Marie Olgin
Posts: 135 +0
OTL Extras logfile created on: 6/23/2013 2:35:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marie\Dropbox\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.99 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 66.75% Memory free
12.09 Gb Paging File | 9.88 Gb Available in Paging File | 81.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.69 Gb Total Space | 80.73 Gb Free Space | 17.91% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.26 Gb Free Space | 48.43% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Marie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = D8 05 5F 39 DC 72 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BC983C1-D2ED-4EEA-ACE4-44CAB460453A}" = lport=40080 | protocol=6 | dir=in | name=remote access media server |
"{110D04DF-28E7-41ED-88E1-BA4A2AE4E817}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1149577D-7090-4BA2-8E3E-32F5DD3A34CB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{13DE940B-16B8-4EAF-BA1F-9C156A501CF4}" = lport=40092 | protocol=6 | dir=in | name=streaming web cam |
"{14C6B14C-6C6C-40FD-A418-9982B7BCB84C}" = lport=40093 | protocol=6 | dir=in | name=streaming web cam |
"{1A193BC1-BA4A-42B3-B6EE-27B3DDEA6657}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1C0F61C5-549C-4BF9-BB5A-8A87A25A5CF7}" = lport=3390 | protocol=6 | dir=in | app=system |
"{1F069A56-1736-417C-846C-3ACA03F6AA4F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{20485A4C-AC31-4A46-936B-F88F8411F5B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{229B2E81-854D-49DC-A98D-31CE85C94DD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{237238F4-16BB-4286-A707-B0CDC45FDA60}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{240AECE1-11F2-4D28-AFC4-6E63282ED355}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{249ABFD8-F1C8-444B-8658-243448E66B57}" = rport=10244 | protocol=6 | dir=out | app=system |
"{298D3D02-8898-4C3F-88E1-FC63B030C769}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3B68D5D6-1D32-453B-A0FF-F525A2C27A25}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B46D378-10BF-441C-90BF-5A10E2861EF6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DAD5103-47C9-4275-AFF6-808F90EEEEAC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{576177F4-2673-44DD-9643-36A07B9C4198}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5823C674-CB03-415D-A51F-89326B74B578}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{59F0196D-E289-4781-9420-18FC70C58484}" = rport=10244 | protocol=6 | dir=out | app=system |
"{5B07E1C4-75A1-436E-99E5-4B837FD29D72}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B95956B-4AA6-42B6-A588-A963934B3596}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5CC51B66-F238-47A3-97E6-8016758739BD}" = lport=10244 | protocol=6 | dir=in | app=system |
"{5CD83181-EF29-4DE2-BC7B-950F4D9561BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{671CB1A2-BB7C-4706-AD28-18FBD3953A36}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69584812-26B5-4495-A408-141590AB4E1C}" = rport=139 | protocol=6 | dir=out | app=system |
"{6C06B41E-FB5B-414E-AC3C-4614EA59141F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6E3EB9F5-8EF9-4CBE-8003-DB6F68291206}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6FAE0A13-B61E-4F1C-A227-4455AFBAF53E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{75833F58-3DB7-418C-A860-1AAA185D068D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7A502ED7-B0FD-4670-A5A0-6D652CA731CD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7BEEC133-CF89-493C-A275-2468DEDFAA84}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D9DA985-0468-40D1-A5AE-B00068F96AF1}" = rport=137 | protocol=17 | dir=out | app=system |
"{803DEF6F-70EE-4EF7-8692-4B6C5056EC1D}" = lport=3390 | protocol=6 | dir=in | app=system |
"{8921C703-804A-46B8-B8D3-9ABB5879E1A0}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8B97571F-4231-4996-A6B9-1D79C7D01B01}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8CD521D3-8DDA-44FD-9DCB-6DEABD7064F5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{911C62C5-68EC-4A24-AD49-05C353ACBAAE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{915AD26A-8313-4761-90F0-D66A2754D128}" = lport=40091 | protocol=6 | dir=in | name=streaming web cam |
"{92CB85C2-A36D-444C-9F65-664ED7817AF7}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{948685E0-C3D5-49FF-9E20-B3EF38A749AD}" = lport=137 | protocol=17 | dir=in | app=system |
"{975870A2-37B6-4045-A117-114150FFB4D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98C5646F-113F-4277-A04D-5F79FCE39C50}" = lport=445 | protocol=6 | dir=in | app=system |
"{99B6D8BC-A74E-40DE-9102-744DC9F0BAA1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A03150AE-694A-45BB-B740-C3E0ED63F624}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A54AE22F-E02F-44CE-9AA1-732899BEC615}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A96038A0-8A35-45DB-897E-E00B2E296212}" = lport=40090 | protocol=6 | dir=in | name=streaming web cam |
"{A97E1231-7D50-4C7F-A674-9CFDAA9F5452}" = rport=138 | protocol=17 | dir=out | app=system |
