Action Center, Windows Update, and Windows Defender icons are still missing from the Control Panel. A "new updates are available" notification icon now appears in the bottom of the screen, but when I click on it, noting happens. Here are the logs.
Fix result of Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
Ran by Amanda (16-01-2019 21:59:30) Run:3
Running from C:\Users\Amanda\Desktop
Loaded Profiles: Amanda (Available Profiles: Amanda)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
Startregedit:
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\ConSecRules]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DefaultInboundAction"=-
"DefaultOutboundAction"=-
"DisableUnicastResponsesToMulticastBroadcast"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\Phase1AuthenticationSets]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\Phase2AuthenticationSets]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DefaultInboundAction"=-
"DefaultOutboundAction"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DefaultInboundAction"=-
"DefaultOutboundAction"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess]
"DisplayName"="@%SystemRoot%\\system32\\ipnathlp.dll,-106"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\ipnathlp.dll,-107"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000020
"DependOnService"=hex(7):4e,00,65,00,74,00,6d,00,61,00,6e,00,00,00,57,00,69,00,\
6e,00,4d,00,67,00,6d,00,74,00,00,00,52,00,61,00,73,00,4d,00,61,00,6e,00,00,\
00,42,00,46,00,45,00,00,00,00,00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,\
00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,\
00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
53,00,65,00,4c,00,6f,00,61,00,64,00,44,00,72,00,69,00,76,00,65,00,72,00,50,\
00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,\
61,00,6b,00,65,00,4f,00,77,00,6e,00,65,00,72,00,73,00,68,00,69,00,70,00,50,\
00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:84,03,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Defaults]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Defaults\FirewallPolicy]
"IPSecExempt"=dword:00000009
"DisableStatefulFTP"=dword:00000000
"DisableStatefulPPTP"=dword:00000000
"PolicyVersion"=dword:0000020a
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Defaults\FirewallPolicy\DomainProfile]
"DisableNotifications"=dword:00000000
"EnableFirewall"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging]
"LogFileSize"=dword:00001000
"LogFilePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
4c,00,6f,00,67,00,46,00,69,00,6c,00,65,00,73,00,5c,00,46,00,69,00,72,00,65,\
00,77,00,61,00,6c,00,6c,00,5c,00,70,00,66,00,69,00,72,00,65,00,77,00,61,00,\
6c,00,6c,00,2e,00,6c,00,6f,00,67,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Defaults\FirewallPolicy\FirewallRules]
"SSTP-IN-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=443|App=System|[email protected],-35002|[email protected],-35003|[email protected],-35001|"
"Netlogon-NamedPipe-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|[email protected],-1003|[email protected],-1006|[email protected],-1010|"
"SNMPTRAP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=162|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\snmptrap.exe|Svc=SNMPTRAP|[email protected],-7|[email protected],-8|[email protected],-3|"
"SNMPTRAP-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=162|App=%SystemRoot%\\system32\\snmptrap.exe|Svc=SNMPTRAP|[email protected],-7|[email protected],-8|[email protected],-3|"
"WMP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|App=%ProgramFiles%\\Windows Media Player\\wmplayer.exe|[email protected],-31003|[email protected],-31006|[email protected],-31002|"
"WMP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|App=%ProgramFiles%\\Windows Media Player\\wmplayer.exe|[email protected],-31007|[email protected],-31010|[email protected],-31002|"
"WMP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%ProgramFiles%\\Windows Media Player\\wmplayer.exe|[email protected],-31011|[email protected],-31014|[email protected],-31002|"
"WMPNSS-QWave-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=2177|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31253|[email protected],-31256|[email protected],-31252|"
"WMPNSS-QWave-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=2177|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31257|[email protected],-31260|[email protected],-31252|"
"WMPNSS-QWave-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=2177|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31261|[email protected],-31264|[email protected],-31252|"
"WMPNSS-QWave-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=2177|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31265|[email protected],-31268|[email protected],-31252|"
"WMPNSS-HTTPSTR-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=10243|App=System|[email protected],-31285|[email protected],-31288|[email protected],-31252|"
"WMPNSS-HTTPSTR-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=10243|App=System|[email protected],-31289|[email protected],-31292|[email protected],-31252|"
"WMPNSS-WMP-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31293|[email protected],-31296|[email protected],-31252|"
"WMPNSS-WMP-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31297|[email protected],-31300|[email protected],-31252|"
"WMPNSS-WMP-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31301|[email protected],-31304|[email protected],-31252|"
"WMPNSS-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31305|[email protected],-31308|[email protected],-31252|"
"WMPNSS-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31309|[email protected],-31312|[email protected],-31252|"
"WMPNSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31313|[email protected],-31316|[email protected],-31252|"
"WMPNSS-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31317|[email protected],-31320|[email protected],-31252|"
"WMPNSS-QWave-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31253|[email protected],-31256|[email protected],-31252|"
"WMPNSS-QWave-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31257|[email protected],-31260|[email protected],-31252|"
"WMPNSS-QWave-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31261|[email protected],-31264|[email protected],-31252|"
"WMPNSS-QWave-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31265|[email protected],-31268|[email protected],-31252|"
"WMPNSS-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=ssdpsrv|[email protected],-31269|[email protected],-31272|[email protected],-31252|"
"WMPNSS-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=ssdpsrv|[email protected],-31273|[email protected],-31276|[email protected],-31252|"
"WMPNSS-UPnPHost-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31277|[email protected],-31280|[email protected],-31252|"
"WMPNSS-UPnPHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31281|[email protected],-31284|[email protected],-31252|"
"WMPNSS-HTTPSTR-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=10243|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31285|[email protected],-31288|[email protected],-31252|"
"WMPNSS-HTTPSTR-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=10243|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31289|[email protected],-31292|[email protected],-31252|"
"WMPNSS-WMP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31293|[email protected],-31296|[email protected],-31252|"
"WMPNSS-WMP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31297|[email protected],-31300|[email protected],-31252|"
"WMPNSS-WMP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31301|[email protected],-31304|[email protected],-31252|"
"WMPNSS-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31305|[email protected],-31308|[email protected],-31252|"
"WMPNSS-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31309|[email protected],-31312|[email protected],-31252|"
"WMPNSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31313|[email protected],-31316|[email protected],-31252|"
"WMPNSS-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31317|[email protected],-31320|[email protected],-31252|"
"WMPNSS-UPnP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-31321|[email protected],-31322|[email protected],-31252|"
"WMPNSS-RME-HTTP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=10245|App=System|[email protected],-31501|[email protected],-31502|[email protected],-31500|Edge=TRUE|Defer=App|"
"Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|LPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=p2psvc|Name=@%systemroot%\\system32\\provsvc.dll,-200|Desc=@%systemroot%\\system32\\provsvc.dll,-201|EmbedCtxt=@%systemroot%\\system32\\provsvc.dll,-202|"
"Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|RPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=p2psvc|Name=@%systemroot%\\system32\\provsvc.dll,-203|Desc=@%systemroot%\\system32\\provsvc.dll,-204|EmbedCtxt=@%systemroot%\\system32\\provsvc.dll,-202|"
"Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|LPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\\system32\\provsvc.dll,-205|Desc=@%systemroot%\\system32\\provsvc.dll,-206|EmbedCtxt=@%systemroot%\\system32\\provsvc.dll,-202|"
"Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|RPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\\system32\\provsvc.dll,-207|Desc=@%systemroot%\\system32\\provsvc.dll,-208|EmbedCtxt=@%systemroot%\\system32\\provsvc.dll,-202|"
"Collab-P2PHost-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|App=%SystemRoot%\\system32\\p2phost.exe|[email protected],-32003|[email protected],-32006|[email protected],-32002|Edge=TRUE|Defer=App|"
"Collab-P2PHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\\system32\\p2phost.exe|[email protected],-32007|[email protected],-32010|[email protected],-32002|"
"Collab-P2PHost-WSD-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\p2phost.exe|[email protected],-32011|[email protected],-32014|[email protected],-32002|"
"Collab-P2PHost-WSD-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\p2phost.exe|[email protected],-32015|[email protected],-32018|[email protected],-32002|"
"Collab-PNRP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3540|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|[email protected],-32019|[email protected],-32022|[email protected],-32002|Edge=TRUE|Defer=App|"
