157.55.240.220
+157.56.17.248
+157.56.23.91
+157.56.57.5
+157.56.74.250
+157.56.77.138
+157.56.77.139
+157.56.91.77
+157.56.91.82
+157.56.96.54
+157.56.96.58
+157.56.96.123
+157.56.106.184
+157.56.106.189
+157.56.121.89
+157.56.124.87
+157.56.144.215
+157.56.144.216
+157.56.149.250
+157.56.194.72
+157.58.211.44
+157.58.249.57
+161.69.13.20
+161.69.17.33
+161.69.28.13
+161.69.29.54
+161.69.165.22
+161.69.165.23
+161.69.165.24
+161.69.165.26
+161.69.165.56
+161.69.165.57
+161.69.165.60
+161.69.165.62
+168.61.24.141
+168.62.187.13
+168.63.29.74
+168.63.108.233
+172.217.20.38
+173.194.113.219
+173.194.113.220
+173.194.40.123
+173.194.40.124
+173.223.10.103
+173.223.10.169
+173.223.10.232
+173.223.11.142
+173.223.11.143
+173.223.11.152
+173.223.11.166
+173.252.90.192
+178.255.83.1
+185.13.160.61
+191.232.140.76
+191.232.80.58
+191.232.80.60
+191.232.80.62
+191.234.72.183
+191.234.72.186
+191.234.72.188
+191.234.72.190
+191.237.208.126
+192.168.1.255
+192.229.233.249
+194.44.4.200
+194.44.4.208
+198.41.214.183
+198.41.214.184
+198.41.214.186
+198.41.214.187
+198.41.215.182
+198.41.215.185
+198.41.215.186
+198.78.208.254
+204.79.197.209
+204.79.197.210
+204.79.197.211
+204.79.197.213
+207.123.34.126
+207.123.56.252
+207.68.166.254
+212.30.134.204
+212.30.134.205
+216.38.172.128
+216.58.198.230
+216.58.209.166
+216.58.211.102
+216.58.213.134
+64.4.23.0/24
+65.55.223.0/24
+157.55.52.0/24
+157.55.56.0/24
+157.55.235.0/24
+111.221.64.0/24
+157.55.130.0/24
+157.55.236.0/24
+195.138.255.0/24
+213.199.179.0/24
+191.232.139.2/24
+23.55.155.27
+23.214.171.90
+64.4.11.25
+65.52.100.46
+88.221.113.10
+88.221.113.57
+95.101.148.156
+184.87.182.252
+198.41.214.185
+198.41.215.183
+198.41.215.184
+221.221.112.129
+221.221.112.145
+221.221.112.160
+221.221.112.203

modules.d/FW_Hosts.conf

@@ -0,0 +1,16 @@
+{
+	"name" : "Block unwanted Host",
+	"description" : "This module block some hosts from Microsoft",
+	"actions" : [
+		{
+			"action" : "BlockHost",
+			"file" : "base.txt",
+			"host" : "",
+            "firewall" : false
+		},
+        {
+            "action" : "BlockHost",
+            "file" : "ms-skype-messenger.txt"
+        }
+	]
+}

