#Run powershell as Administrator echo This section shuts down screenconnect, connectwise, manage engine Threats Firewall Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" -Name "{63323EE8-AF83-40E1-B7E4-DEDBD1E8AAC1}" -Value "v2.33|Action=Block|Active=TRUE|Dir=In|Protocol=17|LPort=75|Name=000ScreenConnect ConnectWise UDP 75 - Shutdown|" Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" -Name "{D6CC8A38-E4B7-4AE9-B6BD-E023AE7035C1}" -Value "v2.33|Action=Block|Active=TRUE|Dir=Out|Protocol=17|RPort=75|Name=000ScreenConnect ConnectWise UDP 75 - Shutdown|" Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" -Name "{AD7C05D8-80FF-4462-A09E-9F68E9A7381E}" -Value "v2.33|Action=Block|Active=TRUE|Dir=In|Protocol=6|LPort2_10=8040-8041|Name=000ScreenConnect ConnectWise ManageEngine TCP 8040-8041 - Shutdown|" Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" -Name "{84D47A0F-4380-4E4B-B19D-AC69282ADCA6}" -Value "v2.33|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort2_10=8040-8041|Name=000ScreenConnect ConnectWise ManageEngine TCP 8040-8041 - Shutdown|" echo This section shuts down AnyDesk Threats Firewall Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" -Name "{50941E0A-0465-4205-9C6E-5AE4FA183910}" -Value "v2.33|Action=Block|Active=TRUE|Dir=In|Protocol=17|LPort2_10=50001-50003|Name=001AnyDesk UDP 50001-50003 - Shutdown|" Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" -Name "{E2B4364E-91A6-4B8A-A0C6-1A5A2B5114CF}" -Value "v2.33|Action=Block|Active=TRUE|Dir=Out|Protocol=17|RPort2_10=50001-50003|Name=001AnyDesk UDP 50001-50003 - Shutdown|" Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" -Name "{69984BB0-7E12-4A49-B393-0C6543A5C626}" -Value "v2.33|Action=Block|Active=TRUE|Dir=In|Protocol=6|LPort=6568|Name=001AnyDesk TCP 6568 - Shutdown|" Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" -Name "{B9B2B968-6A85-4762-A788-4F8BB4B82955}" -Value "v2.33|Action=Block|Active=TRUE|Dir=Out|Protocol=6|RPort=6568|Name=001AnyDesk TCP 6568 - Shutdown|" Echo This is to block Microsoft Edge from getting AnyDesk, TeamViewer, Logmein, Ammyy, ScreenConnect # Define the registry path for Edge Policies $RegistryPath = "HKLM:\SOFTWARE\Policies\Microsoft\Edge" # Create the keys if they do not already exist if (-not (Test-Path $RegistryPath)) { New-Item -Path $RegistryPath -Force | Out-Null } if (-not (Test-Path "$RegistryPath\URLBlocklist")) { New-Item -Path "$RegistryPath\URLBlocklist" -Force | Out-Null } if (-not (Test-Path "$RegistryPath\URLAllowlist")) { New-Item -Path "$RegistryPath\URLAllowlist" -Force | Out-Null } # Block all websites # Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "1" -Value "*" -Force # Set-ItemProperty -Path "$RegistryPath\URLAllowlist" -Name "1" -Value "*.splashtop.com" -Force # Add allowed websites (Repeat and increment the Name like "2", "3" for more sites) Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "1" -Value "remotedesktop.google.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "2" -Value "ammyy.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "3" -Value "*.ammyy.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "4" -Value "anydesk.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "5" -Value "*.anydesk.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "6" -Value "logmein.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "7" -Value "*.logmein.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "8" -Value "teamviewer.