"Collab-PNRP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3540|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|[email protected],-32023|[email protected],-32026|[email protected],-32002|"
"Collab-PNRP-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32027|[email protected],-32030|[email protected],-32002|"
"Collab-PNRP-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32031|[email protected],-32034|[email protected],-32002|"
"RemoteAssistance-In-TCP-EdgeScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|App=%SystemRoot%\\system32\\msra.exe|[email protected],-33003|[email protected],-33006|[email protected],-33002|Edge=TRUE|Defer=App|"
"RemoteAssistance-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|App=%SystemRoot%\\system32\\msra.exe|[email protected],-33007|[email protected],-33010|[email protected],-33002|"
"RemoteAssistance-PnrpSvc-UDP-In-EdgeScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Public|LPort=3540|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|[email protected],-33039|[email protected],-33040|[email protected],-33002|Edge=TRUE|Defer=App|"
"RemoteAssistance-PnrpSvc-UDP-OUT"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Public|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|[email protected],-33037|[email protected],-33038|[email protected],-33002|"
"RemoteAssistance-RAServer-In-TCP-NoScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\raserver.exe|[email protected],-33011|[email protected],-33014|[email protected],-33002|"
"RemoteAssistance-RAServer-Out-TCP-NoScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\raserver.exe|[email protected],-33015|[email protected],-33018|[email protected],-33002|"
"RemoteAssistance-DCOM-In-TCP-NoScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-33035|[email protected],-33036|[email protected],-33002|"
"RemoteAssistance-In-TCP-EdgeScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|App=%SystemRoot%\\system32\\msra.exe|[email protected],-33003|[email protected],-33006|[email protected],-33002|Edge=TRUE|Defer=App|"
"RemoteAssistance-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|App=%SystemRoot%\\system32\\msra.exe|[email protected],-33007|[email protected],-33010|[email protected],-33002|"
"RemoteAssistance-SSDPSrv-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-33019|[email protected],-33022|[email protected],-33002|"
"RemoteAssistance-SSDPSrv-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|Profile=Private|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-33023|[email protected],-33026|[email protected],-33002|"
"RemoteAssistance-SSDPSrv-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-33027|[email protected],-33030|[email protected],-33002|"
"RemoteAssistance-SSDPSrv-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-33031|[email protected],-33034|[email protected],-33002|"
"RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|LPort=3540|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|[email protected],-33039|[email protected],-33040|[email protected],-33002|Edge=TRUE|Defer=App|"
"RemoteAssistance-PnrpSvc-UDP-OUT-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|Profile=Private|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|[email protected],-33037|[email protected],-33038|[email protected],-33002|"
"FPS-NB_Session-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|[email protected],-28503|[email protected],-28506|[email protected],-28502|"
"FPS-NB_Session-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=139|App=System|[email protected],-28507|[email protected],-28510|[email protected],-28502|"
"FPS-SMB-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|[email protected],-28511|[email protected],-28514|[email protected],-28502|"
"FPS-SMB-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=445|App=System|[email protected],-28515|[email protected],-28518|[email protected],-28502|"
"FPS-NB_Name-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|[email protected],-28519|[email protected],-28522|[email protected],-28502|"
"FPS-NB_Name-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=137|App=System|[email protected],-28523|[email protected],-28526|[email protected],-28502|"
"FPS-NB_Datagram-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|[email protected],-28527|[email protected],-28530|[email protected],-28502|"
"FPS-NB_Datagram-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=138|App=System|[email protected],-28531|[email protected],-28534|[email protected],-28502|"
"FPS-SpoolSvc-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\spoolsv.exe|Svc=Spooler|[email protected],-28535|[email protected],-28538|[email protected],-28502|"
"FPS-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|[email protected],-28539|[email protected],-28542|[email protected],-28502|"
"FPS-ICMP4-ERQ-In-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|[email protected],-28543|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP4-ERQ-Out-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=1|Profile=Domain|ICMP4=8:*|[email protected],-28544|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP6-ERQ-In-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|[email protected],-28545|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP6-ERQ-Out-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=58|Profile=Domain|ICMP6=128:*|[email protected],-28546|[email protected],-28547|[email protected],-28502|"
"FPS-NB_Session-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28503|[email protected],-28506|[email protected],-28502|"
"FPS-NB_Session-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28507|[email protected],-28510|[email protected],-28502|"
"FPS-SMB-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28511|[email protected],-28514|[email protected],-28502|"
"FPS-SMB-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28515|[email protected],-28518|[email protected],-28502|"
"FPS-NB_Name-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28519|[email protected],-28522|[email protected],-28502|"
"FPS-NB_Name-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28523|[email protected],-28526|[email protected],-28502|"
"FPS-NB_Datagram-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28527|[email protected],-28530|[email protected],-28502|"
"FPS-NB_Datagram-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28531|[email protected],-28534|[email protected],-28502|"
"FPS-SpoolSvc-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\spoolsv.exe|Svc=Spooler|[email protected],-28535|[email protected],-28538|[email protected],-28502|"
"FPS-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|Svc=Rpcss|[email protected],-28539|[email protected],-28542|[email protected],-28502|"
"FPS-ICMP4-ERQ-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Profile=Private|Profile=Public|ICMP4=8:*|RA4=LocalSubnet|[email protected],-28543|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP4-ERQ-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=1|Profile=Private|Profile=Public|ICMP4=8:*|RA4=LocalSubnet|[email protected],-28544|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP6-ERQ-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Profile=Private|Profile=Public|ICMP6=128:*|RA6=LocalSubnet|[email protected],-28545|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP6-ERQ-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=58|Profile=Private|Profile=Public|ICMP6=128:*|RA6=LocalSubnet|[email protected],-28546|[email protected],-28547|[email protected],-28502|"
"FPS-LLMNR-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-28548|[email protected],-28549|[email protected],-28502|"
"FPS-LLMNR-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-28550|[email protected],-28551|[email protected],-28502|"
"CoreNet-ICMP6-DU-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=1:*|App=System|[email protected],-25110|[email protected],-25112|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-PTB-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=2:*|App=System|[email protected],-25001|[email protected],-25007|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-PTB-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=2:*|[email protected],-25002|[email protected],-25007|[email protected],-25000|"
"CoreNet-ICMP6-TE-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=3:*|App=System|[email protected],-25113|[email protected],-25115|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-TE-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=3:*|[email protected],-25114|[email protected],-25115|[email protected],-25000|"
"CoreNet-ICMP6-PP-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=4:*|App=System|[email protected],-25116|[email protected],-25118|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-PP-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=4:*|[email protected],-25117|[email protected],-25118|[email protected],-25000|"
"CoreNet-ICMP6-NDS-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=135:*|App=System|[email protected],-25019|[email protected],-25025|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-NDS-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=135:*|[email protected],-25020|[email protected],-25025|[email protected],-25000|"
"CoreNet-ICMP6-NDA-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=136:*|App=System|[email protected],-25026|[email protected],-25032|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-NDA-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=136:*|[email protected],-25027|[email protected],-25032|[email protected],-25000|"
"CoreNet-ICMP6-RA-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=134:*|RA6=fe80::/64|App=System|[email protected],-25012|[email protected],-25018|[email protected],-25000|"
"CoreNet-ICMP6-RA-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=134:*|LA6=fe80::/64|RA6=LocalSubnet|RA6=fe80::/64|RA6=ff02::1|[email protected],-25013|[email protected],-25018|[email protected],-25000|"
"CoreNet-ICMP6-RS-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=133:*|App=System|[email protected],-25009|[email protected],-25011|[email protected],-25000|"