modules.d/FW_Hosts/base.txt

@@ -0,0 +1,161 @@
+a-0001.a-msedge.net
+a-0002.a-msedge.net
+a-0003.a-msedge.net
+a-0004.a-msedge.net
+a-0005.a-msedge.net
+a-0006.a-msedge.net
+a-0007.a-msedge.net
+a-0008.a-msedge.net
+a-0009.a-msedge.net
+a.ads1.msn.com
+a.ads2.msn.com
+a1095.g2.akamai.net
+a23-193-236-70.deploy.static.akamaitechnologies.com
+a23-193-238-90.deploy.static.akamaitechnologies.com
+a23-210-48-42.deploy.static.akamaitechnologies.com
+a23-210-5-16.deploy.static.akamaitechnologies.com
+a23-210-63-75.deploy.static.akamaitechnologies.com
+a23-217-138-11.deploy.static.akamaitechnologies.com
+a23-217-138-122.deploy.static.akamaitechnologies.com
+a23-217-138-18.deploy.static.akamaitechnologies.com
+a23-217-138-25.deploy.static.akamaitechnologies.com
+a23-217-138-43.deploy.static.akamaitechnologies.com
+a23-217-138-90.deploy.static.akamaitechnologies.com
+a23-217-138-97.deploy.static.akamaitechnologies.com
+a23-218-212-69.deploy.static.akamaitechnologies.com
+a23-67-60-65.deploy.static.akamaitechnologies.com
+a23-67-60-73.deploy.static.akamaitechnologies.com
+a23-67-60-97.deploy.static.akamaitechnologies.com
+a23-9-123-27.deploy.static.akamaitechnologies.com
+a569.g.akamai.net
+activity.windows.com
+ads.msn.com
+ads.msn.com.nsatc.net
+ads1.msads.net
+ads1.msn.com
+appex.bing.com
+apprep.smartscreen.microsoft.com
+array201-prod.do.dsp.mp.microsoft.com
+array202-prod.do.dsp.mp.microsoft.com
+array203-prod.do.dsp.mp.microsoft.com
+array204-prod.do.dsp.mp.microsoft.com
+bingads.microsoft.com
+bn1303.settings.live.net
+c.microsoft.com
+c.s-microsoft.com
+c.urs.microsoft.com
+c1.microsoft.com
+cache.datamart.windows.com
+cdn.content.prod.cms.msn.com
+choice.microsoft.com
+choice.microsoft.com.nsatc.net
+co4.telecommand.telemetry.microsoft.com.akadns.net
+corp.sts.microsoft.com
+corpext.msitadfs.glbdns2.microsoft.com
+cp201-prod.do.dsp.mp.microsoft.com
+cs1.wpc.v0cdn.net
+db3aqu.atdmt.com
+df.telemetry.microsoft.com
+diagnostics.support.microsoft.akadns.net
+diagnostics.support.microsoft.com
+dl.delivery.mp.microsoft.com
+dns.msftncsi.com
+download-ssl.msgamestudios.com
+e2236.g.akamaiedge.net
+e7173.g.akamaiedge.net
+e8011.g.akamaiedge.net
+fe1.update.microsoft.com.akadns.net
+
+#Problem with windows update
+#fe2.update.microsoft.com.akadns.net
+ 
+fe3.delivery.dsp.mp.microsoft.com.nsatc.net
+feedback.microsoft-hohm.com
+feedback.search.microsoft.com
+feedback.windows.com
+finances.services.appx.bing.com
+fr-fr.appx-rf.msn.com
+g.bing.com
+geo-prod.do.dsp.mp.microsoft.com
+geover-prod.do.dsp.mp.microsoft.com
+ieonline.microsoft.com
+ieonlinews.microsoft.com
+i1.services.social.microsoft.com
+i1.services.social.microsoft.com.nsatc.net
+Inprod.support.services.microsoft.com
+lb1.www.ms.akadns.net
+licensing.md.mp.microsoft.com
+mpd.mxptint.net
+msedge.net
+msnbot-207-46-194-33.search.msn.com
+msnbot-65-52-108-27.search.msn.com
+msnbot-65-52-108-29.search.msn.com
+msnbot-65-52-108-92.search.msn.com
+msnbot-65-52-108-94.search.msn.com
+msnbot-65-55-252-43.search.msn.com
+next-services.apps.microsoft.com
+nexus.officeapps.live.com
+nexusrules.officeapps.live.com
+oca.telemetry.microsoft.com
+ocos-office365-s2s.msedge.net
+ocsa.office.microsoft.com
+ocsp.usertrust.com
+odc.officeapps.live.com
+pre.footprintpredict.com
+preview.msn.com
+public-family.api.account.microsoft.com
+redir.metaservices.microsoft.com
+redir.metaservices.microsoft.com.edgesuite.net
+redirection.prod.cms.msn.com.akadns.net
+reports.wes.df.telemetry.microsoft.com
+roaming.officeapps.live.com
+rr.office.microsoft.com
+sc.iasds01.com
+schemas.microsoft.akadns.net
+services.wes.df.telemetry.microsoft.com
+settings-sandbox.data.glbdns2.microsoft.com
+settings-sandbox.data.microsoft.com
+settings.data.microsoft.com
+siWeb.microsoft.akadns.net
+sls.update.microsoft.com.akadns.net
+solitaireprod.maelstrom.xboxlive.com
+spynet2.microsoft.akadns.net
+spynetalt.microsoft.akadns.net
+spynetalt.microsoft.com
+spyneteurope.microsoft.akadns.net
+sqm.df.telemetry.microsoft.com
+sqm.telemetry.microsoft.com
+sqm.telemetry.microsoft.com.nsatc.net
+ssw.live.com
+ssw.live.com.nsatc.net
+statsfe1.update.microsoft.com.akadns.net
+statsfe1.ws.microsoft.com
+statsfe1.ws.microsoft.com.nsatc.net
+statsfe2.update.microsoft.com.akadns.net
+statsfe2.ws.microsoft.com
+statsfe2.ws.microsoft.com.nsatc.net
+storeedgefd.dsx.mp.microsoft.com
+support.msn.microsoft.akadns.net
+survey.watson.microsoft.com
+t.urs.microsoft.com.nsatc.net
+telecommand.telemetry.microsoft.com
+telemetry.appex.bing.net
+telemetry.appex.search.prod.ms.akadns.net
+telemetry.microsoft.com
+telemetry.urs.microsoft.com
+tunnel.cfw.trustedsource.org
+uci.officeapps.live.com
+urs.smartscreen.microsoft.com
+v10.vortex-win.data.microsoft.com
+vortex-sandbox.data.glbdns2.microsoft.com
+vortex-sandbox.data.microsoft.com
+vortex-win.data.microsoft.com
+vortex.data.microsoft.com
+watson.live.com
+watson.microsoft.com
+watson.ppe.telemetry.microsoft.com
+watson.telemetry.microsoft.com
+wes.df.telemetry.microsoft.com
+win10.ipv6.microsoft.com
+www.msftconnecttest.com
+www.msftncsi.com

modules.d/FW_Hosts/ms-skype-messenger.txt

@@ -0,0 +1,25 @@
+a.rad.msn.com
+ac3.msn.com
+apps.skype.com
+arc.msn.com
+az361816.vo.msecnd.net
+az512334.vo.msecnd.net
+b.rad.msn.com
+c.msn.com
+client-s.gateway.messenger.live.com
+client.wns.windows.com
+dub407-m.hotmail.com
+flex.msn.com
+g.msn.com
+h1.msn.com
+h2.msn.com
+live.rads.msn.com
+m.hotmail.com
+mscrl.microsoft.com
+msnbot-65-55-108-23.search.msn.com
+rad.live.com
+rad.msn.com
+rpt.msn.com
+s.gateway.messenger.live.com
+otf.msn.com
+ui.skype.com

modules.d/FW_ProgramsApps.conf

@@ -0,0 +1,184 @@
+{
+    "name" : "Applications (Firewall)",
+    "description" : "This module Add a firewall rule to desactivate some windows program / application net traffic",
+    "actions" :
+    [
+        {
+            "action" : "FwBlockProgram",
+            "name" : "explorer",
+            "path" : "$env:systemroot\\explorer.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "SystemSettings",
+            "path" : "$env:systemroot\\ImmersiveControlPanel\\SystemSettings.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "BgTaskHost",
+            "path" : "$env:systemroot\\System32\\backgroundTaskHost.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "BgTransfertHost",
+            "path" : "$env:systemroot\\System32\\BackgroundTransferHost.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "BrowserBroker",
+            "path" : "$env:systemroot\\System32\\browser_broker.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "CompatTelRunner",
+            "path" : "$env:systemroot\\System32\\CompatTelRunner.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "DmClient",
+            "path" : "$env:systemroot\\System32\\dmclient.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "InstallAgentUserBroker",
+            "path" : "$env:systemroot\\System32\\InstallAgentUserBroker.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "lsass",
+            "path" : "$env:systemroot\\System32\\lsass.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "msfeedssync",
+            "path" : "$env:systemroot\\System32\\msfeedssync.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "run32dll",
+            "path" : "$env:systemroot\\System32\\rundll32.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "SettingSyncHost",
+            "path" : "$env:systemroot\\System32\\SettingSyncHost.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "SIHClient",
+            "path" : "$env:systemroot\\System32\\SIHClient.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "SmartScreen",
+            "path" : "$env:systemroot\\System32\\smartscreen.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "TaskHostw",
+            "path" : "$env:systemroot\\System32\\taskhostw.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "WmiPrvSE",
+            "path" : "$env:systemroot\\System32\\wbem\\WmiPrvSE.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "WerFault",
+            "path" : "$env:systemroot\\System32\\WerFault.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "WerMgr",
+            "path" : "$env:systemroot\\System32\\wermgr.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "Wsqmcons",
+            "path" : "$env:systemroot\\System32\\wsqmcons.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "WWAHost",
+            "path" : "$env:systemroot\\System32\\WWAHost.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "ContactSupport",
+            "path" : "$env:systemroot\\systemapps\\ContactSupport_cw5n1h2txyewy\\ContactSupport.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "Edge",
+            "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdge.exe"
+        },
+        {
+            "_comment" : "With this rule, Edge will not be able to join Internet",
+            "action" : "FwBlockProgram",
+            "name" : "EdgeCP",
+            "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdgeCP.exe"
+        },
+        {
+            "_comment" : "Same as above, but new versions of this exe is located in system32",
+            "action" : "FwBlockProgram",
+            "name" : "EdgeCP",
+            "path" : "$env:systemroot\\System32\\MicrosoftEdgeCP.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "cleanw10_Cortana",
+            "path" : "$env:systemroot\\systemapps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\SearchUI.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "BackgroundTaskHost64",
+            "path" : "$env:systemroot\\SysWOW64\\backgroundTaskHost.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "BackgroundTransferHost64",
+            "path" : "$env:systemroot\\SysWOW64\\BackgroundTransferHost.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "InstallAgentUserBroker64",
+            "path" : "$env:systemroot\\SysWOW64\\InstallAgentUserBroker.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "MsFeedsSync64",
+            "path" : "$env:systemroot\\SysWOW64\\msfeedssync.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "rundll3264",
+            "path" : "$env:systemroot\\SysWOW64\\rundll32.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "SettingSyncHost64",
+            "path" : "$env:systemroot\\SysWOW64\\SettingSyncHost.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "WmiPrvSE64",
+            "path" : "$env:systemroot\\SysWOW64\\wbem\\WmiPrvSE.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "WerFault64",
+            "path" : "$env:systemroot\\SysWOW64\\WerFault.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "WerMgr64",
+            "path" : "$env:systemroot\\SysWOW64\\wermgr.exe"
+        },
+        {
+            "action" : "FwBlockProgram",
+            "name" : "WWAHost64",
+            "path" : "$env:systemroot\\SysWOW64\\WWAHost.exe"
+        }
+    ]
+}

