diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 46bc3ba..bc5bdd3 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -221,16 +221,16 @@ function DelRegKey { return } try { - Remove-ItemProperty -Path $path -Name $key + Remove-ItemProperty -Path $params.path -Name $params.key Write-host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ Write-Host -ForegroundColor Red "Error in DelRegKey`n`t" - Write-Host -ForegounndColor DarkRed "Access to $($params.path)\$($params.key) denied" + Write-Host -ForegoundColor DarkRed "Access to $($params.path)\$($params.key) denied" } catch { Write-Host -ForegroundColor Red -NoNewLine "Error in DelRegKey`n`t" - Write-Host -ForegounndColor DarkRed $Error[0].Exception.Message + Write-Host -ForegoundColor DarkRed $Error[0].Exception.Message } } diff --git a/modules.d/FW_ProgramsApps.conf b/modules.d/FW_ProgramsApps.conf new file mode 100644 index 0000000..84b7297 --- /dev/null +++ b/modules.d/FW_ProgramsApps.conf @@ -0,0 +1,172 @@ +{ + "Name" : "Applications (Firewall)", + "Description" : "This module Add a firewall rule to desactivate some windows program / application net traffic", + "actions" : + [ + { + "action" : "FwBlockProgram", + "name" : "explorer", + "path" : "$env:systemroot\\explorer.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SystemSettings", + "path" : "$env:systemroot\\ImmersiveControlPanel\\SystemSettings.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BgTaskHost", + "path" : "$env:systemroot\\System32\\backgroundTaskHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BgTransfertHost", + "path" : "$env:systemroot\\System32\\BackgroundTransferHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BrowserBroker", + "path" : "$env:systemroot\\System32\\browser_broker.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "CompatTelRunner", + "path" : "$env:systemroot\\System32\\CompatTelRunner.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "DmClient", + "path" : "$env:systemroot\\System32\\dmclient.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "InstallAgentUserBroker", + "path" : "$env:systemroot\\System32\\InstallAgentUserBroker.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "lsass", + "path" : "$env:systemroot\\System32\\lsass.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "msfeedssync", + "path" : "$env:systemroot\\System32\\msfeedssync.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "run32dll", + "path" : "$env:systemroot\\System32\\rundll32.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SettingSyncHost", + "path" : "$env:systemroot\\System32\\SettingSyncHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SIHClient", + "path" : "$env:systemroot\\System32\\SIHClient.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SmartScreen", + "path" : "$env:systemroot\\System32\\smartscreen.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "TaskHostw", + "path" : "$env:systemroot\\System32\\taskhostw.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WmiPrvSE", + "path" : "$env:systemroot\\System32\\wbem\\WmiPrvSE.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WerFault", + "path" : "$env:systemroot\\System32\\WerFault.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WerMgr", + "path" : "$env:systemroot\\System32\\wermgr.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "Wsqmcons", + "path" : "$env:systemroot\\System32\\wsqmcons.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WWAHost", + "path" : "$env:systemroot\\System32\\WWAHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "ContactSupport", + "path" : "$env:systemroot\\systemapps\\ContactSupport_cw5n1h2txyewy\\ContactSupport.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "Edge", + "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "cleanw10_Cortana", + "path" : "$env:systemroot\\systemapps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\SearchUI.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BackgroundTaskHost64", + "path" : "$env:systemroot\\SysWOW64\\backgroundTaskHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BackgroundTransferHost64", + "path" : "$env:systemroot\\SysWOW64\BackgroundTransferHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "InstallAgentUserBroker64", + "path" : "$env:systemroot\\SysWOW64\\InstallAgentUserBroker.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "MsFeedsSync64", + "path" : "$env:systemroot\\SysWOW64\\msfeedssync.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "rundll3264", + "path" : "$env:systemroot\\SysWOW64\\rundll32.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SettingSyncHost64", + "path" : "$env:systemroot\\SysWOW64\\SettingSyncHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WmiPrvSE64", + "path" : "$env:systemroot\\SysWOW64\\wbem\\WmiPrvSE.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WerFault64", + "path" : "$env:systemroot\\SysWOW64\\WerFault.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WerMgr64", + "path" : "$env:systemroot\\SysWOW64\\wermgr.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WWAHost64", + "path" : "$env:systemroot\\SysWOW64\\WWAHost.exe" + } + ] +}