"CoreNet-ICMP6-RS-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=133:*|RA6=LocalSubnet|RA6=fe80::/64|RA6=ff02::2|[email protected],-25008|[email protected],-25011|[email protected],-25000|"
"CoreNet-ICMP6-LQ-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=130:*|RA6=LocalSubnet|App=System|[email protected],-25061|[email protected],-25067|[email protected],-25000|"
"CoreNet-ICMP6-LQ-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=130:*|RA6=LocalSubnet|[email protected],-25062|[email protected],-25067|[email protected],-25000|"
"CoreNet-ICMP6-LR-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=131:*|RA6=LocalSubnet|App=System|[email protected],-25068|[email protected],-25074|[email protected],-25000|"
"CoreNet-ICMP6-LR-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=131:*|RA6=LocalSubnet|[email protected],-25069|[email protected],-25074|[email protected],-25000|"
"CoreNet-ICMP6-LR2-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|App=System|[email protected],-25075|[email protected],-25081|[email protected],-25000|"
"CoreNet-ICMP6-LR2-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|[email protected],-25076|[email protected],-25081|[email protected],-25000|"
"CoreNet-ICMP6-LD-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=132:*|RA6=LocalSubnet|App=System|[email protected],-25082|[email protected],-25088|[email protected],-25000|"
"CoreNet-ICMP6-LD-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=132:*|RA6=LocalSubnet|[email protected],-25083|[email protected],-25088|[email protected],-25000|"
"CoreNet-ICMP4-DUFRAG-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|ICMP4=3:4|App=System|[email protected],-25251|[email protected],-25257|[email protected],-25000|"
"CoreNet-IGMP-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=2|App=System|[email protected],-25376|[email protected],-25382|[email protected],-25000|"
"CoreNet-IGMP-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=2|App=System|[email protected],-25377|[email protected],-25382|[email protected],-25000|"
"CoreNet-DHCP-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=68|RPort=67|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|[email protected],-25301|[email protected],-25303|[email protected],-25000|"
"CoreNet-DHCP-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=68|RPort=67|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|[email protected],-25302|[email protected],-25303|[email protected],-25000|"
"CoreNet-DHCPV6-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=546|RPort=547|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|[email protected],-25304|[email protected],-25306|[email protected],-25000|"
"CoreNet-DHCPV6-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=546|RPort=547|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|[email protected],-25305|[email protected],-25306|[email protected],-25000|"
"CoreNet-Teredo-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=Teredo|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|[email protected],-25326|[email protected],-25332|[email protected],-25000|"
"CoreNet-Teredo-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|[email protected],-25327|[email protected],-25333|[email protected],-25000|"
"CoreNet-IPHTTPS-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=IPTLSIn|LPort2_10=IPHTTPSIn|App=System|[email protected],-25426|[email protected],-25428|[email protected],-25000|"
"CoreNet-IPHTTPS-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort2_10=IPTLSOut|RPort2_10=IPHTTPSOut|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|[email protected],-25427|[email protected],-25429|[email protected],-25000|"
"CoreNet-IPv6-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=41|App=System|[email protected],-25351|[email protected],-25357|[email protected],-25000|"
"CoreNet-IPv6-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=41|App=System|[email protected],-25352|[email protected],-25358|[email protected],-25000|"
"CoreNet-GP-NP-Out-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|RPort=445|App=System|[email protected],-25401|[email protected],-25401|[email protected],-25000|"
"CoreNet-GP-Out-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|[email protected],-25403|[email protected],-25404|[email protected],-25000|"
"CoreNet-DNS-Out-UDP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|RPort=53|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-25405|[email protected],-25406|[email protected],-25000|"
"CoreNet-GP-LSASS-Out-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\lsass.exe|[email protected],-25407|[email protected],-25408|[email protected],-25000|"
"NETDIS-UPnPHost-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=2869|App=System|[email protected],-32761|[email protected],-32764|[email protected],-32752|"
"NETDIS-UPnPHost-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=System|[email protected],-32765|[email protected],-32768|[email protected],-32752|"
"NETDIS-NB_Name-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|[email protected],-32769|[email protected],-32772|[email protected],-32752|"
"NETDIS-NB_Name-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=137|App=System|[email protected],-32773|[email protected],-32776|[email protected],-32752|"
"NETDIS-NB_Datagram-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|[email protected],-32777|[email protected],-32780|[email protected],-32752|"
"NETDIS-NB_Datagram-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=138|App=System|[email protected],-32781|[email protected],-32784|[email protected],-32752|"
"NETDIS-WSDEVNTS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5358|App=System|[email protected],-32813|[email protected],-32814|[email protected],-32752|"
"NETDIS-WSDEVNTS-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=5358|App=System|[email protected],-32815|[email protected],-32816|[email protected],-32752|"
"NETDIS-WSDEVNT-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5357|App=System|[email protected],-32817|[email protected],-32818|[email protected],-32752|"
"NETDIS-WSDEVNT-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=5357|App=System|[email protected],-32819|[email protected],-32820|[email protected],-32752|"
"NETDIS-SSDPSrv-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32753|[email protected],-32756|[email protected],-32752|"
"NETDIS-SSDPSrv-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32757|[email protected],-32760|[email protected],-32752|"
"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32761|[email protected],-32764|[email protected],-32752|"
"NETDIS-UPnPHost-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32765|[email protected],-32768|[email protected],-32752|"
"NETDIS-UPnP-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-32821|[email protected],-32822|[email protected],-32752|"
"NETDIS-NB_Name-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32769|[email protected],-32772|[email protected],-32752|"
"NETDIS-NB_Name-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32773|[email protected],-32776|[email protected],-32752|"
"NETDIS-NB_Datagram-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32777|[email protected],-32780|[email protected],-32752|"
"NETDIS-NB_Datagram-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32781|[email protected],-32784|[email protected],-32752|"
"NETDIS-FDPHOST-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-32785|[email protected],-32788|[email protected],-32752|"
"NETDIS-FDPHOST-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-32789|[email protected],-32792|[email protected],-32752|"
"NETDIS-LLMNR-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-32801|[email protected],-32804|[email protected],-32752|"
"NETDIS-LLMNR-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-32805|[email protected],-32808|[email protected],-32752|"
"NETDIS-FDRESPUB-WSD-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdrespub|[email protected],-32809|[email protected],-32810|[email protected],-32752|"
"NETDIS-FDRESPUB-WSD-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdrespub|[email protected],-32811|[email protected],-32812|[email protected],-32752|"
"NETDIS-WSDEVNTS-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32813|[email protected],-32814|[email protected],-32752|"
"NETDIS-WSDEVNTS-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32815|[email protected],-32816|[email protected],-32752|"
"NETDIS-WSDEVNT-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32817|[email protected],-32818|[email protected],-32752|"
"NETDIS-WSDEVNT-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32819|[email protected],-32820|[email protected],-32752|"
"NETDIS-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32753|[email protected],-32756|[email protected],-32752|"
"NETDIS-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32757|[email protected],-32760|[email protected],-32752|"
"NETDIS-UPnP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-32821|[email protected],-32822|[email protected],-32752|"
"NETDIS-UPnPHost-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32761|[email protected],-32764|[email protected],-32752|"
"NETDIS-UPnPHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32765|[email protected],-32768|[email protected],-32752|"
"NETDIS-NB_Name-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Public|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32769|[email protected],-32772|[email protected],-32752|"
"NETDIS-NB_Name-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Public|RPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32773|[email protected],-32776|[email protected],-32752|"
"NETDIS-NB_Datagram-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Public|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32777|[email protected],-32780|[email protected],-32752|"
"NETDIS-NB_Datagram-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Public|RPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32781|[email protected],-32784|[email protected],-32752|"
"NETDIS-FDPHOST-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-32785|[email protected],-32788|[email protected],-32752|"
"NETDIS-FDPHOST-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-32789|[email protected],-32792|[email protected],-32752|"
