Firewall Hardening - LOLBINs as new option

[sopla4ever]

          category: Security improvments
          children:
            -
                name: Firewall hardening - block LOLBINs
                docs: https://github.com/LOLBAS-Project/LOLBAS
                docs: https://github.com/AndyFul/Hard_Configurator

                code: |-
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: appvlp.exe" program="C:\%programfiles%\Microsoft Office\root\client\AppVLP.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: appvlp.exe" program="C:\%programfiles(x86)%\Microsoft Office\root\client\AppVLP.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: At.exe" program="%systemroot%\System32\At.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: At.exe" program="%systemroot%\SysWOW64\At.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Attrib.exe" program="%systemroot%\System32\Attrib.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Attrib.exe" program="%systemroot%\SysWOW64\Attrib.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Atbroker.exe" program="%systemroot%\System32\Atbroker.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Atbroker.exe" program="%systemroot%\SysWOW64\Atbroker.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: bash.exe" program="%systemroot%\System32\bash.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: bash.exe" program="%systemroot%\SysWOW64\bash.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: bitsadmin.exe" program="%systemroot%\System32\bitsadmin.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: bitsadmin.exe" program="%systemroot%\SysWOW64\bitsadmin.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: calc.exe" program="%systemroot%\System32\calc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: calc.exe" program="%systemroot%\SysWOW64\calc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: certreq.exe" program="%systemroot%\System32\certreq.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: certreq.exe" program="%systemroot%\SysWOW64\certreq.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: certutil.exe" program="%systemroot%\System32\certutil.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: certutil.exe" program="%systemroot%\SysWOW64\certutil.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: cmdkey.exe" program="%systemroot%\System32\cmdkey.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: cmdkey.exe" program="%systemroot%\SysWOW64\cmdkey.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: cmstp.exe" program="%systemroot%\System32\cmstp.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: cmstp.exe" program="%systemroot%\SysWOW64\cmstp.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: CompatTelRunner.exe" program="%systemroot%\System32\CompatTelRunner.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: CompatTelRunner.exe" program="%systemroot%\SysWOW64\CompatTelRunner.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ConfigSecurityPolicy.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.9-0\ConfigSecurityPolicy.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: control.exe" program="%systemroot%\System32\control.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: control.exe" program="%systemroot%\SysWOW64\control.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Csc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Csc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Csc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Csc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: cscript.exe" program="%systemroot%\System32\cscript.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: cscript.exe" program="%systemroot%\SysWOW64\cscript.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ctfmon.exe" program="%systemroot%\System32\ctfmon.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ctfmon.exe" program="%systemroot%\SysWOW64\ctfmon.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: curl.exe" program="%systemroot%\System32\curl.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: curl.exe" program="%systemroot%\SysWOW64\curl.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: desktopimgdownldr.exe" program="%systemroot%\System32\desktopimgdownldr.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: DeviceDisplayObjectProvider.exe" program="%systemroot%\System32\DeviceDisplayObjectProvider.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: DeviceDisplayObjectProvider.exe" program="%systemroot%\SysWOW64\DeviceDisplayObjectProvider.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Dfsvc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Dfsvc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Dfsvc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Dfsvc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: diskshadow.exe" program="%systemroot%\SysWOW64\diskshadow.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: diskshadow.exe" program="%systemroot%\System32\diskshadow.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Dnscmd.exe" program="%systemroot%\SysWOW64\Dnscmd.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Dnscmd.exe" program="%systemroot%\System32\Dnscmd.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: dwm.exe" program="%systemroot%\SysWOW64\dwm.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: dwm.exe" program="%systemroot%\System32\dwm.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: eventvwr.exe" program="%systemroot%\System32\eventvwr.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: esentutl.exe" program="%systemroot%\SysWOW64\esentutl.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: esentutl.exe" program="%systemroot%\System32\esentutl.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Expand.exe" program="%systemroot%\System32\Expand.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Expand.exe" program="%systemroot%\SysWOW64\Expand.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: explorer.exe" program="%systemroot%\System32\explorer.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: explorer.exe" program="%systemroot%\SysWOW64\explorer.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Extexport.exe" program="%programfiles%\Internet Explorer\Extexport.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Extexport.exe" program="%programfiles(x86)%\Internet Explorer\Extexport.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: extrac32.exe" program="%systemroot%\System32\extrac32.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: extrac32.exe" program="%systemroot%\SysWOW64\extrac32.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: findstr.exe" program="%systemroot%\System32\findstr.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: findstr.exe" program="%systemroot%\SysWOW64\findstr.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: forfiles.exe" program="%systemroot%\System32\forfiles.