"{B0AFC472-B3F3-4DF9-962D-A91475608F32}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{B43887CD-5A9F-4BBE-85E2-B20ABF63E469}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B4EE9705-6FA5-4A10-9758-FF10EBDE47D9}" = lport=40094 | protocol=6 | dir=in | name=streaming web cam |
"{B4FF6FFA-5ED3-4C5B-96AB-8CBE238790B1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B827D519-E246-4720-BBEF-4DF6790B06BF}" = lport=139 | protocol=6 | dir=in | app=system |
"{BB252072-9640-4828-982B-C5EC61BA3BF2}" = lport=138 | protocol=17 | dir=in | app=system |
"{BFC6093B-423A-45A8-99EB-695CDC9C1E05}" = lport=5900 | protocol=6 | dir=in | name=ultravnc server |
"{C4D0E297-1BD5-4D5A-969E-823ADC4EBF8F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA5D5104-4519-45EE-8CA0-3C35221CA4A1}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{D4D17E36-A99B-4B0E-BFFB-6C8C7F470FEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DBEE46A1-74AC-4B85-9DE3-7937A1992B4C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DF0BF26B-42C8-4393-ABC7-A763BD787406}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E878FFF0-E9C4-48D9-B5C0-12EEBC35CB8A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EBB98E53-05E8-4D8F-ABF0-35C3F2791026}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F4B7D705-3FB9-4CD8-A7FB-A46107E65D7B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F795727C-FBAB-4D3F-8A68-86B09FDF0473}" = lport=10244 | protocol=6 | dir=in | app=system |
"{FA442705-9C92-404D-8AB4-9F2D065CB8DB}" = rport=445 | protocol=6 | dir=out | app=system |
"{FD854CB1-1E98-40A1-AADF-94E0B1B33F3B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDBF8989-5A4C-486A-8893-0AFD0B4BA4CB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013D694A-6C24-4829-B1B7-3D0E4ECCAA37}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{0144221C-E2C5-4B56-939B-D19A560FFBD3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{02F6C235-9E08-446F-B66B-42D15182769F}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\hpnetworkcommunicator.exe |
"{03B39BA4-A9AB-479C-B1E8-D9AA5D4CAABB}" = protocol=17 | dir=in | app=c:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe |
"{07F472D5-0C7A-45E2-96DA-686EB0725F7D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{099A40C4-80F5-42E1-AE26-304124697623}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{0CAC50B4-5FC5-4668-8BAC-6DDC318DCD9C}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{0F014101-C892-411A-90FB-5318C677FD3F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\mysql\bin\mysql.exe |
"{0FEA2215-116F-45AE-922E-F5ACAF4B44F8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{109B77A0-617B-4CA5-A1A4-C6976BFD8F76}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\apache\bin\httpd.exe |
"{13423D55-609E-4737-AF1A-7FB7519EA389}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{144984B4-0922-424E-92E0-CF7C318D8C90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A7035FA-CBE3-492A-9618-1DE0B270818A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{1B846503-B427-444C-A239-D822C5095ACD}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\apache\bin\httpd.exe |
"{21A28268-A57A-4CEC-AB92-5276047BA136}" = dir=in | app=tracsrvwrapper.exe |
"{282FEE7E-491C-4C3C-A277-553C99F3C5B9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28FCB6F9-5A69-402D-A3B4-9F8C47C34A8A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{29DAEA33-7AF9-423A-9A47-79EC30AC98F8}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{2BE7E735-9A88-4752-8FD3-3478406F9435}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{2CEC4974-397C-4F70-9A0B-CD013878CD4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{33267A97-FF2E-4DDA-8426-16F3E74F0E38}" = dir=in | app=c:\program files (x86)\checkpoint\securemote\bin\sr_service.exe |
"{352E7ED3-79AA-4BFD-BCCC-A7AA3FCAB884}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{36DC7654-719E-4B39-8505-78F006F345CD}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\vlc\vlc.exe |
"{3A0BD7EF-EE09-4C2A-8A5B-69C4C6ED4463}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\advanced networking service\hnm_svc.exe |
"{3B058E27-6D77-43DA-84A4-68E0A95FB08A}" = dir=in | app=c:\program files (x86)\avg\avg8\avgnsa.exe |
"{3B8DC91E-A4F6-4355-A1FF-9E7382537CD1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3C269FA9-2569-4F20-BCE3-D2B88C1C6A66}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{482F17EA-97AF-4BA8-BA03-64A0DA44A368}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\apache\php.exe |
"{4929F89D-2F73-498C-9A62-A6D305B46504}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{4B331E71-1BA7-4654-B1DA-9286673E9E86}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{4E145EE3-B63A-4177-A40E-453F100B7F59}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{4E1DFA30-D6D3-4A90-85F3-301F84A8B7B6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{50D52633-6312-43E2-A198-CE9F1B79DE6F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\apache\php.exe |
"{51F84165-FE98-41BC-9E0C-3259E104D03B}" = protocol=17 | dir=in | app=c:\programdata\ultravnc\winvnc.exe |