"NETDIS-LLMNR-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-32801|[email protected],-32804|[email protected],-32752|"
"NETDIS-LLMNR-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|RPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-32805|[email protected],-32808|[email protected],-32752|"
"NETDIS-FDRESPUB-WSD-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdrespub|[email protected],-32809|[email protected],-32810|[email protected],-32752|"
"NETDIS-FDRESPUB-WSD-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdrespub|[email protected],-32811|[email protected],-32812|[email protected],-32752|"
"NETDIS-WSDEVNTS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|LPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32813|[email protected],-32814|[email protected],-32752|"
"NETDIS-WSDEVNTS-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32815|[email protected],-32816|[email protected],-32752|"
"NETDIS-WSDEVNT-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|LPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32817|[email protected],-32818|[email protected],-32752|"
"NETDIS-WSDEVNT-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32819|[email protected],-32820|[email protected],-32752|"
"MsiScsi-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Svc=Msiscsi|[email protected],-29003|[email protected],-29006|[email protected],-29002|"
"MsiScsi-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Svc=Msiscsi|[email protected],-29007|[email protected],-29010|[email protected],-29002|"
"MsiScsi-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Msiscsi|[email protected],-29003|[email protected],-29006|[email protected],-29002|"
"MsiScsi-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Msiscsi|[email protected],-29007|[email protected],-29010|[email protected],-29002|"
"MSDTC-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\msdtc.exe|[email protected],-33503|[email protected],-33506|[email protected],-33502|"
"MSDTC-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\msdtc.exe|[email protected],-33507|[email protected],-33510|[email protected],-33502|"
"MSDTC-KTMRM-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\svchost.exe|Svc=ktmrm|[email protected],-33511|[email protected],-33512|[email protected],-33502|"
"MSDTC-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-33513|[email protected],-33514|[email protected],-33502|"
"MSDTC-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\msdtc.exe|[email protected],-33503|[email protected],-33506|[email protected],-33502|"
"MSDTC-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\msdtc.exe|[email protected],-33507|[email protected],-33510|[email protected],-33502|"
"MSDTC-KTMRM-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=ktmrm|[email protected],-33511|[email protected],-33512|[email protected],-33502|"
"MSDTC-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-33513|[email protected],-33514|[email protected],-33502|"
"RemoteSvcAdmin-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\services.exe|[email protected],-29503|[email protected],-29506|[email protected],-29502|"
"RemoteSvcAdmin-NP-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|[email protected],-29507|[email protected],-29510|[email protected],-29502|"
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-29515|[email protected],-29518|[email protected],-29502|"
"RemoteSvcAdmin-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\services.exe|[email protected],-29503|[email protected],-29506|[email protected],-29502|"
"RemoteSvcAdmin-NP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-29507|[email protected],-29510|[email protected],-29502|"
"RemoteSvcAdmin-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-29515|[email protected],-29518|[email protected],-29502|"
"PerfLogsAlerts-PLASrv-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\plasrv.exe|[email protected],-34753|[email protected],-34754|[email protected],-34752|"
"PerfLogsAlerts-DCOM-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=135|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-34755|[email protected],-34756|[email protected],-34752|"
"PerfLogsAlerts-PLASrv-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\\system32\\plasrv.exe|[email protected],-34753|[email protected],-34754|[email protected],-34752|"
"PerfLogsAlerts-DCOM-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%systemroot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-34755|[email protected],-34756|[email protected],-34752|"
"WMI-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-34252|[email protected],-34253|[email protected],-34251|"
"WMI-WINMGMT-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Svc=winmgmt|[email protected],-34254|[email protected],-34255|[email protected],-34251|"
"WMI-WINMGMT-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Svc=winmgmt|[email protected],-34258|[email protected],-34259|[email protected],-34251|"
"WMI-ASYNC-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\\system32\\wbem\\unsecapp.exe|[email protected],-34256|[email protected],-34257|[email protected],-34251|"
"WMI-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=135|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-34252|[email protected],-34253|[email protected],-34251|"
"WMI-WINMGMT-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=winmgmt|[email protected],-34254|[email protected],-34255|[email protected],-34251|"
"WMI-WINMGMT-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=winmgmt|[email protected],-34258|[email protected],-34259|[email protected],-34251|"
"WMI-ASYNC-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\wbem\\unsecapp.exe|[email protected],-34256|[email protected],-34257|[email protected],-34251|"
"PNRPMNRS-PNRP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3540|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|[email protected],-34003|[email protected],-34004|[email protected],-34002|Edge=TRUE|Defer=App|"
"PNRPMNRS-PNRP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3540|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|[email protected],-34005|[email protected],-34006|[email protected],-34002|"
"PNRPMNRS-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-34007|[email protected],-34008|[email protected],-34002|"
"PNRPMNRS-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-34009|[email protected],-34010|[email protected],-34002|"
"RemoteEventLogSvc-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\svchost.exe|Svc=Eventlog|[email protected],-29253|[email protected],-29256|[email protected],-29252|"
"RemoteEventLogSvc-NP-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|[email protected],-29257|[email protected],-29260|[email protected],-29252|"
"RemoteEventLogSvc-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-29265|[email protected],-29268|[email protected],-29252|"
"RemoteEventLogSvc-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Eventlog|[email protected],-29253|[email protected],-29256|[email protected],-29252|"
"RemoteEventLogSvc-NP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-29257|[email protected],-29260|[email protected],-29252|"
"RemoteEventLogSvc-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-29265|[email protected],-29268|[email protected],-29252|"
"RemoteTask-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\svchost.exe|Svc=schedule|[email protected],-33253|[email protected],-33256|[email protected],-33252|"
"RemoteTask-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-33257|[email protected],-33260|[email protected],-33252|"
"RemoteTask-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=schedule|[email protected],-33253|[email protected],-33256|[email protected],-33252|"
"RemoteTask-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-33257|[email protected],-33260|[email protected],-33252|"
"WINRM-HTTP-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5985|App=System|[email protected],-30253|[email protected],-30256|[email protected],-30252|"
"WINRM-HTTP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=5985|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30253|[email protected],-30256|[email protected],-30252|"
"WINRM-HTTP-Compat-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=80|App=System|[email protected],-35001|[email protected],-35002|[email protected],-30252|"
"WINRM-HTTP-Compat-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=80|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-35001|[email protected],-35002|[email protected],-30252|"
"RemoteFwAdmin-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\svchost.exe|Svc=policyagent|[email protected],-30003|[email protected],-30006|[email protected],-30002|"
"RemoteFwAdmin-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-30007|[email protected],-30010|[email protected],-30002|"
"RemoteFwAdmin-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=policyagent|[email protected],-30003|[email protected],-30006|[email protected],-30002|"
"RemoteFwAdmin-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-30007|[email protected],-30010|[email protected],-30002|"
"RRAS-GRE-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=47|App=System|[email protected],-33769|[email protected],-33772|[email protected],-33752|"
"RRAS-GRE-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=47|App=System|[email protected],-33773|[email protected],-33776|[email protected],-33752|"
"RRAS-L2TP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1701|App=System|[email protected],-33753|[email protected],-33756|[email protected],-33752|"
"RRAS-L2TP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1701|App=System|[email protected],-33757|[email protected],-33760|[email protected],-33752|"
"RRAS-PPTP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=1723|App=System|[email protected],-33765|[email protected],-33768|[email protected],-33752|"
"RRAS-PPTP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RPort=1723|App=System|[email protected],-33761|[email protected],-33764|[email protected],-33752|"
"RVM-VDS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\vds.exe|Svc=vds|[email protected],-34502|[email protected],-34503|[email protected],-34501|"
"RVM-VDSLDR-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\vdsldr.exe|[email protected],-34504|[email protected],-34505|[email protected],-34501|"