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: forfiles.exe" program="%systemroot%\SysWOW64\forfiles.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ftp.exe" program="%systemroot%\System32\ftp.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ftp.exe" program="%systemroot%\SysWOW64\ftp.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: gpscript.exe" program="%systemroot%\System32\gpscript.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: gpscript.exe" program="%systemroot%\SysWOW64\gpscript.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: hh.exe" program="%systemroot%\System32\hh.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: hh.exe" program="%systemroot%\SysWOW64\hh.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ie4uinit.exe" program="%systemroot%\System32\ie4uinit.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ie4uinit.exe" program="%systemroot%\SysWOW64\ie4uinit.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ieexec.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\ieexec.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ieexec.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\ieexec.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ilasm.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\ilasm.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ilasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Infdefaultinstall.exe" program="%systemroot%\System32\Infdefaultinstall.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Infdefaultinstall.exe" program="%systemroot%\SysWOW64\Infdefaultinstall.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Jsc.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\Jsc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Jsc.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\Jsc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Jsc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Jsc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Jsc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Jsc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: lsass.exe" program="%systemroot%\System32\lsass.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: lsass.exe" program="%systemroot%\SysWOW64\lsass.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: makecab.exe" program="%systemroot%\System32\makecab.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: makecab.exe" program="%systemroot%\SysWOW64\makecab.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: mavinject.exe" program="%systemroot%\System32\mavinject.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: mavinject.exe" program="%systemroot%\SysWOW64\mavinject.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Microsoft.Workflow.Compiler.exe" program="%systemroot%\Microsoft.Net\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: mmc.exe" program="%systemroot%\SysWOW64\mmc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: mmc.exe" program="%systemroot%\System32\mmc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.4-0\MpCmdRun.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.7-0\MpCmdRun.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MpCmdRun.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\Msbuild.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\Msbuild.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v3.5\Msbuild.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v3.5\Msbuild.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Msbuild.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: msconfig.exe" program="%systemroot%\System32\msconfig.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Msdt.exe" program="%systemroot%\System32\Msdt.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Msdt.exe" program="%systemroot%\SysWOW64\Msdt.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: mshta.exe" program="%systemroot%\System32\mshta.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: mshta.exe" program="%systemroot%\SysWOW64\mshta.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: msiexec.exe" program="%systemroot%\System32\msiexec.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: msiexec.exe" program="%systemroot%\SysWOW64\msiexec.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Netsh.exe" program="%systemroot%\System32\Netsh.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Netsh.exe" program="%systemroot%\SysWOW64\Netsh.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: notepad.exe" program="%systemroot%\system32\notepad.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: notepad.exe " program="%systemroot%\SysWOW64\notepad.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: odbcconf.exe" program="%systemroot%\System32\odbcconf.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: odbcconf.exe" program="%systemroot%\SysWOW64\odbcconf.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: pcalua.exe" program="%systemroot%\System32\pcalua.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: pcalua.exe" program="%systemroot%\SysWOW64\pcalua.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: pcwrun.exe" program="%systemroot%\System32\pcwrun.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: pcwrun.exe" program="%systemroot%\SysWOW64\pcwrun.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: pktmon.exe" program="%systemroot%\System32\pktmon.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: pktmon.exe" program="%systemroot%\SysWOW64\pktmon.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: powershell.exe" program="%systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: powershell.exe" program="%systemroot%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: powershell_ise.exe" program="%systemroot%\System32\WindowsPowerShell\v1.0\powershell_ise.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: powershell_ise.exe" program="%systemroot%\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Presentationhost.exe" program="%systemroot%\System32\Presentationhost.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Presentationhost.exe" program="%systemroot%\SysWOW64\Presentationhost.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: print.exe" program="%systemroot%\System32\print.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: print.exe" program="%systemroot%\SysWOW64\print.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: psr.exe" program="%systemroot%\System32\psr.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: psr.exe" program="%systemroot%\SysWOW64\psr.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: rasautou.exe" program="%systemroot%\System32\rasautou.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: rasautou.exe" program="%systemroot%\SysWOW64\rasautou.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: reg.exe" program="%systemroot%\System32\reg.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: reg.exe" program="%systemroot%\SysWOW64\reg.