"{55724F4E-12B7-4BD2-9E52-A58250B259E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5722E152-E2B9-4817-95BF-3E8ED720F811}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5BC41D47-540F-4726-9F48-E2CE3316B890}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5CA582FF-F6C9-4E82-9CC7-D716177CD774}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\vlc\vlc.exe |
"{5CA66D63-1E35-45D6-9E98-797FF2AE99CA}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{66535982-AC25-4669-BD4A-A311C768128B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\advanced networking service\hnm_svc.exe |
"{6E2F6D72-2D2D-4FB2-A814-0A8C9B6C73F8}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{6EABFA1C-3E20-48C0-B89C-A2714141250D}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\devicesetup.exe |
"{6F9650D7-8669-4235-9422-78355AA97460}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7264DB74-7CA9-4DD2-A22A-B2366BFE36AF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{73EC2E8B-6EE3-40B8-990E-733F41E0F7E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7460FF57-95C6-4A09-B1E6-5B8C444BCE50}" = dir=in | app=c:\program files (x86)\checkpoint\securemote\bin\sr_gui.exe |
"{76954E87-E3F5-40D1-9937-C22C93B64A2A}" = protocol=6 | dir=out | app=system |
"{7816547E-8718-49B2-8958-1385B1B34D62}" = protocol=17 | dir=in | app=c:\program files (x86)\dell remote access\ezi_ra.exe |
"{7835BB78-50D1-4E64-A126-E8D7E9756515}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{7A72198D-EA94-4BB4-8E1B-3844457D7BAF}" = dir=in | app=c:\program files (x86)\avg\avg8\avgupd.exe |
"{7CDD1163-5181-4353-9DF1-8AB7226771CD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7D363997-1EEC-4F8E-BB90-EA82072DD613}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{7F6677D0-9ECC-4478-B6D7-20675B26DC15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7FF7A5BB-0DE2-484C-A18F-EF9B426EC8FF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{81C928F0-8E1E-4F5A-BF7C-D216E67B7544}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\mysql\bin\mysql.exe |
"{820F534C-211F-4C98-8525-9B094CBE8521}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{82A7AA83-570C-42A2-96DD-29919152B9A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83A9C709-EC1F-4D8E-AAEC-24EF3749568A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{8BBC299C-F325-4BA9-A29B-BDA5F158575F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8E23B41B-CF37-4AD4-8859-D7D45B3F764B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9202FE1C-A6E2-4E18-9B3C-AF383CC60FE1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{9373FAF0-2A3F-4E2C-9437-C5E22F22530F}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{938740F5-889E-40A3-ABA4-9D7E9111091D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{93B07C1B-8FAE-4AC3-A4C3-57D96A3EAD81}" = protocol=6 | dir=in | app=c:\programdata\ultravnc\winvnc.exe |
"{96029AC9-3228-4638-83B6-CEFF5E04FC10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9728EB0D-B8A6-4E96-BA90-16D534AEF556}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{988626C3-AA09-418E-AC8D-401FB2ADB743}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B443C55-4D75-4BA3-98AD-33329C3B949D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9D7A4E8C-A2FD-44B9-9556-C18753B8AF43}" = dir=in | app=c:\program files (x86)\checkpoint\securemote\bin\scc.exe |
"{9E45168F-A653-4BFD-ABFF-AAD9C5649EF2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9EFEF532-ECEC-45A2-ACA4-19930DB393CB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A7E5F410-0C8F-48EE-A5E3-5290349825F3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AC7A930E-D275-4DAB-841C-0F99A9C3EBB3}" = dir=in | app=trgui.exe |
"{AD4C4973-BB89-4C02-B8D2-CA2CFA9C0EF2}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{AF0289D6-DEA9-4428-83B5-D36D5A6EFB65}" = protocol=6 | dir=in | app=c:\program files (x86)\dell remote access\ezi_ra.exe |
"{B0381D70-FE38-4090-AB00-DB6BE4BF5F28}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B328CC70-EE12-4582-A5A2-E1C1907D47A4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B67F0036-1C03-469F-AD1A-C45D81B84B15}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\hpnetworkcommunicatorcom.exe |
"{B84B7B01-34CE-4499-BF99-56FDAA3D4E58}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{B9734F1F-4A69-4FA5-A97B-12DB8DE23FBF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BD2E4BD2-5E5E-4B89-BB15-DC0BF71F90B9}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{C114B8F0-F2A5-4656-8F70-55199575216E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\remote access file sync service\dsl_fs_sync.exe |
"{C3177110-CC2A-44BD-89F3-D5D6A39CF90A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C5318E33-33C9-4955-8CC7-10BA0A332D37}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{C913A520-7236-4A30-8A96-D5F125F3AEA1}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{CDA20227-35B5-4B9D-9A12-DF8B4058656F}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{CDE0D37F-4950-479D-9981-02A635357538}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D0152CDB-2F4A-4AD5-A332-7D98DF28721C}" = dir=in | app=c:\program files (x86)\checkpoint\endpoint connect\trgui.exe |