"RVM-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-34506|[email protected],-34507|[email protected],-34501|"
"RVM-VDS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\vds.exe|Svc=vds|[email protected],-34502|[email protected],-34503|[email protected],-34501|"
"RVM-VDSLDR-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\vdsldr.exe|[email protected],-34504|[email protected],-34505|[email protected],-34501|"
"RVM-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-34506|[email protected],-34507|[email protected],-34501|"
"NetPres-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31761|[email protected],-31764|[email protected],-31752|"
"NetPres-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31765|[email protected],-31768|[email protected],-31752|"
"NetPres-WSDEVNT-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5357|App=System|[email protected],-31769|[email protected],-31770|[email protected],-31752|"
"NetPres-WSDEVNT-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=5357|App=System|[email protected],-31771|[email protected],-31772|[email protected],-31752|"
"NetPres-WSDEVNTS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5358|App=System|[email protected],-31773|[email protected],-31774|[email protected],-31752|"
"NetPres-WSDEVNTS-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=5358|App=System|[email protected],-31775|[email protected],-31776|[email protected],-31752|"
"NetPres-WSD-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31753|[email protected],-31756|[email protected],-31752|"
"NetPres-WSD-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31757|[email protected],-31760|[email protected],-31752|"
"NetPres-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31761|[email protected],-31764|[email protected],-31752|"
"NetPres-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31765|[email protected],-31768|[email protected],-31752|"
"NetPres-WSDEVNT-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31769|[email protected],-31770|[email protected],-31752|"
"NetPres-WSDEVNT-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31771|[email protected],-31772|[email protected],-31752|"
"NetPres-WSDEVNTS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31773|[email protected],-31774|[email protected],-31752|"
"NetPres-WSDEVNTS-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31775|[email protected],-31776|[email protected],-31752|"
"Microsoft-Windows-PeerDist-HttpTrans-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=80|App=SYSTEM|[email protected],-10000|[email protected],-11000|[email protected],-9000|"
"Microsoft-Windows-PeerDist-HttpTrans-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RPort=80|App=SYSTEM|[email protected],-10001|[email protected],-11001|[email protected],-9000|"
"Microsoft-Windows-PeerDist-WSD-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=PeerDistSvc|[email protected],-10002|[email protected],-11002|[email protected],-9001|"
"Microsoft-Windows-PeerDist-WSD-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=PeerDistSvc|[email protected],-10003|[email protected],-11003|[email protected],-9001|"
"Microsoft-Windows-PeerDist-HostedServer-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=443|App=SYSTEM|[email protected],-10004|[email protected],-11004|[email protected],-9002|"
"Microsoft-Windows-PeerDist-HostedServer-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|LPort=443|App=SYSTEM|[email protected],-10005|[email protected],-11005|[email protected],-9002|"
"Microsoft-Windows-PeerDist-HostedClient-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RPort=443|App=SYSTEM|[email protected],-10006|[email protected],-11006|[email protected],-9003|"
"MCX-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30753|[email protected],-30756|[email protected],-30752|"
"MCX-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30757|[email protected],-30760|[email protected],-30752|"
"MCX-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=554|LPort=8554|LPort=8555|LPort=8556|LPort=8557|LPort=8558|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\ehome\\ehshell.exe|[email protected],-30761|[email protected],-30764|[email protected],-30752|"
"MCX-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\ehome\\ehshell.exe|[email protected],-30765|[email protected],-30768|[email protected],-30752|"
"MCX-QWave-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-30769|[email protected],-30772|[email protected],-30752|"
"MCX-QWave-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-30773|[email protected],-30776|[email protected],-30752|"
"MCX-QWave-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-30777|[email protected],-30780|[email protected],-30752|"
"MCX-QWave-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-30781|[email protected],-30784|[email protected],-30752|"
"MCX-HTTPSTR-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=10244|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30785|[email protected],-30788|[email protected],-30752|"
"MCX-TERMSRV-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=3390|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30793|[email protected],-30796|[email protected],-30752|"
"MCX-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=7777|LPort=7778|LPort=7779|LPort=7780|LPort=7781|LPort=5004|LPort=5005|LPort=50004|LPort=50005|LPort=50006|LPort=50007|LPort=50008|LPort=50009|LPort=50010|LPort=50011|LPort=50012|LPort=50013|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\ehome\\ehshell.exe|[email protected],-30801|[email protected],-30804|[email protected],-30752|"
"MCX-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\ehome\\ehshell.exe|[email protected],-30805|[email protected],-30808|[email protected],-30752|"
"MCX-MCX2SVC-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=mcx2svc|[email protected],-30810|[email protected],-30811|[email protected],-30752|"
"MCX-Prov-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\\ehome\\mcx2prov.exe|[email protected],-30812|[email protected],-30813|[email protected],-30752|"
"MCX-PlayTo-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30814|[email protected],-30815|[email protected],-30752|"
"MCX-PlayTo-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-30816|[email protected],-30817|[email protected],-30752|"
"MCX-McrMgr-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\\ehome\\mcrmgr.exe|[email protected],-30818|[email protected],-30819|[email protected],-30752|"
"MCX-PlayTo-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30820|[email protected],-30821|[email protected],-30752|"
"MCX-FDPHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-30822|[email protected],-30823|[email protected],-30752|"
"RemoteDesktop-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=3389|App=System|[email protected],-28753|[email protected],-28756|[email protected],-28752|"
"RemoteDesktop-UserMode-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=3389|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|[email protected],-28853|[email protected],-28856|[email protected],-28852|"
"WPDMTP-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\wudfhost.exe|[email protected],-30503|[email protected],-30506|[email protected],-30502|"
"WPDMTP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\wudfhost.exe|[email protected],-30503|[email protected],-30506|[email protected],-30502|"
"WPDMTP-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30507|[email protected],-30510|[email protected],-30502|"
"WPDMTP-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30511|[email protected],-30514|[email protected],-30502|"
"WPDMTP-UPnPHost-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30515|[email protected],-30518|[email protected],-30502|"
"WPDMTP-UPnPHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-30519|[email protected],-30522|[email protected],-30502|"
"WPDMTP-UPnP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-30523|[email protected],-30524|[email protected],-30502|"
"RemoteDesktop-UserMode-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3389|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|[email protected],-101|[email protected],-102|[email protected],-28852|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Defaults\FirewallPolicy\PublicProfile]
"DisableNotifications"=dword:00000000
"EnableFirewall"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging]
"LogFileSize"=dword:00001000
"LogFilePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
4c,00,6f,00,67,00,46,00,69,00,6c,00,65,00,73,00,5c,00,46,00,69,00,72,00,65,\
00,77,00,61,00,6c,00,6c,00,5c,00,70,00,66,00,69,00,72,00,65,00,77,00,61,00,\
6c,00,6c,00,2e,00,6c,00,6f,00,67,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Defaults\FirewallPolicy\StandardProfile]
"DisableNotifications"=dword:00000000
"EnableFirewall"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging]
"LogFileSize"=dword:00001000
"LogFilePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
4c,00,6f,00,67,00,46,00,69,00,6c,00,65,00,73,00,5c,00,46,00,69,00,72,00,65,\
00,77,00,61,00,6c,00,6c,00,5c,00,70,00,66,00,69,00,72,00,65,00,77,00,61,00,\
6c,00,6c,00,2e,00,6c,00,6f,00,67,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch]
"Epoch"=dword:00000138
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2]
"Epoch"=dword:00000048
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
69,00,70,00,6e,00,61,00,74,00,68,00,6c,00,70,00,2e,00,64,00,6c,00,6c,00,00,\
00
"ServiceDllUnloadOnStop"=dword:00000001
"SharedAutoDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy]
"DisableStatefulFTP"=dword:00000000
"PolicyVersion"=dword:0000020a
"DisableStatefulPPTP"=dword:00000000
"IPSecExempt"=dword:00000009
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=dword:00000001
"DisableNotifications"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging]
"LogFileSize"=dword:00001000
"LogFilePath"="%systemroot%\\system32\\LogFiles\\Firewall\\pfirewall.log"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"RVM-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-34506|[email protected],-34507|[email protected],-34501|"
"RVM-VDSLDR-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\vdsldr.exe|[email protected],-34504|[email protected],-34505|[email protected],-34501|"