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regasm.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\regasm.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\regasm.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regasm.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\regasm.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\regasm.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regedit.exe" program="%systemroot%\System32\regedit.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regedit.exe" program="%systemroot%\SysWOW64\regedit.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regini.exe" program="%systemroot%\System32\regini.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regini.exe" program="%systemroot%\SysWOW64\regini.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Register-cimprovider.exe" program="%systemroot%\System32\Register-cimprovider.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: Register-cimprovider.exe" program="%systemroot%\SysWOW64\Register-cimprovider.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regsvcs.exe" program="%systemroot%\System32\regsvcs.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regsvcs.exe" program="%systemroot%\SysWOW64\regsvcs.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regsvr32.exe" program="%systemroot%\System32\regsvr32.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: regsvr32.exe" program="%systemroot%\SysWOW64\regsvr32.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: replace.exe" program="%systemroot%\System32\replace.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: replace.exe" program="%systemroot%\SysWOW64\replace.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: rpcping.exe" program="%systemroot%\System32\rpcping.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: rpcping.exe" program="%systemroot%\SysWOW64\rpcping.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: rundll32.exe" program="%systemroot%\System32\rundll32.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: rundll32.exe" program="%systemroot%\SysWOW64\rundll32.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: runonce.exe" program="%systemroot%\System32\runonce.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: runonce.exe" program="%systemroot%\SysWOW64\runonce.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: services.exe" program="%systemroot%\System32\services.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: services.exe" program="%systemroot%\SysWOW64\services.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: sc.exe" program="%systemroot%\System32\sc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: sc.exe" program="%systemroot%\SysWOW64\sc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: schtasks.exe" program="%systemroot%\System32\schtasks.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: schtasks.exe" program="%systemroot%\SysWOW64\schtasks.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: scriptrunner.exe" program="%systemroot%\System32\scriptrunner.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: scriptrunner.exe" program="%systemroot%\SysWOW64\scriptrunner.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: SyncAppvPublishingServer.exe" program="%systemroot%\System32\SyncAppvPublishingServer.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: SyncAppvPublishingServer.exe" program="%systemroot%\SysWOW64\SyncAppvPublishingServer.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: telnet.exe" program="%systemroot%\System32\telnet.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: telnet.exe" program="%systemroot%\SysWOW64\telnet.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: tftp.exe" program="%systemroot%\System32\tftp.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: tftp.exe" program="%systemroot%\SysWOW64\tftp.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ttdinject.exe" program="%systemroot%\System32\ttdinject.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: ttdinject.exe" program="%systemroot%\SysWOW64\ttdinject.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: tttracer.exe" program="%systemroot%\System32\tttracer.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: tttracer.exe" program="%systemroot%\SysWOW64\tttracer.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: vbc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\vbc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: vbc.exe" program="%systemroot%\Microsoft.NET\Framework64\v3.5\vbc.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: verclsid.exe" program="%systemroot%\System32\verclsid.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: verclsid.exe" program="%systemroot%\SysWOW64\verclsid.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wab.exe" program="%programfiles%\Windows Mail\wab.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wab.exe" program="%programfiles(x86)%\Windows Mail\wab.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: WerFault.exe" program="%systemroot%\System32\WerFault.exe" protocol=any dir=in enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: WerFault.exe" program="%systemroot%\System32\WerFault.exe" protocol=any dir=in enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: WerFault.exe" program="%systemroot%\SysWOW64\WerFault.exe" protocol=any dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: WerFault.exe" program="%systemroot%\SysWOW64\WerFault.exe" protocol=any dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wininit.exe" program="%systemroot%\System32\wininit.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wininit.exe" program="%systemroot%\SysWOW64\wininit.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: winlogon.exe" program="%systemroot%\System32\winlogon.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: winlogon.exe" program="%systemroot%\SysWOW64\winlogon.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wmic.exe" program="%systemroot%\System32\wbem\wmic.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wmic.exe" program="%systemroot%\SysWOW64\wbem\wmic.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wordpad.exe" program="%programfiles%\windows nt\accessories\wordpad.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wordpad.exe" program="%programfiles(x86)%\windows nt\accessories\wordpad.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wscript.exe" program="%systemroot%\System32\wscript.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wscript.exe" program="%systemroot%\SysWOW64\wscript.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wsreset.exe" program="%systemroot%\System32\wsreset.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: wsreset.exe" program="%systemroot%\SysWOW64\wsreset.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: xwizard.exe" program="%systemroot%\System32\xwizard.exe" protocol=tcp dir=out enable=yes action=block profile=any