"{D1DCACF8-B1F9-41DA-8407-108D14B20628}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D3750468-D431-424C-A16D-EEEB137991EF}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\mysql\bin\mysqld.exe |
"{D4440A63-8CE3-470D-98CC-5D7F3A3A9DC7}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{D58E3663-2A99-48EF-AD95-E8903FABD9FD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{DEF4EDDB-DC02-4110-B48A-48AD3452F5FB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DF72939A-EA73-44F3-BA67-132507EEA922}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{DFEA7901-9E65-4544-9D94-40D4C13912BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E415B23D-06E6-4825-9ABF-A2C28A685A7D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA98B1F8-333B-4BA3-B1B2-D259515C78AE}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{EED6C3C7-114F-4C41-AB6A-14E973E385AE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F014BFFE-5861-49D7-9A64-EE0969B527E6}" = protocol=6 | dir=in | app=c:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe |
"{F6128022-3541-4C06-B3EE-0C03DFD2192A}" = dir=in | app=c:\program files (x86)\checkpoint\endpoint connect\tracsrvwrapper.exe |
"{F94DF9F5-DEB7-4E58-BD3A-A0779C7C90D5}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\mysql\bin\mysqld.exe |
"{F9F9667C-F91C-4F82-BADE-91FBB1C08147}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{FA38D644-FB2B-44A1-A659-EB31055BB4CA}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{FA5732A6-8DCD-42CC-A95C-63696AF369D7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{FE50ADAA-9E50-4EF0-86E6-5DBCFF04573E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\remote access file sync service\dsl_fs_sync.exe |
"{FE7E375B-EBD8-4042-82DA-11493622147B}" = dir=in | app=c:\program files (x86)\checkpoint\securemote\bin\sr_diagnostics.exe |
"{FF0E6F59-37F4-4ED8-BA83-089B9759C88B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"TCP Query User{0AD1D6CD-2F7C-4696-98F9-7BB817525246}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{1BB1E82A-FF04-4A9D-ACE9-CAB9AE3503D1}C:\users\marie\appdata\roaming\macromedia\flash player\" = protocol=6 | dir=in | app=c:\users\marie\appdata\roaming\macromedia\flash player\ |
"TCP Query User{1E9629FC-D7CD-4823-9A41-32E269DCFEEB}C:\program files (x86)\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"TCP Query User{4A0CB4A0-EAAD-4114-825E-8E1538BBACBB}C:\program files (x86)\java\jre1.6.0_07\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.6.0_07\bin\javaw.exe |
"TCP Query User{55060A4B-C64E-4846-90C1-7202B2F1AD15}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{82066DA3-E310-4412-981F-C1BDD49FEE93}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{870B98E9-BE7B-4477-945B-9280EF596455}C:\program files (x86)\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"TCP Query User{8CB7FB7B-1B90-49D1-9793-B1CF12DFB935}C:\program files (x86)\ncp\secureclient\ncpmon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ncp\secureclient\ncpmon.exe |
"TCP Query User{C2023E34-36D6-47AF-96E0-D376D649059F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{C23BC181-EE2C-478C-8F13-07731839D036}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{CA2437F7-306A-4B68-AE5E-4598CD931321}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{DE110466-2B17-463E-AB1A-8FC1171250F1}C:\users\marie\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\marie\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{F496B85D-767A-4258-96EC-11F601B8A225}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{152EB6DF-58FD-445E-854C-C99BD82DEAB2}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{291656F8-4450-4CB0-9529-790BDA424597}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{3C985922-4517-4B1D-AFE2-96627FF07B96}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{4BDA11D8-9363-4AB8-8A80-D6E32444D58E}C:\program files (x86)\java\jre1.6.0_07\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.6.0_07\bin\javaw.exe |
"UDP Query User{8308F56B-39C9-43A3-A739-2956E29FFC9E}C:\program files (x86)\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"UDP Query User{8B2CAE9C-4C2D-4AD6-81A1-C8E152F119D2}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{903E7072-6AC2-49CE-9381-FB56C12E8AEA}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{A0A1E8A9-693D-450F-97B6-8E86B223C190}C:\users\marie\appdata\roaming\macromedia\flash player\" = protocol=17 | dir=in | app=c:\users\marie\appdata\roaming\macromedia\flash player\ |
"UDP Query User{A294ECD6-1D47-4E7C-9B24-4BB88E38296F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{A2A1DC5B-CB39-443B-97B9-073DA44DD796}C:\users\marie\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\marie\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{A7B263A6-9899-47DE-856E-AD931EED4C69}C:\program files (x86)\ncp\secureclient\ncpmon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ncp\secureclient\ncpmon.exe |