modules.d/GPO_Account.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Account Info (GPO)",
+    "description" : "This module desactivate Account Info access for third party Apps like GPO did.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessAccountInfo",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessAccountInfo_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessAccountInfo_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessAccountInfo_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Advertising.conf

@@ -0,0 +1,13 @@
+{
+    "name" : "Advertising (GPO)",
+    "description" : "This module desactivate Advertising info like GPO does.",
+    "actions" :
+    [
+        {
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo",
+            "key" : "DisabledByGroupPolicy",
+            "value" : "1"
+        }
+    ]
+}

modules.d/GPO_BackgoundApps.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Apps in Background (GPO)",
+    "description" : "This module desactivate run in background for third party Apps like GPO did.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsRunInBackground",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsRunInBackground_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsRunInBackground_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsRunInBackground_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Calendars.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Calendar (GPO)",
+    "description" : "This module desactivate Calendar access for third party Apps like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCalendar",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCalendar_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCalendar_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCalendar_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_CallHistory.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Call history (GPO)",
+    "description" : "This module desactivate Call history access for third party Apps like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCallHistory",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCallHistory_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCallHistory_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCallHistory_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Camera.conf

@@ -0,0 +1,34 @@
+{
+    "name" : "Camera (GPO)",
+    "description" : "This module desactivate Camera access for third party Apps like GPO does.",
+    "actions" :
+    [
+        { 
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCamera",
+            "value" : "0"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCamera_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCamera_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessCamera_ForceDenyTheseApps",
+            "type" : "MultiString",
+            "value" : "Microsoft.MicrosoftEdge_8wekyb3d8bbwe Microsoft.Win32WebViewHost_cw5n1h2txyewy Microsoft.Windows.Cortana_cw5n1h2txyewy Microsoft.WindowsStore_8wekyb3d8bbwe Microsoft.XboxGamingOverlay_8wekyb3d8bbwe"
+        }
+    ]
+}

modules.d/GPO_CloudContent.conf

@@ -0,0 +1,21 @@
+{
+    "name" : "CloudContent (GPO)",
+    "description" : "This module Desactivate somes Windows suggestionlike GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable third party suggestion (for current user)",
+            "action" : "AddRegKey",
+            "path" : "HKCU:\\Software\\Policies\\Microsoft\\Windows\\CloudContent",
+            "key" : "DisableThirdPartysuggestions",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Windows Spotlight (for current user)",
+            "action" : "AddRegKey",
+            "path" : "HKCU:\\Software\\Policies\\Microsoft\\Windows\\CloudContent",
+            "key" : "DisableWindowsSpotlightFeatures",
+            "value" : "1"
+        }
+    ]
+}

modules.d/GPO_ConnectionProbe.conf

@@ -0,0 +1,14 @@
+{
+    "name" : "Connection Probe (GPO)",
+    "description" : "This module desactivate Internet connection probe like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable connection probe",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\NetworkConnectivityStatusIndicator",
+            "key" : "NoActiveProbe",
+            "value" : "1"
+        }
+    ]
+}

modules.d/GPO_Contacts.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Contacts (GPO)",
+    "description" : "This module desactivate Contacts access for third party Apps like GPO does.",
+    "actions" :
+    [
+        { 
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessContacts",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessContacts_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessContacts_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessContacts_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Cortana.conf

@@ -0,0 +1,70 @@
+{
+    "name" : "Cortana and Windows Search (GPO)",
+    "description" : "This module Desactivate Cortana and some Windows Search functionnality like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Desactivate location access for Cortana",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search",
+            "key" : "AllowSearchToUseLocation",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Disable Web Search from Cortana",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search",
+            "key" : "DisableWebSearch",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Web Search result from Windows Search",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search",
+            "key" : "ConnectedSearchUseWeb",
+            "value" : "0"
+        },
+         {
+            "_comment" : "Do not Search over the Web with limited connections",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search",
+            "key" : "ConnectedSearchUseWebOverMeteredConnections",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Disable Cortana",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search",
+            "key" : "AllowCortana",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Define which informations are sent to  Web Search (anonymous informations)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search",
+            "key" : "ConnectedSearchPrivacy",
+            "value" : "3"
+        },
+        {
+            "_comment" : "Disable SafeSearch for Search",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search",
+            "key" : "ConnectedSearchSafeSearch",
+            "value" : "3"
+        },
+        {
+            "_comment" : "Disable encrypted file indexation",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search\\CurrentPolicies",
+            "key" : "AllowIndexingEncryptedStoresOrItems",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Disable Cortana on lock screen",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search",
+            "key" : "AllowCortanaAboveLock",
+            "value" : "0"
+        }
+    ]
+}