                    netsh advfirewall firewall add rule name="Privacy.Sexy rule for: xwizard.exe" program="%systemroot%\SysWOW64\xwizard.exe" protocol=tcp dir=out enable=yes action=block profile=any
                revertCode: |-
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: appvlp.exe" program="C:\%programfiles%\Microsoft Office\root\client\AppVLP.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: appvlp.exe" program="C:\%programfiles(x86)%\Microsoft Office\root\client\AppVLP.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: At.exe" program="%systemroot%\System32\At.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: At.exe" program="%systemroot%\SysWOW64\At.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Attrib.exe" program="%systemroot%\System32\Attrib.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Attrib.exe" program="%systemroot%\SysWOW64\Attrib.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Atbroker.exe" program="%systemroot%\System32\Atbroker.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Atbroker.exe" program="%systemroot%\SysWOW64\Atbroker.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: bash.exe" program="%systemroot%\System32\bash.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: bash.exe" program="%systemroot%\SysWOW64\bash.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: bitsadmin.exe" program="%systemroot%\System32\bitsadmin.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: bitsadmin.exe" program="%systemroot%\SysWOW64\bitsadmin.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: calc.exe" program="%systemroot%\System32\calc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: calc.exe" program="%systemroot%\SysWOW64\calc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: certreq.exe" program="%systemroot%\System32\certreq.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: certreq.exe" program="%systemroot%\SysWOW64\certreq.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: certutil.exe" program="%systemroot%\System32\certutil.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: certutil.exe" program="%systemroot%\SysWOW64\certutil.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: cmdkey.exe" program="%systemroot%\System32\cmdkey.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: cmdkey.exe" program="%systemroot%\SysWOW64\cmdkey.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: cmstp.exe" program="%systemroot%\System32\cmstp.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: cmstp.exe" program="%systemroot%\SysWOW64\cmstp.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: CompatTelRunner.exe" program="%systemroot%\System32\CompatTelRunner.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: CompatTelRunner.exe" program="%systemroot%\SysWOW64\CompatTelRunner.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ConfigSecurityPolicy.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.9-0\ConfigSecurityPolicy.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: control.exe" program="%systemroot%\System32\control.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: control.exe" program="%systemroot%\SysWOW64\control.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Csc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Csc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Csc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Csc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: cscript.exe" program="%systemroot%\System32\cscript.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: cscript.exe" program="%systemroot%\SysWOW64\cscript.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ctfmon.exe" program="%systemroot%\System32\ctfmon.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ctfmon.exe" program="%systemroot%\SysWOW64\ctfmon.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: curl.exe" program="%systemroot%\System32\curl.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: curl.exe" program="%systemroot%\SysWOW64\curl.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: desktopimgdownldr.exe" program="%systemroot%\System32\desktopimgdownldr.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: DeviceDisplayObjectProvider.exe" program="%systemroot%\System32\DeviceDisplayObjectProvider.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: DeviceDisplayObjectProvider.exe" program="%systemroot%\SysWOW64\DeviceDisplayObjectProvider.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Dfsvc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Dfsvc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Dfsvc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Dfsvc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: diskshadow.exe" program="%systemroot%\SysWOW64\diskshadow.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: diskshadow.exe" program="%systemroot%\System32\diskshadow.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Dnscmd.exe" program="%systemroot%\SysWOW64\Dnscmd.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Dnscmd.exe" program="%systemroot%\System32\Dnscmd.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: dwm.exe" program="%systemroot%\SysWOW64\dwm.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: dwm.exe" program="%systemroot%\System32\dwm.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: eventvwr.exe" program="%systemroot%\System32\eventvwr.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: esentutl.exe" program="%systemroot%\SysWOW64\esentutl.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: esentutl.exe" program="%systemroot%\System32\esentutl.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Expand.exe" program="%systemroot%\System32\Expand.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Expand.exe" program="%systemroot%\SysWOW64\Expand.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: explorer.exe" program="%systemroot%\System32\explorer.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: explorer.exe" program="%systemroot%\SysWOW64\explorer.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Extexport.exe" program="%programfiles%\Internet Explorer\Extexport.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Extexport.exe" program="%programfiles(x86)%\Internet Explorer\Extexport.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: extrac32.exe" program="%systemroot%\System32\extrac32.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: extrac32.exe" program="%systemroot%\SysWOW64\extrac32.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: findstr.exe" program="%systemroot%\System32\findstr.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: findstr.exe" program="%systemroot%\SysWOW64\findstr.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: forfiles.exe" program="%systemroot%\System32\forfiles.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: forfiles.exe" program="%systemroot%\SysWOW64\forfiles.