"UDP Query User{AC7CA63A-C40E-4A53-8267-E02C706BAF6E}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{F1491C00-379B-4011-A3E1-44CFBBA1F77F}C:\program files (x86)\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marie\Dropbox\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.99 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 66.75% Memory free
12.09 Gb Paging File | 9.88 Gb Available in Paging File | 81.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.69 Gb Total Space | 80.73 Gb Free Space | 17.91% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.26 Gb Free Space | 48.43% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Marie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = D8 05 5F 39 DC 72 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BC983C1-D2ED-4EEA-ACE4-44CAB460453A}" = lport=40080 | protocol=6 | dir=in | name=remote access media server |
"{110D04DF-28E7-41ED-88E1-BA4A2AE4E817}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1149577D-7090-4BA2-8E3E-32F5DD3A34CB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{13DE940B-16B8-4EAF-BA1F-9C156A501CF4}" = lport=40092 | protocol=6 | dir=in | name=streaming web cam |
"{14C6B14C-6C6C-40FD-A418-9982B7BCB84C}" = lport=40093 | protocol=6 | dir=in | name=streaming web cam |
"{1A193BC1-BA4A-42B3-B6EE-27B3DDEA6657}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1C0F61C5-549C-4BF9-BB5A-8A87A25A5CF7}" = lport=3390 | protocol=6 | dir=in | app=system |
"{1F069A56-1736-417C-846C-3ACA03F6AA4F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{20485A4C-AC31-4A46-936B-F88F8411F5B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{229B2E81-854D-49DC-A98D-31CE85C94DD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{237238F4-16BB-4286-A707-B0CDC45FDA60}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{240AECE1-11F2-4D28-AFC4-6E63282ED355}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{249ABFD8-F1C8-444B-8658-243448E66B57}" = rport=10244 | protocol=6 | dir=out | app=system |
"{298D3D02-8898-4C3F-88E1-FC63B030C769}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3B68D5D6-1D32-453B-A0FF-F525A2C27A25}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B46D378-10BF-441C-90BF-5A10E2861EF6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DAD5103-47C9-4275-AFF6-808F90EEEEAC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{576177F4-2673-44DD-9643-36A07B9C4198}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5823C674-CB03-415D-A51F-89326B74B578}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{59F0196D-E289-4781-9420-18FC70C58484}" = rport=10244 | protocol=6 | dir=out | app=system |
"{5B07E1C4-75A1-436E-99E5-4B837FD29D72}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B95956B-4AA6-42B6-A588-A963934B3596}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5CC51B66-F238-47A3-97E6-8016758739BD}" = lport=10244 | protocol=6 | dir=in | app=system |
"{5CD83181-EF29-4DE2-BC7B-950F4D9561BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{671CB1A2-BB7C-4706-AD28-18FBD3953A36}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69584812-26B5-4495-A408-141590AB4E1C}" = rport=139 | protocol=6 | dir=out | app=system |
"{6C06B41E-FB5B-414E-AC3C-4614EA59141F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6E3EB9F5-8EF9-4CBE-8003-DB6F68291206}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6FAE0A13-B61E-4F1C-A227-4455AFBAF53E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{75833F58-3DB7-418C-A860-1AAA185D068D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7A502ED7-B0FD-4670-A5A0-6D652CA731CD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7BEEC133-CF89-493C-A275-2468DEDFAA84}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D9DA985-0468-40D1-A5AE-B00068F96AF1}" = rport=137 | protocol=17 | dir=out | app=system |
"{803DEF6F-70EE-4EF7-8692-4B6C5056EC1D}" = lport=3390 | protocol=6 | dir=in | app=system |
"{8921C703-804A-46B8-B8D3-9ABB5879E1A0}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8B97571F-4231-4996-A6B9-1D79C7D01B01}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8CD521D3-8DDA-44FD-9DCB-6DEABD7064F5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{911C62C5-68EC-4A24-AD49-05C353ACBAAE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{915AD26A-8313-4761-90F0-D66A2754D128}" = lport=40091 | protocol=6 | dir=in | name=streaming web cam |
"{92CB85C2-A36D-444C-9F65-664ED7817AF7}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{948685E0-C3D5-49FF-9E20-B3EF38A749AD}" = lport=137 | protocol=17 | dir=in | app=system |
"{975870A2-37B6-4045-A117-114150FFB4D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98C5646F-113F-4277-A04D-5F79FCE39C50}" = lport=445 | protocol=6 | dir=in | app=system |
"{99B6D8BC-A74E-40DE-9102-744DC9F0BAA1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A03150AE-694A-45BB-B740-C3E0ED63F624}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A54AE22F-E02F-44CE-9AA1-732899BEC615}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A96038A0-8A35-45DB-897E-E00B2E296212}" = lport=40090 | protocol=6 | dir=in | name=streaming web cam |
"{A97E1231-7D50-4C7F-A674-9CFDAA9F5452}" = rport=138 | protocol=17 | dir=out | app=system |