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "9" -Value "*.teamviewer.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "10" -Value "screenconnect.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "11" -Value "*.screenconnect.com" -Force Write-Host "Edge block/allow lists applied. Please restart Microsoft Edge." -ForegroundColor Green Echo This is to block Google Chrome from getting AnyDesk, TeamViewer, Logmein, Ammyy, ScreenConnect # Define the registry path for Chrome Policies $RegistryPath = "HKLM:\SOFTWARE\Policies\Google\Chrome" # Create the keys if they do not already exist if (-not (Test-Path $RegistryPath)) { New-Item -Path $RegistryPath -Force | Out-Null } if (-not (Test-Path "$RegistryPath\URLBlocklist")) { New-Item -Path "$RegistryPath\URLBlocklist" -Force | Out-Null } if (-not (Test-Path "$RegistryPath\URLAllowlist")) { New-Item -Path "$RegistryPath\URLAllowlist" -Force | Out-Null } # Block all websites # Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "1" -Value "*" -Force # Set-ItemProperty -Path "$RegistryPath\URLAllowlist" -Name "1" -Value "*.splashtop.com" -Force # Add allowed websites (Repeat and increment the Name like "2", "3" for more sites) Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "1" -Value "remotedesktop.google.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "2" -Value "ammyy.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "3" -Value "*.ammyy.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "4" -Value "anydesk.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "5" -Value "*.anydesk.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "6" -Value "logmein.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "7" -Value "*.logmein.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "8" -Value "teamviewer.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "9" -Value "*.teamviewer.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "10" -Value "screenconnect.com" -Force Set-ItemProperty -Path "$RegistryPath\URLBlocklist" -Name "11" -Value "*.screenconnect.com" -Force Write-Host "Chrome block/allow lists applied. Please restart Google Chrome." -ForegroundColor Green Echo This is to block Mozilla Firefox from getting to NON-USA Country Codes and REMOTE ACCESS AnyDesk, TeamViewer, Logmein, Ammyy, ScreenConnect # Define the registry paths for Firefox WebsiteFilter $BaseRegPath = "HKLM:\SOFTWARE\Policies\Mozilla\Firefox" $FilterRegPath = "$BaseRegPath\WebsiteFilter" $BlockRegPath = "$FilterRegPath\Block" # 1. Create the keys if they do not exist if (!(Test-Path $BaseRegPath)) { New-Item -Path $BaseRegPath -Force | Out-Null } if (!(Test-Path $FilterRegPath)) { New-Item -Path $FilterRegPath -Force | Out-Null } if (!(Test-Path $BlockRegPath)) { New-Item -Path $BlockRegPath -Force | Out-Null } # 2. Define your URL blocklist (Supports wildcards like * and ) $BlockList = @( "*://*.AF/*", "*://*.AX/*", "*://*.AL/*", "*://*.DZ/*", "*://*.AS/*", "*://*.AD/*", "*://*.AO/*", "*://*.AI/*", "*://*.AQ/*", "*://*.AG/*", "*://*.AR/*", "*://*.AM/*", "*://*.AW/*", "*://*.AU/*", "*://*.AT/*", "*://*.AZ/*", "*://*.BS/*", "*://*.BH/*", "*://*.BD/*", "*://*.BB/*", "*://*.BY/*", "*://*.BE/*", "*://*.BZ/*", "*://*.BJ/*", "*://*.BM/*", "*://*.BT/*", "*://*.BO/*", "*://*.BQ/*", "*://*.BA/*", "*://*.BW/*", "*://*.BV/*", "*://*.BR/*", "*://*.IO/*", "*://*.BN/*", "*://*.BG/*", "*://*.BF/*", "*://*.BI/*", "*://*.KH/*", "*://*.CM/*", "*://*.CA/*", "*://*.CV/*