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ftp.exe" program="%systemroot%\System32\ftp.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ftp.exe" program="%systemroot%\SysWOW64\ftp.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: gpscript.exe" program="%systemroot%\System32\gpscript.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: gpscript.exe" program="%systemroot%\SysWOW64\gpscript.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: hh.exe" program="%systemroot%\System32\hh.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: hh.exe" program="%systemroot%\SysWOW64\hh.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ie4uinit.exe" program="%systemroot%\System32\ie4uinit.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ie4uinit.exe" program="%systemroot%\SysWOW64\ie4uinit.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ieexec.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\ieexec.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ieexec.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\ieexec.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ilasm.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\ilasm.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ilasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Infdefaultinstall.exe" program="%systemroot%\System32\Infdefaultinstall.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Infdefaultinstall.exe" program="%systemroot%\SysWOW64\Infdefaultinstall.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Jsc.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\Jsc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Jsc.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\Jsc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Jsc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Jsc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Jsc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Jsc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: lsass.exe" program="%systemroot%\System32\lsass.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: lsass.exe" program="%systemroot%\SysWOW64\lsass.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: makecab.exe" program="%systemroot%\System32\makecab.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: makecab.exe" program="%systemroot%\SysWOW64\makecab.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: mavinject.exe" program="%systemroot%\System32\mavinject.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: mavinject.exe" program="%systemroot%\SysWOW64\mavinject.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Microsoft.Workflow.Compiler.exe" program="%systemroot%\Microsoft.Net\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: mmc.exe" program="%systemroot%\SysWOW64\mmc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: mmc.exe" program="%systemroot%\System32\mmc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.4-0\MpCmdRun.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.7-0\MpCmdRun.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MpCmdRun.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\Msbuild.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\Msbuild.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v3.5\Msbuild.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v3.5\Msbuild.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Msbuild.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: msconfig.exe" program="%systemroot%\System32\msconfig.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Msdt.exe" program="%systemroot%\System32\Msdt.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Msdt.exe" program="%systemroot%\SysWOW64\Msdt.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: mshta.exe" program="%systemroot%\System32\mshta.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: mshta.exe" program="%systemroot%\SysWOW64\mshta.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: msiexec.exe" program="%systemroot%\System32\msiexec.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: msiexec.exe" program="%systemroot%\SysWOW64\msiexec.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Netsh.exe" program="%systemroot%\System32\Netsh.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Netsh.exe" program="%systemroot%\SysWOW64\Netsh.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: notepad.exe" program="%systemroot%\system32\notepad.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: notepad.exe " program="%systemroot%\SysWOW64\notepad.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: odbcconf.exe" program="%systemroot%\System32\odbcconf.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: odbcconf.exe" program="%systemroot%\SysWOW64\odbcconf.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: pcalua.exe" program="%systemroot%\System32\pcalua.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: pcalua.exe" program="%systemroot%\SysWOW64\pcalua.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: pcwrun.exe" program="%systemroot%\System32\pcwrun.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: pcwrun.exe" program="%systemroot%\SysWOW64\pcwrun.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: pktmon.exe" program="%systemroot%\System32\pktmon.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: pktmon.exe" program="%systemroot%\SysWOW64\pktmon.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: powershell.exe" program="%systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: powershell.exe" program="%systemroot%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: powershell_ise.exe" program="%systemroot%\System32\WindowsPowerShell\v1.0\powershell_ise.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: powershell_ise.exe" program="%systemroot%\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Presentationhost.exe" program="%systemroot%\System32\Presentationhost.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Presentationhost.exe" program="%systemroot%\SysWOW64\Presentationhost.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: print.exe" program="%systemroot%\System32\print.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: print.exe" program="%systemroot%\SysWOW64\print.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: psr.exe" program="%systemroot%\System32\psr.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: psr.exe" program="%systemroot%\SysWOW64\psr.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: rasautou.exe" program="%systemroot%\System32\rasautou.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: rasautou.exe" program="%systemroot%\SysWOW64\rasautou.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: reg.exe" program="%systemroot%\System32\reg.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: reg.exe" program="%systemroot%\SysWOW64\reg.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regasm.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\regasm.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\regasm.