"{B0AFC472-B3F3-4DF9-962D-A91475608F32}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{B43887CD-5A9F-4BBE-85E2-B20ABF63E469}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B4EE9705-6FA5-4A10-9758-FF10EBDE47D9}" = lport=40094 | protocol=6 | dir=in | name=streaming web cam |
"{B4FF6FFA-5ED3-4C5B-96AB-8CBE238790B1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B827D519-E246-4720-BBEF-4DF6790B06BF}" = lport=139 | protocol=6 | dir=in | app=system |
"{BB252072-9640-4828-982B-C5EC61BA3BF2}" = lport=138 | protocol=17 | dir=in | app=system |
"{BFC6093B-423A-45A8-99EB-695CDC9C1E05}" = lport=5900 | protocol=6 | dir=in | name=ultravnc server |
"{C4D0E297-1BD5-4D5A-969E-823ADC4EBF8F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA5D5104-4519-45EE-8CA0-3C35221CA4A1}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{D4D17E36-A99B-4B0E-BFFB-6C8C7F470FEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DBEE46A1-74AC-4B85-9DE3-7937A1992B4C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DF0BF26B-42C8-4393-ABC7-A763BD787406}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E878FFF0-E9C4-48D9-B5C0-12EEBC35CB8A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EBB98E53-05E8-4D8F-ABF0-35C3F2791026}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F4B7D705-3FB9-4CD8-A7FB-A46107E65D7B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F795727C-FBAB-4D3F-8A68-86B09FDF0473}" = lport=10244 | protocol=6 | dir=in | app=system |
"{FA442705-9C92-404D-8AB4-9F2D065CB8DB}" = rport=445 | protocol=6 | dir=out | app=system |
"{FD854CB1-1E98-40A1-AADF-94E0B1B33F3B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDBF8989-5A4C-486A-8893-0AFD0B4BA4CB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013D694A-6C24-4829-B1B7-3D0E4ECCAA37}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{0144221C-E2C5-4B56-939B-D19A560FFBD3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{02F6C235-9E08-446F-B66B-42D15182769F}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\hpnetworkcommunicator.exe |
"{03B39BA4-A9AB-479C-B1E8-D9AA5D4CAABB}" = protocol=17 | dir=in | app=c:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe |
"{07F472D5-0C7A-45E2-96DA-686EB0725F7D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{099A40C4-80F5-42E1-AE26-304124697623}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{0CAC50B4-5FC5-4668-8BAC-6DDC318DCD9C}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{0F014101-C892-411A-90FB-5318C677FD3F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\mysql\bin\mysql.exe |
"{0FEA2215-116F-45AE-922E-F5ACAF4B44F8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{109B77A0-617B-4CA5-A1A4-C6976BFD8F76}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\apache\bin\httpd.exe |
"{13423D55-609E-4737-AF1A-7FB7519EA389}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{144984B4-0922-424E-92E0-CF7C318D8C90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A7035FA-CBE3-492A-9618-1DE0B270818A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{1B846503-B427-444C-A239-D822C5095ACD}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\apache\bin\httpd.exe |
"{21A28268-A57A-4CEC-AB92-5276047BA136}" = dir=in | app=tracsrvwrapper.exe |
"{282FEE7E-491C-4C3C-A277-553C99F3C5B9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28FCB6F9-5A69-402D-A3B4-9F8C47C34A8A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{29DAEA33-7AF9-423A-9A47-79EC30AC98F8}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{2BE7E735-9A88-4752-8FD3-3478406F9435}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{2CEC4974-397C-4F70-9A0B-CD013878CD4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{33267A97-FF2E-4DDA-8426-16F3E74F0E38}" = dir=in | app=c:\program files (x86)\checkpoint\securemote\bin\sr_service.exe |
"{352E7ED3-79AA-4BFD-BCCC-A7AA3FCAB884}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{36DC7654-719E-4B39-8505-78F006F345CD}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\vlc\vlc.exe |
"{3A0BD7EF-EE09-4C2A-8A5B-69C4C6ED4463}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\advanced networking service\hnm_svc.exe |
"{3B058E27-6D77-43DA-84A4-68E0A95FB08A}" = dir=in | app=c:\program files (x86)\avg\avg8\avgnsa.exe |
"{3B8DC91E-A4F6-4355-A1FF-9E7382537CD1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3C269FA9-2569-4F20-BCE3-D2B88C1C6A66}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{482F17EA-97AF-4BA8-BA03-64A0DA44A368}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\apache\php.exe |
"{4929F89D-2F73-498C-9A62-A6D305B46504}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{4B331E71-1BA7-4654-B1DA-9286673E9E86}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{4E145EE3-B63A-4177-A40E-453F100B7F59}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{4E1DFA30-D6D3-4A90-85F3-301F84A8B7B6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{50D52633-6312-43E2-A198-CE9F1B79DE6F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\apache\php.exe |
"{51F84165-FE98-41BC-9E0C-3259E104D03B}" = protocol=17 | dir=in | app=c:\programdata\ultravnc\winvnc.exe |