"RVM-VDS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\vds.exe|Svc=vds|[email protected],-34502|[email protected],-34503|[email protected],-34501|"
"RVM-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-34506|[email protected],-34507|[email protected],-34501|"
"RVM-VDSLDR-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\vdsldr.exe|[email protected],-34504|[email protected],-34505|[email protected],-34501|"
"RVM-VDS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\vds.exe|Svc=vds|[email protected],-34502|[email protected],-34503|[email protected],-34501|"
"RRAS-PPTP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RPort=1723|App=System|[email protected],-33761|[email protected],-33764|[email protected],-33752|"
"RRAS-PPTP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=1723|App=System|[email protected],-33765|[email protected],-33768|[email protected],-33752|"
"RRAS-L2TP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1701|App=System|[email protected],-33757|[email protected],-33760|[email protected],-33752|"
"RRAS-L2TP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1701|App=System|[email protected],-33753|[email protected],-33756|[email protected],-33752|"
"RRAS-GRE-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=47|App=System|[email protected],-33773|[email protected],-33776|[email protected],-33752|"
"RRAS-GRE-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=47|App=System|[email protected],-33769|[email protected],-33772|[email protected],-33752|"
"RemoteFwAdmin-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-30007|[email protected],-30010|[email protected],-30002|"
"RemoteFwAdmin-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=policyagent|[email protected],-30003|[email protected],-30006|[email protected],-30002|"
"RemoteFwAdmin-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-30007|[email protected],-30010|[email protected],-30002|"
"RemoteFwAdmin-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\svchost.exe|Svc=policyagent|[email protected],-30003|[email protected],-30006|[email protected],-30002|"
"WINRM-HTTP-Compat-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=80|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-35001|[email protected],-35002|[email protected],-30252|"
"WINRM-HTTP-Compat-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=80|App=System|[email protected],-35001|[email protected],-35002|[email protected],-30252|"
"WINRM-HTTP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=5985|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30253|[email protected],-30256|[email protected],-30252|"
"WINRM-HTTP-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5985|App=System|[email protected],-30253|[email protected],-30256|[email protected],-30252|"
"RemoteTask-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-33257|[email protected],-33260|[email protected],-33252|"
"RemoteTask-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=schedule|[email protected],-33253|[email protected],-33256|[email protected],-33252|"
"RemoteTask-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-33257|[email protected],-33260|[email protected],-33252|"
"RemoteTask-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\svchost.exe|Svc=schedule|[email protected],-33253|[email protected],-33256|[email protected],-33252|"
"RemoteEventLogSvc-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-29265|[email protected],-29268|[email protected],-29252|"
"RemoteEventLogSvc-NP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-29257|[email protected],-29260|[email protected],-29252|"
"RemoteEventLogSvc-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Eventlog|[email protected],-29253|[email protected],-29256|[email protected],-29252|"
"RemoteEventLogSvc-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-29265|[email protected],-29268|[email protected],-29252|"
"RemoteEventLogSvc-NP-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|[email protected],-29257|[email protected],-29260|[email protected],-29252|"
"RemoteEventLogSvc-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\svchost.exe|Svc=Eventlog|[email protected],-29253|[email protected],-29256|[email protected],-29252|"
"PNRPMNRS-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-34009|[email protected],-34010|[email protected],-34002|"
"PNRPMNRS-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-34007|[email protected],-34008|[email protected],-34002|"
"PNRPMNRS-PNRP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3540|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|[email protected],-34005|[email protected],-34006|[email protected],-34002|"
"PNRPMNRS-PNRP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3540|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|[email protected],-34003|[email protected],-34004|[email protected],-34002|Edge=TRUE|Defer=App|"
"WMI-ASYNC-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\wbem\\unsecapp.exe|[email protected],-34256|[email protected],-34257|[email protected],-34251|"
"WMI-WINMGMT-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=winmgmt|[email protected],-34258|[email protected],-34259|[email protected],-34251|"
"WMI-WINMGMT-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=winmgmt|[email protected],-34254|[email protected],-34255|[email protected],-34251|"
"WMI-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=135|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-34252|[email protected],-34253|[email protected],-34251|"
"WMI-ASYNC-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\\system32\\wbem\\unsecapp.exe|[email protected],-34256|[email protected],-34257|[email protected],-34251|"
"WMI-WINMGMT-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Svc=winmgmt|[email protected],-34258|[email protected],-34259|[email protected],-34251|"
"WMI-WINMGMT-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Svc=winmgmt|[email protected],-34254|[email protected],-34255|[email protected],-34251|"
"WMI-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-34252|[email protected],-34253|[email protected],-34251|"
"PerfLogsAlerts-DCOM-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%systemroot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-34755|[email protected],-34756|[email protected],-34752|"
"PerfLogsAlerts-PLASrv-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\\system32\\plasrv.exe|[email protected],-34753|[email protected],-34754|[email protected],-34752|"
"PerfLogsAlerts-DCOM-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=135|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-34755|[email protected],-34756|[email protected],-34752|"
"PerfLogsAlerts-PLASrv-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\plasrv.exe|[email protected],-34753|[email protected],-34754|[email protected],-34752|"
"RemoteSvcAdmin-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-29515|[email protected],-29518|[email protected],-29502|"
"RemoteSvcAdmin-NP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-29507|[email protected],-29510|[email protected],-29502|"
"RemoteSvcAdmin-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\services.exe|[email protected],-29503|[email protected],-29506|[email protected],-29502|"
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-29515|[email protected],-29518|[email protected],-29502|"
"RemoteSvcAdmin-NP-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|[email protected],-29507|[email protected],-29510|[email protected],-29502|"
"RemoteSvcAdmin-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\services.exe|[email protected],-29503|[email protected],-29506|[email protected],-29502|"
"MSDTC-RPCSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-33513|[email protected],-33514|[email protected],-33502|"
"MSDTC-KTMRM-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=ktmrm|[email protected],-33511|[email protected],-33512|[email protected],-33502|"
"MSDTC-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\msdtc.exe|[email protected],-33507|[email protected],-33510|[email protected],-33502|"
"MSDTC-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\msdtc.exe|[email protected],-33503|[email protected],-33506|[email protected],-33502|"
"MSDTC-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\\system32\\svchost.exe|Svc=RPCSS|[email protected],-33513|[email protected],-33514|[email protected],-33502|"
"MSDTC-KTMRM-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\svchost.exe|Svc=ktmrm|[email protected],-33511|[email protected],-33512|[email protected],-33502|"
"MSDTC-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\msdtc.exe|[email protected],-33507|[email protected],-33510|[email protected],-33502|"
"MSDTC-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\msdtc.exe|[email protected],-33503|[email protected],-33506|[email protected],-33502|"
"MsiScsi-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Msiscsi|[email protected],-29007|[email protected],-29010|[email protected],-29002|"
"MsiScsi-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Msiscsi|[email protected],-29003|[email protected],-29006|[email protected],-29002|"
"MsiScsi-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Svc=Msiscsi|[email protected],-29007|[email protected],-29010|[email protected],-29002|"
"MsiScsi-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|Svc=Msiscsi|[email protected],-29003|[email protected],-29006|[email protected],-29002|"
"NETDIS-WSDEVNT-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32819|[email protected],-32820|[email protected],-32752|"
"NETDIS-WSDEVNT-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|LPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32817|[email protected],-32818|[email protected],-32752|"
"NETDIS-WSDEVNTS-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32815|[email protected],-32816|[email protected],-32752|"
"NETDIS-WSDEVNTS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|LPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32813|[email protected],-32814|[email protected],-32752|"
"NETDIS-FDRESPUB-WSD-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdrespub|[email protected],-32811|[email protected],-32812|[email protected],-32752|"
"NETDIS-FDRESPUB-WSD-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdrespub|[email protected],-32809|[email protected],-32810|[email protected],-32752|"