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regasm.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\regasm.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\regasm.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regedit.exe" program="%systemroot%\System32\regedit.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regedit.exe" program="%systemroot%\SysWOW64\regedit.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regini.exe" program="%systemroot%\System32\regini.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regini.exe" program="%systemroot%\SysWOW64\regini.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Register-cimprovider.exe" program="%systemroot%\System32\Register-cimprovider.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: Register-cimprovider.exe" program="%systemroot%\SysWOW64\Register-cimprovider.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regsvcs.exe" program="%systemroot%\System32\regsvcs.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regsvcs.exe" program="%systemroot%\SysWOW64\regsvcs.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regsvr32.exe" program="%systemroot%\System32\regsvr32.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: regsvr32.exe" program="%systemroot%\SysWOW64\regsvr32.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: replace.exe" program="%systemroot%\System32\replace.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: replace.exe" program="%systemroot%\SysWOW64\replace.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: rpcping.exe" program="%systemroot%\System32\rpcping.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: rpcping.exe" program="%systemroot%\SysWOW64\rpcping.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: rundll32.exe" program="%systemroot%\System32\rundll32.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: rundll32.exe" program="%systemroot%\SysWOW64\rundll32.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: runonce.exe" program="%systemroot%\System32\runonce.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: runonce.exe" program="%systemroot%\SysWOW64\runonce.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: services.exe" program="%systemroot%\System32\services.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: services.exe" program="%systemroot%\SysWOW64\services.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: sc.exe" program="%systemroot%\System32\sc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: sc.exe" program="%systemroot%\SysWOW64\sc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: schtasks.exe" program="%systemroot%\System32\schtasks.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: schtasks.exe" program="%systemroot%\SysWOW64\schtasks.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: scriptrunner.exe" program="%systemroot%\System32\scriptrunner.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: scriptrunner.exe" program="%systemroot%\SysWOW64\scriptrunner.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: SyncAppvPublishingServer.exe" program="%systemroot%\System32\SyncAppvPublishingServer.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: SyncAppvPublishingServer.exe" program="%systemroot%\SysWOW64\SyncAppvPublishingServer.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: telnet.exe" program="%systemroot%\System32\telnet.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: telnet.exe" program="%systemroot%\SysWOW64\telnet.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: tftp.exe" program="%systemroot%\System32\tftp.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: tftp.exe" program="%systemroot%\SysWOW64\tftp.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ttdinject.exe" program="%systemroot%\System32\ttdinject.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: ttdinject.exe" program="%systemroot%\SysWOW64\ttdinject.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: tttracer.exe" program="%systemroot%\System32\tttracer.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: tttracer.exe" program="%systemroot%\SysWOW64\tttracer.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: vbc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\vbc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: vbc.exe" program="%systemroot%\Microsoft.NET\Framework64\v3.5\vbc.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: verclsid.exe" program="%systemroot%\System32\verclsid.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: verclsid.exe" program="%systemroot%\SysWOW64\verclsid.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wab.exe" program="%programfiles%\Windows Mail\wab.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wab.exe" program="%programfiles(x86)%\Windows Mail\wab.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: WerFault.exe" program="%systemroot%\System32\WerFault.exe" protocol=any dir=in profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: WerFault.exe" program="%systemroot%\SysWOW64\WerFault.exe" protocol=any dir=in profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: WerFault.exe" program="%systemroot%\System32\WerFault.exe" protocol=any dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: WerFault.exe" program="%systemroot%\SysWOW64\WerFault.exe" protocol=any dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wininit.exe" program="%systemroot%\System32\wininit.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wininit.exe" program="%systemroot%\SysWOW64\wininit.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: winlogon.exe" program="%systemroot%\System32\winlogon.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: winlogon.exe" program="%systemroot%\SysWOW64\winlogon.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wmic.exe" program="%systemroot%\System32\wbem\wmic.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wmic.exe" program="%systemroot%\SysWOW64\wbem\wmic.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wordpad.exe" program="%programfiles%\windows nt\accessories\wordpad.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wordpad.exe" program="%programfiles(x86)%\windows nt\accessories\wordpad.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wscript.exe" program="%systemroot%\System32\wscript.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wscript.exe" program="%systemroot%\SysWOW64\wscript.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wsreset.exe" program="%systemroot%\System32\wsreset.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: wsreset.exe" program="%systemroot%\SysWOW64\wsreset.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: xwizard.exe" program="%systemroot%\System32\xwizard.exe" protocol=tcp dir=out profile=any
                    netsh advfirewall firewall delete rule name="Privacy.Sexy rule for: xwizard.exe" program="%systemroot%\SysWOW64\xwizard.exe" protocol=tcp dir=out profile=any

[undergroundwires]

Hi @sopla4ever , thanks! Another very good suggestion to enforce best practices and cheers for putting an effort into writing this in yaml structure, it helps a lot.

I believe we need more granularity here.. I believe we should categorize rules. Something like:

• (category) Firewall hardening - block LOLBINs
  • (script) Block bash
  • Code: ..bash.exe..
  • (script) Block telnet
  • Code: ..telnet.exe..
  • (script) Block PowerShell
  • Code: ..powershell.exe..
  • (script) Block WordPad
  • Code: ..wordpad.exe..
  • ...

This way users can choose what to block or not in detail if they want, or as more abstract categories. For example I'd like to block all other services but but keep bash.exe and curl.exe unblocked.

[dennyamarojr]

Firewall hardening it's something that I believe will need take sometime due the fact, we need take the right ports, and also programs ports to make the hardening easy for any user. Also needs tests in all the popular software to see if we got any problem or it's OK to use.

Example: Block HTTP port, users will not able to access websites that use HTTP so this might get a lot trouble ,because some programs, games use HTTP instead only HTTPS.

But this is a good start :)

[dennyamarojr]

Have some time I didn't update the application.yaml and has a reason, I'm testing some configurations and also testing the simplewall (to make the hardening better, sometimes through windows firewall, windows ignore some rules), so I will add the file for simplewall too and the command to download the simplewall through CMD, and the right command to import the configuration in simplewall too :)

[femdiya]

@undergroundwires This was removed from 0.11.0, any plans to re-intruduce it on up coming versions?