"{55724F4E-12B7-4BD2-9E52-A58250B259E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5722E152-E2B9-4817-95BF-3E8ED720F811}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5BC41D47-540F-4726-9F48-E2CE3316B890}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5CA582FF-F6C9-4E82-9CC7-D716177CD774}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\vlc\vlc.exe |
"{5CA66D63-1E35-45D6-9E98-797FF2AE99CA}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{66535982-AC25-4669-BD4A-A311C768128B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\advanced networking service\hnm_svc.exe |
"{6E2F6D72-2D2D-4FB2-A814-0A8C9B6C73F8}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{6EABFA1C-3E20-48C0-B89C-A2714141250D}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\devicesetup.exe |
"{6F9650D7-8669-4235-9422-78355AA97460}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7264DB74-7CA9-4DD2-A22A-B2366BFE36AF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{73EC2E8B-6EE3-40B8-990E-733F41E0F7E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7460FF57-95C6-4A09-B1E6-5B8C444BCE50}" = dir=in | app=c:\program files (x86)\checkpoint\securemote\bin\sr_gui.exe |
"{76954E87-E3F5-40D1-9937-C22C93B64A2A}" = protocol=6 | dir=out | app=system |
"{7816547E-8718-49B2-8958-1385B1B34D62}" = protocol=17 | dir=in | app=c:\program files (x86)\dell remote access\ezi_ra.exe |
"{7835BB78-50D1-4E64-A126-E8D7E9756515}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{7A72198D-EA94-4BB4-8E1B-3844457D7BAF}" = dir=in | app=c:\program files (x86)\avg\avg8\avgupd.exe |
"{7CDD1163-5181-4353-9DF1-8AB7226771CD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7D363997-1EEC-4F8E-BB90-EA82072DD613}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{7F6677D0-9ECC-4478-B6D7-20675B26DC15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7FF7A5BB-0DE2-484C-A18F-EF9B426EC8FF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{81C928F0-8E1E-4F5A-BF7C-D216E67B7544}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\mysql\bin\mysql.exe |
"{820F534C-211F-4C98-8525-9B094CBE8521}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{82A7AA83-570C-42A2-96DD-29919152B9A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83A9C709-EC1F-4D8E-AAEC-24EF3749568A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{8BBC299C-F325-4BA9-A29B-BDA5F158575F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8E23B41B-CF37-4AD4-8859-D7D45B3F764B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9202FE1C-A6E2-4E18-9B3C-AF383CC60FE1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{9373FAF0-2A3F-4E2C-9437-C5E22F22530F}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{938740F5-889E-40A3-ABA4-9D7E9111091D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{93B07C1B-8FAE-4AC3-A4C3-57D96A3EAD81}" = protocol=6 | dir=in | app=c:\programdata\ultravnc\winvnc.exe |
"{96029AC9-3228-4638-83B6-CEFF5E04FC10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9728EB0D-B8A6-4E96-BA90-16D534AEF556}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{988626C3-AA09-418E-AC8D-401FB2ADB743}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B443C55-4D75-4BA3-98AD-33329C3B949D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9D7A4E8C-A2FD-44B9-9556-C18753B8AF43}" = dir=in | app=c:\program files (x86)\checkpoint\securemote\bin\scc.exe |
"{9E45168F-A653-4BFD-ABFF-AAD9C5649EF2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9EFEF532-ECEC-45A2-ACA4-19930DB393CB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A7E5F410-0C8F-48EE-A5E3-5290349825F3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AC7A930E-D275-4DAB-841C-0F99A9C3EBB3}" = dir=in | app=trgui.exe |
"{AD4C4973-BB89-4C02-B8D2-CA2CFA9C0EF2}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{AF0289D6-DEA9-4428-83B5-D36D5A6EFB65}" = protocol=6 | dir=in | app=c:\program files (x86)\dell remote access\ezi_ra.exe |
"{B0381D70-FE38-4090-AB00-DB6BE4BF5F28}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B328CC70-EE12-4582-A5A2-E1C1907D47A4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B67F0036-1C03-469F-AD1A-C45D81B84B15}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\hpnetworkcommunicatorcom.exe |
"{B84B7B01-34CE-4499-BF99-56FDAA3D4E58}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{B9734F1F-4A69-4FA5-A97B-12DB8DE23FBF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BD2E4BD2-5E5E-4B89-BB15-DC0BF71F90B9}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{C114B8F0-F2A5-4656-8F70-55199575216E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\remote access file sync service\dsl_fs_sync.exe |
"{C3177110-CC2A-44BD-89F3-D5D6A39CF90A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C5318E33-33C9-4955-8CC7-10BA0A332D37}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{C913A520-7236-4A30-8A96-D5F125F3AEA1}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{CDA20227-35B5-4B9D-9A12-DF8B4058656F}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{CDE0D37F-4950-479D-9981-02A635357538}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D0152CDB-2F4A-4AD5-A332-7D98DF28721C}" = dir=in | app=c:\program files (x86)\checkpoint\endpoint connect\trgui.exe |