", "*://*.KY/*", "*://*.CF/*", "*://*.TD/*", "*://*.CL/*", "*://*.CN/*", "*://*.CX/*", "*://*.CC/*", "*://*.CO/*", "*://*.KM/*", "*://*.CG/*", "*://*.CD/*", "*://*.CK/*", "*://*.CR/*", "*://*.CI/*", "*://*.HR/*", "*://*.CU/*", "*://*.CW/*", "*://*.CY/*", "*://*.CZ/*", "*://*.DK/*", "*://*.DJ/*", "*://*.DM/*", "*://*.DO/*", "*://*.EC/*", "*://*.EG/*", "*://*.SV/*", "*://*.GQ/*", "*://*.ER/*", "*://*.EE/*", "*://*.ET/*", "*://*.FK/*", "*://*.FO/*", "*://*.FJ/*", "*://*.FI/*", "*://*.FR/*", "*://*.GF/*", "*://*.PF/*", "*://*.TF/*", "*://*.GA/*", "*://*.GM/*", "*://*.GE/*", "*://*.DE/*", "*://*.GH/*", "*://*.GI/*", "*://*.GR/*", "*://*.GL/*", "*://*.GD/*", "*://*.GP/*", "*://*.GU/*", "*://*.GT/*", "*://*.GG/*", "*://*.GN/*", "*://*.GW/*", "*://*.GY/*", "*://*.HT/*", "*://*.HM/*", "*://*.VA/*", "*://*.HN/*", "*://*.HK/*", "*://*.HU/*", "*://*.IS/*", "*://*.IN/*", "*://*.ID/*", "*://*.IR/*", "*://*.IQ/*", "*://*.IE/*", "*://*.IM/*", "*://*.IL/*", "*://*.IT/*", "*://*.JM/*", "*://*.JP/*", "*://*.JE/*", "*://*.JO/*", "*://*.KZ/*", "*://*.KE/*", "*://*.KI/*", "*://*.KP/*", "*://*.KR/*", "*://*.KW/*", "*://*.KG/*", "*://*.LA/*", "*://*.LV/*", "*://*.LB/*", "*://*.LS/*", "*://*.LR/*", "*://*.LY/*", "*://*.LI/*", "*://*.LT/*", "*://*.LU/*", "*://*.MO/*", "*://*.MK/*", "*://*.MG/*", "*://*.MW/*", "*://*.MY/*", "*://*.MV/*", "*://*.ML/*", "*://*.MT/*", "*://*.MH/*", "*://*.MQ/*", "*://*.MR/*", "*://*.MU/*", "*://*.YT/*", "*://*.MX/*", "*://*.FM/*", "*://*.MD/*", "*://*.MC/*", "*://*.MN/*", "*://*.ME/*", "*://*.MS/*", "*://*.MA/*", "*://*.MZ/*", "*://*.MM/*", "*://*.NA/*", "*://*.NR/*", "*://*.NP/*", "*://*.NL/*", "*://*.NC/*", "*://*.NZ/*", "*://*.NI/*", "*://*.NE/*", "*://*.NG/*", "*://*.NU/*", "*://*.NF/*", "*://*.MP/*", "*://*.NO/*", "*://*.OM/*", "*://*.PK/*", "*://*.PW/*", "*://*.PS/*", "*://*.PA/*", "*://*.PG/*", "*://*.PY/*", "*://*.PE/*", "*://*.PH/*", "*://*.PN/*", "*://*.PL/*", "*://*.PT/*", "*://*.PR/*", "*://*.QA/*", "*://*.RE/*", "*://*.RO/*", "*://*.RU/*", "*://*.RW/*", "*://*.BL/*", "*://*.SH/*", "*://*.KN/*", "*://*.LC/*", "*://*.MF/*", "*://*.PM/*", "*://*.VC/*", "*://*.WS/*", "*://*.SM/*", "*://*.ST/*", "*://*.SA/*", "*://*.SN/*", "*://*.RS/*", "*://*.SC/*", "*://*.SL/*", "*://*.SG/*", "*://*.SX/*", "*://*.SK/*", "*://*.SI/*", "*://*.SB/*", "*://*.SO/*", "*://*.ZA/*", "*://*.GS/*", "*://*.SS/*", "*://*.ES/*", "*://*.LK/*", "*://*.SD/*", "*://*.SR/*", "*://*.SJ/*", "*://*.SZ/*", "*://*.SE/*", "*://*.CH/*", "*://*.SY/*", "*://*.TW/*", "*://*.TJ/*", "*://*.TZ/*", "*://*.TH/*", "*://*.TL/*", "*://*.TG/*", "*://*.TK/*", "*://*.TO/*", "*://*.TT/*", "*://*.TN/*", "*://*.TR/*", "*://*.TM/*", "*://*.TC/*", "*://*.TV/*", "*://*.UG/*", "*://*.UA/*", "*://*.AE/*", "*://*.GB/*", "*://*.UM/*", "*://*.UY/*", "*://*.UZ/*", "*://*.VU/*", "*://*.VE/*", "*://*.VN/*", "*://*.VG/*", "*://*.VI/*", "*://*.WF/*", "*://*.EH/*", "*://*.YE/*", "*://*.ZM/*", "*://*.ZW/*", "*://*.ammyy.com/*", "*://*.anydesk.com/*", "*://*.logmein.com/*", "*://*.teamviewer.com/*", "*://*.screenconnect.com/*", "*://remotedesktop.google.com*" ) # 3. Add the blocklist items to the registry for ($i = 0; $i -lt $BlockList.Count; $i++) { # Registry entries must be numbered sequentially starting from 1 $ValueName = ($i + 1).ToString() New-ItemProperty -Path $BlockRegPath -Name $ValueName -Value $BlockList[$i] -PropertyType String -Force | Out-Null } Write-Host "Firefox URL blocks successfully applied to Registry!" -ForegroundColor Green