modules.d/GPO_Diagnostic.conf

@@ -0,0 +1,42 @@
+{
+    "name" : " Diagnostic Data (GPO)",
+    "description" : "This module try to disable diagnostic tracking like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Do not show feedback notification",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection",
+            "key" : "DoNotShowFeedbackNotifications",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Telemetry, 1 for minimum information leak (Home and Pro edition) and 0 for total disable (Entreprise only)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection",
+            "key" : "AllowTelemetry",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable 'Use diagnostic data for personnalized experience",
+            "action" : "AddRegKey",  
+            "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent",
+            "key" : "DisableTailoredExperiencesWithDiagnosticData",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable App compatibility telemetry",
+            "action" : "AddRegKey",  
+            "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppCompat",
+            "key" : "AITEnable",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable pre-version functionnality",
+            "action" : "AddRegKey",  
+            "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection",
+            "key" : "EnableConfigFlighting",
+            "value" : "1"
+        }
+    ]
+}

modules.d/GPO_DiagnosticInfo.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "DiagnisticInfo (GPO)",
+    "description" : "This module desactivate diagnistic info access for third party Apps like GPO does.",
+    "actions" :
+    [
+        { 
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsGetDiagnosticInfo",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsGetDiagnosticInfo_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsGetDiagnosticInfo_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsGetDiagnosticInfo_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_DynamicTiles.conf

@@ -0,0 +1,35 @@
+{
+    "name" : "Tiles content (GPO)",
+    "description" : "This module desactivate Internet data loading for tiles like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable cloud notifications for tiles (for current user)",
+            "action" : "AddRegKey",
+            "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications",
+            "key" : "NoCloudApplicationNotification",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable notifications for tiles (for current user)",
+            "action" : "AddRegKey",
+            "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications",
+            "key" : "NoTileApplicationNotification",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable cloud notifications for tiles (for user template hive)",
+            "action" : "AddRegKey",
+            "path" : "HKU:\\Default\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications",
+            "key" : "NoCloudApplicationNotification",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable notifications for tiles (for user template hive)",
+            "action" : "AddRegKey",
+            "path" : "HKU:\\Default\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications",
+            "key" : "NoTileApplicationNotification",
+            "value" : "1"
+        }
+    ]
+}

modules.d/GPO_Email.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Email access (GPO)",
+    "description" : "This module desactivate email access for third party Apps like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessEmail",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys s eems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessEmail_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessEmail_ForceAllowTheseApps",
+            "type" : "MultiString" 
+        },
+        {
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessEmail_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_ErrorReporting.conf

@@ -0,0 +1,56 @@
+{
+    "name" : "Error Reporting (GPO)",
+    "description" : "This module desactivate some error Reporting function  like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable error Reporting to Microsoft",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting",
+            "key" : "Disabled",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Do not allow operating system memory dump sent to Microsoft",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting",
+            "key" : "AutoApproveOSDumps",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Do not sent additional dada to Microsoft when reporting",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting",
+            "key" : "DontSendAdditionalData",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Windows Error Reporting ",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\PCHealth\\ErrorReporting",
+            "key" : "DoReport",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Disable WER (Not a GPO rule)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\UnattendSettings\\Windows Error Reporting",
+            "key" : "Disabled",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable WMR (Not a GPO rule)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting\\WMR",
+            "key" : "Disabled",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Do not consent Error Reporting (not a GPO rule) ",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting\\consent",
+            "key" : "DefaultConsent",
+            "value" : "0"
+        }
+    ]
+}

modules.d/GPO_InputSpeechInk.conf

@@ -0,0 +1,36 @@
+{
+    "name" : "Input Speech Ink (GPO)",
+    "description" : "This module desactivate Input personalization, speech and ink recognition like GPO does.",
+    "actions" :
+    [
+        { 
+            "_comment" : "Desactivate text learning",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\InputPersonalization",
+            "key" : "RestrictImplicitTextCollection",
+            "value" : "1"
+        },
+        {
+             "_comment" : "Desactivate ink learning",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\InputPersonalization",
+            "key" : "RestrictImplicitInkCollection",
+            "value" : "1"
+
+        },
+        {
+            "_comment" : "Desactivate input personalization",
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\InputPersonalization",
+            "key" : "AllowInputPersonnalization",
+            "value" : "0"
+       },
+       {
+            "_comment" : "Desactivate voice data automatic updates",
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Speech",
+            "key" : "AllowSpeechModelUpdate",
+            "value" : "0"
+       }
+    ]
+}

modules.d/GPO_Location.conf

@@ -0,0 +1,68 @@
+{
+    "name" : "Location ans sensors (GPO)",
+    "description" : "This module desactivate Location access for third party Apps like GPO does.",
+    "actions" :
+    [
+        { 
+             "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessLocation",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessLocation_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessLocation_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessLocation_ForceDenyTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "_comment" : "Disable hardware location sensors",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors",
+            "key" : "DisableLocation",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable location sensor",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors",
+            "key" : "DisableLocation",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Windows location service provider",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors",
+            "key" : "DisableWindowsLocationProvider",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable location scripting",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors",
+            "key" : "DisableLocationScripting",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable sensors (rotation will be disable in tablet PC)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors",
+            "key" : "DisableSensors",
+            "value" : "1"
+        }
+    ]
+}

modules.d/GPO_Messaging.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Messaging (GPO)",
+    "description" : "This module desactivate Messaging access for third party Apps like GPO does.",
+    "actions" :
+    [
+        { 
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMessaging",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMessaging_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMessaging_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMessaging_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Microphone.conf

@@ -0,0 +1,34 @@
+{
+    "name" : "Microphone (GPO)",
+    "description" : "This module desactivate Microphone access for third party Apps like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key  controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMicrophone",
+            "value" : "0"
+        },
+        {
+            "_comment" : "The 3 bottom keys seems to be  some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMicrophone_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMicrophone_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMicrophone_ForceDenyTheseApps",
+            "type" : "MultiString",
+            "value" : "Microsoft.MicrosoftEdge_8wekyb3d8bbwe Microsoft.Win32WebViewHost_cw5n1h2txyewy Microsoft.Windows.Cortana_cw5n1h2txyewy Microsoft.WindowsStore_8wekyb3d8bbwe Microsoft.XboxGamingOverlay_8wekyb3d8bbwe"
+        }
+    ]
+}

modules.d/GPO_MicrosoftAccount.conf

@@ -0,0 +1,14 @@
+{
+    "name" : "Microsoft Account (GPO)",
+    "description" : "This module desactivate posibility to add a Microsoft account like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable MS Account",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System",
+            "key" : "NoConnectedUser",
+            "value" : "3"
+        }
+    ]
+}

modules.d/GPO_Motion.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Motion Sensor (GPO)",
+    "description" : "This module desactivate Motion sensor access for third party Apps like GPO does.",
+    "actions" :
+    [
+        { 
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMotion",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMotion_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMotion_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessMotion_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Notifications.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Notifications (GPO)",
+    "description" : "This module desactivate Notifications access for third party Apps like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key  controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessNotifications",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be  some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessNotifications_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessNotifications_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessNotifications_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_OneDrive.conf