"{D1DCACF8-B1F9-41DA-8407-108D14B20628}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D3750468-D431-424C-A16D-EEEB137991EF}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\mysql\bin\mysqld.exe |
"{D4440A63-8CE3-470D-98CC-5D7F3A3A9DC7}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{D58E3663-2A99-48EF-AD95-E8903FABD9FD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{DEF4EDDB-DC02-4110-B48A-48AD3452F5FB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DF72939A-EA73-44F3-BA67-132507EEA922}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{DFEA7901-9E65-4544-9D94-40D4C13912BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E415B23D-06E6-4825-9ABF-A2C28A685A7D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA98B1F8-333B-4BA3-B1B2-D259515C78AE}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{EED6C3C7-114F-4C41-AB6A-14E973E385AE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F014BFFE-5861-49D7-9A64-EE0969B527E6}" = protocol=6 | dir=in | app=c:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe |
"{F6128022-3541-4C06-B3EE-0C03DFD2192A}" = dir=in | app=c:\program files (x86)\checkpoint\endpoint connect\tracsrvwrapper.exe |
"{F94DF9F5-DEB7-4E58-BD3A-A0779C7C90D5}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\mysql\bin\mysqld.exe |
"{F9F9667C-F91C-4F82-BADE-91FBB1C08147}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{FA38D644-FB2B-44A1-A659-EB31055BB4CA}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{FA5732A6-8DCD-42CC-A95C-63696AF369D7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{FE50ADAA-9E50-4EF0-86E6-5DBCFF04573E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\remote access file sync service\dsl_fs_sync.exe |
"{FE7E375B-EBD8-4042-82DA-11493622147B}" = dir=in | app=c:\program files (x86)\checkpoint\securemote\bin\sr_diagnostics.exe |
"{FF0E6F59-37F4-4ED8-BA83-089B9759C88B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"TCP Query User{0AD1D6CD-2F7C-4696-98F9-7BB817525246}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{1BB1E82A-FF04-4A9D-ACE9-CAB9AE3503D1}C:\users\marie\appdata\roaming\macromedia\flash player\" = protocol=6 | dir=in | app=c:\users\marie\appdata\roaming\macromedia\flash player\ |
"TCP Query User{1E9629FC-D7CD-4823-9A41-32E269DCFEEB}C:\program files (x86)\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"TCP Query User{4A0CB4A0-EAAD-4114-825E-8E1538BBACBB}C:\program files (x86)\java\jre1.6.0_07\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.6.0_07\bin\javaw.exe |
"TCP Query User{55060A4B-C64E-4846-90C1-7202B2F1AD15}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{82066DA3-E310-4412-981F-C1BDD49FEE93}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{870B98E9-BE7B-4477-945B-9280EF596455}C:\program files (x86)\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"TCP Query User{8CB7FB7B-1B90-49D1-9793-B1CF12DFB935}C:\program files (x86)\ncp\secureclient\ncpmon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ncp\secureclient\ncpmon.exe |
"TCP Query User{C2023E34-36D6-47AF-96E0-D376D649059F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{C23BC181-EE2C-478C-8F13-07731839D036}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{CA2437F7-306A-4B68-AE5E-4598CD931321}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{DE110466-2B17-463E-AB1A-8FC1171250F1}C:\users\marie\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\marie\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{F496B85D-767A-4258-96EC-11F601B8A225}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{152EB6DF-58FD-445E-854C-C99BD82DEAB2}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{291656F8-4450-4CB0-9529-790BDA424597}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{3C985922-4517-4B1D-AFE2-96627FF07B96}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{4BDA11D8-9363-4AB8-8A80-D6E32444D58E}C:\program files (x86)\java\jre1.6.0_07\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.6.0_07\bin\javaw.exe |
"UDP Query User{8308F56B-39C9-43A3-A739-2956E29FFC9E}C:\program files (x86)\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"UDP Query User{8B2CAE9C-4C2D-4AD6-81A1-C8E152F119D2}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{903E7072-6AC2-49CE-9381-FB56C12E8AEA}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{A0A1E8A9-693D-450F-97B6-8E86B223C190}C:\users\marie\appdata\roaming\macromedia\flash player\" = protocol=17 | dir=in | app=c:\users\marie\appdata\roaming\macromedia\flash player\ |
"UDP Query User{A294ECD6-1D47-4E7C-9B24-4BB88E38296F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{A2A1DC5B-CB39-443B-97B9-073DA44DD796}C:\users\marie\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\marie\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{A7B263A6-9899-47DE-856E-AD931EED4C69}C:\program files (x86)\ncp\secureclient\ncpmon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ncp\secureclient\ncpmon.exe |
"UDP Query User{AC7CA63A-C40E-4A53-8267-E02C706BAF6E}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{F1491C00-379B-4011-A3E1-44CFBBA1F77F}C:\program files (x86)\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |