{
    "name" : "Applications (Firewall)",
    "description" : "This module Add a firewall rule to desactivate some windows program / application net traffic",
    "actions" :
    [
        {
            "action" : "FwBlockProgram",
            "name" : "explorer",
            "path" : "$env:systemroot\\explorer.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "SystemSettings",
            "path" : "$env:systemroot\\ImmersiveControlPanel\\SystemSettings.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "BgTaskHost",
            "path" : "$env:systemroot\\System32\\backgroundTaskHost.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "BgTransfertHost",
            "path" : "$env:systemroot\\System32\\BackgroundTransferHost.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "BrowserBroker",
            "path" : "$env:systemroot\\System32\\browser_broker.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "CompatTelRunner",
            "path" : "$env:systemroot\\System32\\CompatTelRunner.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "DmClient",
            "path" : "$env:systemroot\\System32\\dmclient.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "InstallAgentUserBroker",
            "path" : "$env:systemroot\\System32\\InstallAgentUserBroker.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "lsass",
            "path" : "$env:systemroot\\System32\\lsass.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "msfeedssync",
            "path" : "$env:systemroot\\System32\\msfeedssync.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "run32dll",
            "path" : "$env:systemroot\\System32\\rundll32.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "SettingSyncHost",
            "path" : "$env:systemroot\\System32\\SettingSyncHost.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "SIHClient",
            "path" : "$env:systemroot\\System32\\SIHClient.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "SmartScreen",
            "path" : "$env:systemroot\\System32\\smartscreen.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "TaskHostw",
            "path" : "$env:systemroot\\System32\\taskhostw.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "WmiPrvSE",
            "path" : "$env:systemroot\\System32\\wbem\\WmiPrvSE.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "WerFault",
            "path" : "$env:systemroot\\System32\\WerFault.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "WerMgr",
            "path" : "$env:systemroot\\System32\\wermgr.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "Wsqmcons",
            "path" : "$env:systemroot\\System32\\wsqmcons.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "WWAHost",
            "path" : "$env:systemroot\\System32\\WWAHost.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "ContactSupport",
            "path" : "$env:systemroot\\systemapps\\ContactSupport_cw5n1h2txyewy\\ContactSupport.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "Edge",
            "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdge.exe"
        },
        {
            "_comment" : "With this rule, Edge will not be able to join Internet",
            "action" : "FwBlockProgram",
            "name" : "EdgeCP",
            "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdgeCP.exe"
        },

        {
            "action" : "FwBlockProgram",
            "name" : "cleanw10_Cortana",
            "path" : "$env:systemroot\\systemapps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\SearchUI.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "BackgroundTaskHost64",
            "path" : "$env:systemroot\\SysWOW64\\backgroundTaskHost.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "BackgroundTransferHost64",
            "path" : "$env:systemroot\\SysWOW64\\BackgroundTransferHost.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "InstallAgentUserBroker64",
            "path" : "$env:systemroot\\SysWOW64\\InstallAgentUserBroker.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "MsFeedsSync64",
            "path" : "$env:systemroot\\SysWOW64\\msfeedssync.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "rundll3264",
            "path" : "$env:systemroot\\SysWOW64\\rundll32.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "SettingSyncHost64",
            "path" : "$env:systemroot\\SysWOW64\\SettingSyncHost.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "WmiPrvSE64",
            "path" : "$env:systemroot\\SysWOW64\\wbem\\WmiPrvSE.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "WerFault64",
            "path" : "$env:systemroot\\SysWOW64\\WerFault.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "WerMgr64",
            "path" : "$env:systemroot\\SysWOW64\\wermgr.exe"
        },
        {
            "action" : "FwBlockProgram",
            "name" : "WWAHost64",
            "path" : "$env:systemroot\\SysWOW64\\WWAHost.exe"
        }
    ]
}