"NETDIS-LLMNR-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|RPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-32805|[email protected],-32808|[email protected],-32752|"
"NETDIS-LLMNR-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-32801|[email protected],-32804|[email protected],-32752|"
"NETDIS-FDPHOST-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-32789|[email protected],-32792|[email protected],-32752|"
"NETDIS-FDPHOST-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-32785|[email protected],-32788|[email protected],-32752|"
"NETDIS-NB_Datagram-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Public|RPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32781|[email protected],-32784|[email protected],-32752|"
"NETDIS-NB_Datagram-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Public|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32777|[email protected],-32780|[email protected],-32752|"
"NETDIS-NB_Name-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Public|RPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32773|[email protected],-32776|[email protected],-32752|"
"NETDIS-NB_Name-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Public|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32769|[email protected],-32772|[email protected],-32752|"
"NETDIS-UPnPHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32765|[email protected],-32768|[email protected],-32752|"
"NETDIS-UPnPHost-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32761|[email protected],-32764|[email protected],-32752|"
"NETDIS-UPnP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-32821|[email protected],-32822|[email protected],-32752|"
"NETDIS-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32757|[email protected],-32760|[email protected],-32752|"
"NETDIS-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32753|[email protected],-32756|[email protected],-32752|"
"NETDIS-WSDEVNT-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32819|[email protected],-32820|[email protected],-32752|"
"NETDIS-WSDEVNT-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32817|[email protected],-32818|[email protected],-32752|"
"NETDIS-WSDEVNTS-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32815|[email protected],-32816|[email protected],-32752|"
"NETDIS-WSDEVNTS-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32813|[email protected],-32814|[email protected],-32752|"
"NETDIS-FDRESPUB-WSD-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdrespub|[email protected],-32811|[email protected],-32812|[email protected],-32752|"
"NETDIS-FDRESPUB-WSD-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdrespub|[email protected],-32809|[email protected],-32810|[email protected],-32752|"
"NETDIS-LLMNR-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-32805|[email protected],-32808|[email protected],-32752|"
"NETDIS-LLMNR-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-32801|[email protected],-32804|[email protected],-32752|"
"NETDIS-FDPHOST-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-32789|[email protected],-32792|[email protected],-32752|"
"NETDIS-FDPHOST-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-32785|[email protected],-32788|[email protected],-32752|"
"NETDIS-NB_Datagram-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32781|[email protected],-32784|[email protected],-32752|"
"NETDIS-NB_Datagram-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32777|[email protected],-32780|[email protected],-32752|"
"NETDIS-NB_Name-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32773|[email protected],-32776|[email protected],-32752|"
"NETDIS-NB_Name-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32769|[email protected],-32772|[email protected],-32752|"
"NETDIS-UPnP-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-32821|[email protected],-32822|[email protected],-32752|"
"NETDIS-UPnPHost-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32765|[email protected],-32768|[email protected],-32752|"
"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-32761|[email protected],-32764|[email protected],-32752|"
"NETDIS-SSDPSrv-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32757|[email protected],-32760|[email protected],-32752|"
"NETDIS-SSDPSrv-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32753|[email protected],-32756|[email protected],-32752|"
"NETDIS-WSDEVNT-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=5357|App=System|[email protected],-32819|[email protected],-32820|[email protected],-32752|"
"NETDIS-WSDEVNT-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5357|App=System|[email protected],-32817|[email protected],-32818|[email protected],-32752|"
"NETDIS-WSDEVNTS-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=5358|App=System|[email protected],-32815|[email protected],-32816|[email protected],-32752|"
"NETDIS-WSDEVNTS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5358|App=System|[email protected],-32813|[email protected],-32814|[email protected],-32752|"
"NETDIS-NB_Datagram-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=138|App=System|[email protected],-32781|[email protected],-32784|[email protected],-32752|"
"NETDIS-NB_Datagram-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|[email protected],-32777|[email protected],-32780|[email protected],-32752|"
"NETDIS-NB_Name-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=137|App=System|[email protected],-32773|[email protected],-32776|[email protected],-32752|"
"NETDIS-NB_Name-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|[email protected],-32769|[email protected],-32772|[email protected],-32752|"
"NETDIS-UPnPHost-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=System|[email protected],-32765|[email protected],-32768|[email protected],-32752|"
"NETDIS-UPnPHost-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=2869|App=System|[email protected],-32761|[email protected],-32764|[email protected],-32752|"
"CoreNet-GP-LSASS-Out-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\lsass.exe|[email protected],-25407|[email protected],-25408|[email protected],-25000|"
"CoreNet-DNS-Out-UDP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|RPort=53|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|[email protected],-25405|[email protected],-25406|[email protected],-25000|"
"CoreNet-GP-Out-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\svchost.exe|[email protected],-25403|[email protected],-25404|[email protected],-25000|"
"CoreNet-GP-NP-Out-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|RPort=445|App=System|[email protected],-25401|[email protected],-25401|[email protected],-25000|"
"CoreNet-IPv6-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=41|App=System|[email protected],-25352|[email protected],-25358|[email protected],-25000|"
"CoreNet-IPv6-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=41|App=System|[email protected],-25351|[email protected],-25357|[email protected],-25000|"
"CoreNet-IPHTTPS-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort2_10=IPTLSOut|RPort2_10=IPHTTPSOut|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|[email protected],-25427|[email protected],-25429|[email protected],-25000|"
"CoreNet-IPHTTPS-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=IPTLSIn|LPort2_10=IPHTTPSIn|App=System|[email protected],-25426|[email protected],-25428|[email protected],-25000|"
"CoreNet-Teredo-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|[email protected],-25327|[email protected],-25333|[email protected],-25000|"
"CoreNet-Teredo-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=Teredo|App=%SystemRoot%\\system32\\svchost.exe|Svc=iphlpsvc|[email protected],-25326|[email protected],-25332|[email protected],-25000|"
"CoreNet-DHCPV6-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=546|RPort=547|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|[email protected],-25305|[email protected],-25306|[email protected],-25000|"
"CoreNet-DHCPV6-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=546|RPort=547|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|[email protected],-25304|[email protected],-25306|[email protected],-25000|"
"CoreNet-DHCP-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=68|RPort=67|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|[email protected],-25302|[email protected],-25303|[email protected],-25000|"
"CoreNet-DHCP-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=68|RPort=67|App=%SystemRoot%\\system32\\svchost.exe|Svc=dhcp|[email protected],-25301|[email protected],-25303|[email protected],-25000|"
"CoreNet-IGMP-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=2|App=System|[email protected],-25377|[email protected],-25382|[email protected],-25000|"
"CoreNet-IGMP-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=2|App=System|[email protected],-25376|[email protected],-25382|[email protected],-25000|"
"CoreNet-ICMP4-DUFRAG-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|ICMP4=3:4|App=System|[email protected],-25251|[email protected],-25257|[email protected],-25000|"
"CoreNet-ICMP6-LD-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=132:*|RA6=LocalSubnet|[email protected],-25083|[email protected],-25088|[email protected],-25000|"
"CoreNet-ICMP6-LD-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=132:*|RA6=LocalSubnet|App=System|[email protected],-25082|[email protected],-25088|[email protected],-25000|"
"CoreNet-ICMP6-LR2-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|[email protected],-25076|[email protected],-25081|[email protected],-25000|"
"CoreNet-ICMP6-LR2-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|App=System|[email protected],-25075|[email protected],-25081|[email protected],-25000|"
"CoreNet-ICMP6-LR-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=131:*|RA6=LocalSubnet|[email protected],-25069|[email protected],-25074|[email protected],-25000|"
"CoreNet-ICMP6-LR-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=131:*|RA6=LocalSubnet|App=System|[email protected],-25068|[email protected],-25074|[email protected],-25000|"
"CoreNet-ICMP6-LQ-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=130:*|RA6=LocalSubnet|[email protected],-25062|[email protected],-25067|[email protected],-25000|"