@@ -0,0 +1,86 @@
+{
+    "name" : "Disable OneDrive (GPO)",
+    "description" : "This module Remove Onedrive like GPO does and delete if.",
+    "actions" : 
+    [
+        {
+            "_comment" : "Kill Onedrive process",
+	  		"action" : "KillProcess",
+			"name" : "onedrive"
+		},
+		{
+            "_comment" : "Kill explorer process",
+			"action" : "KillProcess",
+			"name" : "explorer"
+		},
+		{
+			"_comment" : "Execute OneDrive Uninstaller (x64 version)", 
+            "action" : "ExecCommand",
+			"path" : "$env:systemroot\\SysWOW64\\OneDriveSetup.exe",
+			"arguments" : "/uninstall"
+		},
+		{
+			"_comment" : "Execute OneDrive Uninstaller (x86 version)",
+			"action" : "ExecCommand",
+			"path" : "$env:systemroot\\System32\\OneDriveSetup.exe",
+			"arguments" : "/uninstall"
+		},
+		{
+            "_comment" : "The 3 actions bellow delete Onedrive folders ",
+			"action" : "DelFile",
+			"path" : "$env:localappdata\\Microsoft\\OneDrive",
+			"recurse" : "True"
+		},
+		{   
+			"action" : "DelFile",
+			"path" : "$env:programdata\\Microsoft OneDrive",
+			"recurse" : "True"
+		},
+		{
+			"action" : "DelFile",
+			"path" : "$env:systemdrive\\OneDriveTemp",
+			"recurse" : "True"
+		},
+		{
+            "_comment" : "Do not allow OneDrive for file storage",
+			"action" : "AddRegKey",
+			"value" : "1",
+			"key" : "DisableFileSyncNGSC",
+			"path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive"
+		},
+		{
+            "_comment" : "Disable OneDrive file sync with limited connection",
+			"action" : "AddRegKey",
+			"value" : "1",
+			"key" : "DisableMeteredNetworkFileSync",
+			"path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive"
+		},
+	    {
+            "_comment" : "Disable save file to Onedrive",
+			"action" : "AddRegKey",
+			"value" : "1",
+			"key" : "DisableLibrariesDefaultSaveToOneDrive",
+			"path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive"
+		},
+		{
+			"_comment" : "Prevent Onedrive installation for new created user (non GPO key)",
+			"action" : "DelRegKey",
+			"key" : "OneDriveSetup",
+			"path" : "HKU:\\Default\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
+		},
+        {
+            "_comment" : "Hide Onedrive icon from explorer",
+			"action" : "AddRegKey",
+			"value" : "0",
+			"key" : "System.IsPinnedToNameSpaceTree",
+			"path" : "HKCR:\\Wow6432Node\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
+		},
+        {
+            "_comment" : "Hide Onedrive icon from explorer (2)",
+			"action" : "AddRegKey",
+			"value" : "0",
+			"key" : "System.IsPinnedToNameSpaceTree",
+			"path" : "HKCR:\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
+		}
+    ]
+}

modules.d/GPO_Phone.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Phone (GPO)",
+    "description" : "This module desactivate Phone access for third party Apps like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessPhone",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessPhone_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessPhone_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessPhone_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Privacy.conf

@@ -0,0 +1,49 @@
+{
+    "name" : "Privacy (GPO)",
+    "description" : "This module set some privati life settings like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable hand writing share",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\TabletPC",
+            "action" : "AddRegKey",
+            "key" : "PreventHandwritingDataSharing",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable hand writing error reporting",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\HandwritingErrorReports",
+            "key" : "PreventHandwritingErrorReports",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Inventory Collector",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppCompat",
+            "key" : "DisableInventory",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable camera on lock screen",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization",
+            "key" : "NoLockScreenCamera",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable notification for tile, application and Lockscreen (non GPO key)(current user)",
+            "action" : "AddRegKey",
+            "path" : "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\PushNotifications",
+            "key" : "ToastEnabled",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Disable user experience amelioration program ",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\SQMClient\\Windows",
+            "key" : "CEIPEnabled",
+            "value" : "0"
+        }
+    ]
+}

modules.d/GPO_Radios.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Radios (GPO)",
+    "description" : "This module desactivate Radios (Bluetooth, Wifi ...) access for third party Apps like GPO does.",
+    "actions" :
+    [
+        { 
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessRadios",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessRadios_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessRadios_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessRadios_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_SettingSync.conf

@@ -0,0 +1,35 @@
+{
+    "name" : "Setting Sync (GPO)",
+    "description" : "This module desactivate Setting sync between devices like GPO does.",
+    "actions" :
+    [
+        { 
+            "_comment" : "Disable Setting Sync",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\SettingSync",
+            "key" : "DisableSettingSync",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Possibility for user to reactivate setting sync",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\SettingSync",
+            "key" : "DisableSettingSyncUserOverride",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Setting Sync for third party Apps",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\SettingSync",
+            "key" : "DisableApplicationSettingSync",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Possibility for user to reactivate setting sync for third party Apps",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\SettingSync",
+            "key" : "DisableApplicationSettingSyncUserOverride",
+            "value" : "1"
+        }
+    ]
+}

modules.d/GPO_SyncDevices.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Sync with devices (GPO)",
+    "description" : "This module desactivate sync with devices for third party Apps like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsSyncWithDevices",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsSyncWithDevices_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsSyncWithDevices_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsSyncWithDevices_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Tasks.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Tasks (GPO)",
+    "description" : "This module desactivate Tasks access for third party Apps like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessTasks",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessTasks_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessTasks_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessTasks_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Teredo.conf

@@ -0,0 +1,15 @@
+{
+    "name" : "Teredo (GPO)",
+    "description" : "This module desactivate Teredo pseudo interface like GPO did.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable Teredo with  key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\TCPIP\\v6Transition",
+            "key" : "Teredo_State",
+            "value" : "Disable",
+            "type" : "String"
+        }
+    ]
+}

modules.d/GPO_TrustedDevices.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "TrustedDevices (GPO)",
+    "description" : "This module desactivate Trusted Devices access for third party Apps like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessTrustedDevices",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessTrustedDevices_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessTrustedDevices_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey", 
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsAccessTrustedDevices_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_VoiceActivation.conf

@@ -0,0 +1,33 @@
+{
+    "name" : "Account Info (GPO)",
+    "description" : "This module desactivate Account Info access for third party Apps like GPO did.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsActivateWithVoice",
+            "value" : "2"
+        },
+        {
+            "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsActivateWithVoice_UserInControlOfTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsActivateWithVoice_ForceAllowTheseApps",
+            "type" : "MultiString"
+        },
+        {
+            "action" : "AddRegKey",  
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy",
+            "key" : "LetAppsActivateWithVoice_ForceDenyTheseApps",
+            "type" : "MultiString"
+        }
+    ]
+}

modules.d/GPO_Wifi.conf

@@ -0,0 +1,13 @@
+{
+    "name" : "Contact, open and paid Wifi  (GPO)",
+    "description" : "This module desactivate Wifi connexion to shared network by contacts, paid and open AP like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "This is the principal reg key controlled by GPO",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Microsoft\\WcmSvc\\wifinetworkmanager\\config",
+            "key" : "AutoConnectAllowedOEM",
+            "value" : "0"
+        }    ]
+}

modules.d/GPO_WindowsDefender.conf

@@ -0,0 +1,35 @@
+{
+    "name" : "Windows Defender (GPO)",
+    "description" : "This module Desactivate somes Windows Defender functionnallity like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable Spynet Reporting",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Spynet",
+            "key" : "SpyNetReporting",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Disable sample submission to Microsoft",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Spynet",
+            "key" : "SubmitSamplesConsent",
+            "value" : "2"
+        },
+        {
+            "_comment" : "Do not report infection informations to Microsoft",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\MRT",
+            "key" : "DontReportInfectionInformation",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Do not allow setting override for Spynet reporting",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Spynet",
+            "key" : "LocalSettingOverrideSpynetReporting",
+            "value" : "0"
+        }
+    ]
+}

modules.d/GPO_WindowsStore.conf

@@ -0,0 +1,49 @@
+{
+    "name" : "Windows Store (GPO)",
+    "description" : "This module Desactivate Windows Store functionnality like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable All Windows Store Application - Appx (Windows Entreprise and Education)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\WindowsStore",
+            "key" : "DisableStoreApps",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Windows Store (Windows Pro, Entreprise ans Education)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\WindowsStore",
+            "key" : "RemoveWindowsStore",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable Open with Windows Store in Explorer (Windows Pro, Entreprise and Education)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Explorer",
+            "key" : "NoUseStoreOpenWith",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Show only private repository (Windows Pro, Entreprise and Education)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\WindowsStore",
+            "key" : "RequirePrivateStoreOnly",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable message to update tu Windows last version (Windows Pro, Entreprise and Education)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\WindowsStore",
+            "key" : "DisableOsUpgrade",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Disable push to install (Windows Pro, Entreprise and Education)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\PushToInstall",
+            "key" : "DisablePushToInstall",
+            "value" : "1"
+        }
+    ]
+}

modules.d/GPO_WindowsTips.conf

@@ -0,0 +1,22 @@
+{
+    "name" : "Windows Tips (GPO)",
+    "description" : "This module desactivate Windows tips like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Do not display Windows Tips",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent",
+            "key" : "DisableSoftLanding",
+            "value" : "1"
+        }
+        ,
+        {
+            "_comment" : "Disable Windows Consumers Features",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent",
+            "key" : "DisableWindowsConsumerFeatures",
+            "value" : "1"
+        }
+    ]
+}

modules.d/GPO_WindowsUpdate.conf

@@ -0,0 +1,70 @@
+{
+    "Name" : "Windows Update (GPO)",
+    "Description" : "Disable sone Windows Update features like GPO does.",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable Download Optimization",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DeliveryOptimization",
+            "key" : "DODownloadMode",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Disable Peer to Peer connection for Windows Update",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Peernet",
+            "key" : "Disabled",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Notify Update download and installation",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU",
+            "key" : "AUOptions",
+            "value" : "2"
+        },
+        {
+            "_comment" : "Activate Windows Update all day ( 0:All days, 1:sunday, 2:monday, ...",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU",
+            "key" : "ScheduledInstallDay",
+            "value" : "0"
+        },
+        {
+            "_comment" : "Define hour of installation",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU",
+            "key" : "ScheduledInstallTime",
+            "value" : "12"
+        },
+        {
+            "_comment" : "Enable Defered Updates (Windows Pro and +) (https://docs.microsoft.com/en-us/windows/deployment/update/waas-configure-wufb)",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate",
+            "key" : "DeferFeatureUpdates",
+            "value" : "1"
+        },
+        {
+            "_comment" : "Select CBB branch for Defered Updates",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate",
+            "key" : "BranchReadinessLevel",
+            "value" : "32"
+        },
+        {
+            "_comment" : "Defer Feature installation for 1 year",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate",
+            "key" : "DeferFeatureUpdatesPeriodInDays",
+            "value" : "365"
+        },
+        {
+            "_comment" : "Disable drivers update",
+            "action" : "AddRegKey",
+            "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU",
+            "key" : "ExcludeWUDriversInQualityUpdate",
+            "value" : "1"
+        }
+    ]
+}

modules.d/SER_Location.conf

@@ -0,0 +1,10 @@
+{
+	"name" : "Disable Location Service",
+	"description" : "This module disable location service",
+	"actions" : [
+		{ 
+			"action" : "DisableService",
+		 	"name" : "lfsvc"
+		}
+	]
+}

modules.d/SER_Sensors.conf

@@ -0,0 +1,21 @@
+{
+    "name" : "Sensors Services",
+    "description" : "Disable sensors related services should impact orientation, auto-brightness orientation etc.",
+    "actions" : [
+        {
+            "_comment" : "disable sensors service",
+            "action" : "DisableService",
+            "name" : "sensorservice"
+        },
+        {
+            "_comment" : "Disable sensors monitoring service",
+            "action" : "DisableService",
+            "name" : "SensrSvc"
+        },
+        {
+            "_comment" : "Disable sensors data  service",
+            "action" : "DisableService",
+            "name" : "SensorDataService"
+        }
+    ]
+}

modules.d/SER_Users.conf

@@ -0,0 +1,49 @@
+{
+    "name" : "User services",
+    "description" : "User specific services, ones ends with ????? need to be disable per account",
+    "actions" : 
+    [
+        { 
+            "_comment" : "Disable sync service (useful for calendars, contact, mesaging and other sync applications)",
+            "action" : "DisableService",
+            "name" : "OneSyncSvc",
+            "userService" : true
+        },
+        {
+            "_comment" : "Disable connected user platform service",
+            "action" : "DisableService",
+            "name" : "CDPUserSvc",
+            "userService" : true
+        },
+        {
+            "_comment" : "Disable messaging service",
+            "action" : "DisableService",
+            "name" : "MessagingService",
+            "userService" : true
+        },
+        {
+            "_comment" : "Disable contact data  service",
+            "action" : "DisableService",
+            "name" : "PimIndexMaintenanceSvc",
+            "userService" : true
+        },
+        {
+            "_comment" : "Disable contact data service",
+            "action" : "DisableService",
+            "name" : "UnistoreSvc",
+            "userService" : true
+        },
+        {
+            "_comment" : "Disable user data sharing service",
+            "action" : "DisableService",
+            "name" : "UserDataSvc",
+            "userService" : true
+        },
+        {
+            "_comment" : "Disable contact data service",
+            "action" : "DisableService",
+            "name" : "WpnUserService",
+            "userService" : true
+        }
+    ]
+}

modules.d/SER_VariousServices.conf

@@ -0,0 +1,22 @@
+{
+    "name" : "Remove Services",
+    "description" : "",
+    "actions" : [
+        {
+            "_comment" : "Disable most diagnostic related services",
+            "action" : "DisableService",
+            "file" : "DiagServices.txt",
+            "firewall" : "True"
+        },
+        {
+            "_comment" : "Disable Biometric service",
+            "action" : "DisableService",
+            "name" : "WbioSrvc"
+        },
+        {
+            "_comment" : "Disable Windows Licence Manager",
+            "action" : "DisableService",
+            "name" : "LicenseManager"
+        }
+    ]
+}

modules.d/SER_VariousServices/DiagServices.txt

@@ -0,0 +1,4 @@
+DiagTrack
+dmwappushservice
+diagnosticshub.standardcollector.service
+RetailDemo

modules.d/TSK_ApplicationExperiences.conf

@@ -0,0 +1,31 @@
+{
+    "name" : "Remove Applcation Experiences Tasks",
+    "description" : "Is mostly consist of user data analyse for user experience",
+    "actions" :
+    [
+        {
+            "_comment" : "",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Application Experience\\",
+            "name" : "AitAgent" 
+        },
+        {
+            "_comment" : "Disable telemetry collect for Microsoft user experience - Compatibility",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Application Experience\\",
+            "name" : "Microsoft Compatibility Appraiser" 
+        },
+        {
+            "_comment" : "Disable telemetry collect for Microsoft user experience - Program Data",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Application Experience\\",
+            "name" : "ProgramDataUpdater" 
+        },
+        {
+            "_comment" : "Disable startup tasks analyser and user notification",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Application Experience\\",
+            "name" : "StartupAppTask" 
+        }
+    ]
+}

modules.d/TSK_CustomerExperience.conf

@@ -0,0 +1,31 @@
+{
+    "name" : "Remove Customer xperiences Tasks",
+    "description" : "Is mostly consist of user data analyse for user experience",
+    "actions" :
+    [
+        {
+            "_comment" : "",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Customer Experience Improvement Program\\",
+            "name" : "BthSQM" 
+        },
+        {
+            "_comment" : "Disable user data consolidation and sent to Microsoft (if user subscribe to MS User Experience program)",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Customer Experience Improvement Program\\",
+            "name" : "Consolidator"
+        },
+        {
+            "_comment" : "",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Customer Experience Improvement Program\\",
+            "name" : "KernelCeipTask" 
+        },
+        {
+            "_comment" : "Disable USB data collect and sent to Microsoft (if user subscribe to MS User Experience program)",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Customer Experience Improvement Program\\",
+            "name" : "UsbCeip" 
+        }
+    ]
+}

modules.d/TSK_Feedback.conf

@@ -0,0 +1,19 @@
+{
+    "name" : "User feedback tasks",
+    "description" : "Disable User Feedback tasks",
+    "actions" :
+    [
+        {
+            "_comment" : "",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Feedback\\Siuf\\",
+            "name" : "DmClient" 
+        },
+        {
+            "_comment" : "",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Feedback\\Siuf\\",
+            "name" : "DmClientOnScenarioDownload" 
+        }
+    ]
+}

modules.d/TSK_LocationMaps.conf

@@ -0,0 +1,31 @@
+{
+    "name" : "Location and Maps Tasks",
+    "description" : "Remove Location ans Maps relative tasks",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable location notification task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Location\\",
+            "name" : "Notifications" 
+        },
+        {
+            "_comment" : "",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Location\\",
+            "name" : "WindowsActionDialog" 
+        },
+        {
+            "_comment" : "Disable maps toasts task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Maps\\",
+            "name" : "MapsToastTask" 
+        },
+        {
+            "_comment" : "Disable maps update task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Maps\\",
+            "name" : "MapsUpdateTask" 
+        }
+    ]
+}

modules.d/TSK_Shell.conf

@@ -0,0 +1,25 @@
+{
+    "name" : "Remove Windows shell Tasks",
+    "description" : "Disable tasks relative to parental lock",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable sync setting with Microsoft familly service task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Shell\\",
+            "name" : "FamilySafetyMonitorToastTask" 
+        },
+        {
+            "_comment" : "Disable parental lock monitor task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\shell\\",
+            "name" : "FamilySafetyMonitor" 
+        },
+        {
+            "_comment" : "Disable parental lock update task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Shell\\",
+            "name" : "FamilySafetyRefreshTask" 
+        }
+    ]
+}

modules.d/TSK_Various.conf

@@ -0,0 +1,103 @@
+{
+    "name" : "Varisous Tasks",
+    "description" : "Unsorted Task to disable",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable proxy for telemetry data",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Autochk\\",
+            "name" : "Proxy" 
+        },
+        {
+            "_comment" : "Disable Windows Store licence check task, task exist but Get-ScheduledTask doesn't found it!",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Clip\\",
+            "name" : "License Validation" 
+        },
+        {
+            "_comment" : "",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\CloudExperienceHost\\",
+            "name" : "CreateObjectTask" 
+        },
+        {
+            "_comment" : "",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Device Information\\",
+            "name" : "device" 
+        },
+        {
+            "_comment" : "Disable disk diagnostic data collect and sent task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\DiskDiagnostic\\",
+            "name" : "Microsoft-Windows-DiskDiagnosticDataCollector" 
+        },
+        {
+            "_comment" : "Disable exchanges temporary preinstalled licenses for Windows Store licenses task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\License Manager\\",
+            "name" : "TempSignedLicenseExchange" 
+        },
+        {
+            "_comment" : "Disable system performance probe task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Maintenance\\",
+            "name" : "WinSAT" 
+        },
+        {
+            "_comment" : "Disable mobile broadband data analysis and sent to Microsoft",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Mobile Broadband Accounts\\",
+            "name" : "MNO Metadata Parsee" 
+        },
+        {
+            "_comment" : "Disable network information data collect",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\NetTrace\\",
+            "name" : "GatherNetworkInfo" 
+        },
+        {
+            "_comment" : "disable secure boot and boot time data collect and analysis task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\PI\\",
+            "name" : "Sqm-Tasks"
+        },
+        {
+            "_comment" : "Disable system analysis for power managment efficiency",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Power Efficiency Diagnostics\\",
+            "name" : "AnalyzeSystem" 
+        },
+        {
+            "_comment" : "On my test system this task do not exist",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\RetailDemo\\",
+            "name" : "CleanupOfflineContent" 
+        },
+        {
+            "_comment" : "Disable backgroud upload settings to Microsoft servers task (for sync I suppose)",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\SettingSync\\",
+            "name" : "BackgroundUploadTask"
+        },
+        {
+            "_comment" : "Disable speech model download task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Speech\\",
+            "name" : "SpeechModelDownloadTask" 
+        },
+        {
+            "_comment" : "Disable queued data report analysis and sent task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\Windows Error Reporting\\",
+            "name" : "QueueReporting" 
+        },
+        {
+            "_comment" : "Disable automatic application update from Microsoft Store task",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\Windows\\WindowsUpdate\\",
+            "name" : "Automatic App Update" 
+        }
+    ]
+}

modules.d/UninstallModernApp.conf

@@ -0,0 +1,53 @@
+{
+    "name" : "Uninstall Modern Apps",
+    "description" : "Uninstall unwanted Modern App",
+    "actions" :
+    [
+        {
+            "_comment" : "Disable MapsBoker service for uninstall Windows Map",
+            "action" : "DisableService",
+            "name" : "MapsBroker"
+        },
+        {
+            "_comment" : "Uninstall Windows Maps",
+            "action" : "UninstallModernApp",
+            "name" : "Microsoft.WindowsMaps",
+            "removeProvisioned" : true
+        },
+        {
+            "_comment" : "Disable xbox services for uninstall Apps",
+            "action" : "DisableService",
+            "file" : "XboxServices.txt"
+        },
+        {
+            "_comment" : "Disable Xbox sheduled tasks",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\XblGameSave\\",
+            "name" : "XblGameSaveTask" 
+        },
+        {
+            "_comment" : "Disable Xbox sheduled tasks",
+            "action" : "RemoveScheduledTask",
+            "path" : "\\Microsoft\\XblGameSave\\",
+            "name" : "XblGameSaveTaskLogon" 
+        },
+        {
+            "_comment" : "Uninstall Xbox Apps",
+            "action" : "UninstallModernApp",
+            "file" : "XboxApps.txt",
+            "removeProvisioned" : true
+        },
+        {
+            "_comment" : "Uninstall Microsoft Apps",
+            "action" : "UninstallModernApp",
+            "file" : "MicrosoftApps.txt",
+            "removeProvisioned" : true
+        },
+        {
+            "_comment" : "Uninstall third party apps",
+            "action" : "UninstallModernApp",
+            "file" : "OthersApps.txt",
+            "removeProvisioned" : true
+        }
+    ]
+} 

modules.d/UninstallModernApp/MicrosoftApps.txt

@@ -1,4 +1,5 @@
 Microsoft.3dbuilder
+Microsoft.Advertising.Xaml
 Microsoft.Appconnector
 Microsoft.BingFinance
 Microsoft.BingFoodAndDrink
@@ -17,13 +18,16 @@ Microsoft.MicrosoftPowerBIForWindows
 Microsoft.MicrosoftSolitaireCollection
 Microsoft.MicrosoftStickyNotes
 Microsoft.MinecraftUWP
+Microsoft.MixedReality.Portal
 Microsoft.MSPaint
 Microsoft.Office.OneNote
 Microsoft.Office.Sway
 Microsoft.OneConnect
 Microsoft.People
+Microsoft.Print3D
 Microsoft.Services.Store.Engagement
 Microsoft.SkypeApp
+Microsoft.Wallet
 Microsoft.Windows.Photos
 Microsoft.WindowsAlarms
 Microsoft.WindowsCalculator
@@ -33,10 +37,6 @@ Microsoft.WindowsFeedbackHub
 Microsoft.WindowsMaps
 Microsoft.WindowsPhone
 Microsoft.WindowsSoundRecorder
-Microsoft.WindowsStore
-Microsoft.XboxApp
+Microsoft.YourPhone
 Microsoft.ZuneMusic
-Microsoft.ZuneVideo
-Microsoft.Advertising.Xaml
-9E2F88E3.Twitter
-king.com.CandyCrushSodaSaga
+Microsoft.ZuneVideo

modules.d/UninstallModernApp/OthersApps.txt

@@ -0,0 +1,24 @@
+2414FC7A.Viber
+64885BlueEdge.OneCalendar
+7906AAC0.TOSHIBAManual
+7906AAC0.TOSHIBAPCInformation
+7906AAC0.TOSHIBAServiceStation
+7906AAC0.TOSHIBASettings
+89006A2E.AutodeskSketchBook
+906AAC0.TOSHIBAPCInformation
+9E2F88E3.Twitter
+A278AB0D.DisneyMagicKingdoms
+A278AB0D.MarchofEmpires
+Amazon.com.Amazon
+CAF9E577.Plex
+CyberLinkCorp.to.PowerDVDforToshiba
+WavesAudio.MaxxAudioProforDell2019
+DolbyLaboratories.DolbyAccess
+Expedia.ExpediaHotelsFlightsCarsActivities
+king.com.BubbleWitch3Saga
+king.com.CandyCrushFriends
+king.com.CandyCrushSodaSaga
+king.com.FarmHeroesSaga
+SpotifyAB.SpotifyMusic
+WinZipComputing.WinZipUniversal
+WinZipComputing.41990D275AB9A

modules.d/UninstallModernApp/XboxApps.txt

@@ -0,0 +1,5 @@
+Microsoft.Xbox.TCUI
+Microsoft.XboxApp
+Microsoft.XboxGameOverlay
+Microsoft.XboxIdentityProvider
+Microsoft.XboxSpeechToTextOverlay

modules.d/UninstallModernApp/XboxServices.txt

@@ -0,0 +1,5 @@
+XblAuthManager
+XblGameSave
+XboxNetApiSvc
+xboxgip
+XboxGipSvc