"CoreNet-ICMP6-LQ-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=130:*|RA6=LocalSubnet|App=System|[email protected],-25061|[email protected],-25067|[email protected],-25000|"
"CoreNet-ICMP6-RS-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=133:*|RA6=LocalSubnet|RA6=fe80::/64|RA6=ff02::2|[email protected],-25008|[email protected],-25011|[email protected],-25000|"
"CoreNet-ICMP6-RS-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=133:*|App=System|[email protected],-25009|[email protected],-25011|[email protected],-25000|"
"CoreNet-ICMP6-RA-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=134:*|LA6=fe80::/64|RA6=LocalSubnet|RA6=fe80::/64|RA6=ff02::1|[email protected],-25013|[email protected],-25018|[email protected],-25000|"
"CoreNet-ICMP6-RA-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=134:*|RA6=fe80::/64|App=System|[email protected],-25012|[email protected],-25018|[email protected],-25000|"
"CoreNet-ICMP6-NDA-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=136:*|[email protected],-25027|[email protected],-25032|[email protected],-25000|"
"CoreNet-ICMP6-NDA-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=136:*|App=System|[email protected],-25026|[email protected],-25032|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-NDS-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=135:*|[email protected],-25020|[email protected],-25025|[email protected],-25000|"
"CoreNet-ICMP6-NDS-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=135:*|App=System|[email protected],-25019|[email protected],-25025|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-PP-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=4:*|[email protected],-25117|[email protected],-25118|[email protected],-25000|"
"CoreNet-ICMP6-PP-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=4:*|App=System|[email protected],-25116|[email protected],-25118|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-TE-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=3:*|[email protected],-25114|[email protected],-25115|[email protected],-25000|"
"CoreNet-ICMP6-TE-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=3:*|App=System|[email protected],-25113|[email protected],-25115|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-PTB-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=2:*|[email protected],-25002|[email protected],-25007|[email protected],-25000|"
"CoreNet-ICMP6-PTB-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=2:*|App=System|[email protected],-25001|[email protected],-25007|[email protected],-25000|Edge=TRUE|"
"CoreNet-ICMP6-DU-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=1:*|App=System|[email protected],-25110|[email protected],-25112|[email protected],-25000|Edge=TRUE|"
"FPS-LLMNR-Out-UDP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|RPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|Name=File and Printer Sharing (LLMNR-UDP-Out)|[email protected],-28551|[email protected],-28502|"
"FPS-LLMNR-In-UDP"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|Name=File and Printer Sharing (LLMNR-UDP-In)|[email protected],-28549|[email protected],-28502|"
"FPS-ICMP6-ERQ-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|Profile=Private|Profile=Public|ICMP6=128:*|RA6=LocalSubnet|Name=File and Printer Sharing (Echo Request - ICMPv6-Out)|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP6-ERQ-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Private|Profile=Public|ICMP6=128:*|RA6=LocalSubnet|Name=File and Printer Sharing (Echo Request - ICMPv6-In)|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP4-ERQ-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=1|Profile=Private|Profile=Public|ICMP4=8:*|RA4=LocalSubnet|Name=File and Printer Sharing (Echo Request - ICMPv4-Out)|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP4-ERQ-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Private|Profile=Public|ICMP4=8:*|RA4=LocalSubnet|Name=File and Printer Sharing (Echo Request - ICMPv4-In)|[email protected],-28547|[email protected],-28502|"
"FPS-RPCSS-In-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|Svc=Rpcss|Name=File and Printer Sharing (Spooler Service - RPC-EPMAP)|[email protected],-28542|[email protected],-28502|"
"FPS-SpoolSvc-In-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\spoolsv.exe|Svc=Spooler|Name=File and Printer Sharing (Spooler Service - RPC)|[email protected],-28538|[email protected],-28502|"
"FPS-NB_Datagram-Out-UDP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=File and Printer Sharing (NB-Datagram-Out)|[email protected],-28534|[email protected],-28502|"
"FPS-NB_Datagram-In-UDP"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=File and Printer Sharing (NB-Datagram-In)|[email protected],-28530|[email protected],-28502|"
"FPS-NB_Name-Out-UDP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=File and Printer Sharing (NB-Name-Out)|[email protected],-28526|[email protected],-28502|"
"FPS-NB_Name-In-UDP"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=File and Printer Sharing (NB-Name-In)|[email protected],-28522|[email protected],-28502|"
"FPS-SMB-Out-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=File and Printer Sharing (SMB-Out)|[email protected],-28518|[email protected],-28502|"
"FPS-SMB-In-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=File and Printer Sharing (SMB-In)|[email protected],-28514|[email protected],-28502|"
"FPS-NB_Session-Out-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=File and Printer Sharing (NB-Session-Out)|[email protected],-28510|[email protected],-28502|"
"FPS-NB_Session-In-TCP"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=File and Printer Sharing (NB-Session-In)|[email protected],-28506|[email protected],-28502|"
"FPS-ICMP6-ERQ-Out-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=58|Profile=Domain|ICMP6=128:*|[email protected],-28546|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP6-ERQ-In-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|[email protected],-28545|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP4-ERQ-Out-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=1|Profile=Domain|ICMP4=8:*|[email protected],-28544|[email protected],-28547|[email protected],-28502|"
"FPS-ICMP4-ERQ-In-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|[email protected],-28543|[email protected],-28547|[email protected],-28502|"
"FPS-RPCSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|[email protected],-28539|[email protected],-28542|[email protected],-28502|"
"FPS-SpoolSvc-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\\system32\\spoolsv.exe|Svc=Spooler|[email protected],-28535|[email protected],-28538|[email protected],-28502|"
"FPS-NB_Datagram-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=138|App=System|[email protected],-28531|[email protected],-28534|[email protected],-28502|"
"FPS-NB_Datagram-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|[email protected],-28527|[email protected],-28530|[email protected],-28502|"
"FPS-NB_Name-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=137|App=System|[email protected],-28523|[email protected],-28526|[email protected],-28502|"
"FPS-NB_Name-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|[email protected],-28519|[email protected],-28522|[email protected],-28502|"
"FPS-SMB-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=445|App=System|[email protected],-28515|[email protected],-28518|[email protected],-28502|"
"FPS-SMB-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|[email protected],-28511|[email protected],-28514|[email protected],-28502|"
"FPS-NB_Session-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=139|App=System|[email protected],-28507|[email protected],-28510|[email protected],-28502|"
"FPS-NB_Session-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|[email protected],-28503|[email protected],-28506|[email protected],-28502|"
"RemoteAssistance-PnrpSvc-UDP-OUT-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|Name=Remote Assistance (PNRP-Out)|[email protected],-33038|[email protected],-33002|"
"RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=3540|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|Name=Remote Assistance (PNRP-In)|[email protected],-33040|[email protected],-33002|Edge=TRUE|Defer=App|"
"RemoteAssistance-SSDPSrv-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|Name=Remote Assistance (SSDP TCP-Out)|[email protected],-33034|[email protected],-33002|"
"RemoteAssistance-SSDPSrv-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|Name=Remote Assistance (SSDP TCP-In)|[email protected],-33030|[email protected],-33002|"
"RemoteAssistance-SSDPSrv-Out-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|Name=Remote Assistance (SSDP UDP-Out)|[email protected],-33026|[email protected],-33002|"
"RemoteAssistance-SSDPSrv-In-UDP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|Name=Remote Assistance (SSDP UDP-In)|[email protected],-33022|[email protected],-33002|"
"RemoteAssistance-Out-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\msra.exe|Name=Remote Assistance (TCP-Out)|[email protected],-33010|[email protected],-33002|"
"RemoteAssistance-In-TCP-EdgeScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\msra.exe|Name=Remote Assistance (TCP-In)|[email protected],-33006|[email protected],-33002|Edge=TRUE|Defer=App|"
"RemoteAssistance-DCOM-In-TCP-NoScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\\system32\\svchost.exe|Svc=rpcss|[email protected],-33035|[email protected],-33036|[email protected],-33002|"
"RemoteAssistance-RAServer-Out-TCP-NoScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\raserver.exe|[email protected],-33015|[email protected],-33018|[email protected],-33002|"
"RemoteAssistance-RAServer-In-TCP-NoScope-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\raserver.exe|[email protected],-33011|[email protected],-33014|[email protected],-33002|"
"RemoteAssistance-PnrpSvc-UDP-OUT"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Public|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|[email protected],-33037|[email protected],-33038|[email protected],-33002|"
"RemoteAssistance-PnrpSvc-UDP-In-EdgeScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Public|LPort=3540|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|[email protected],-33039|[email protected],-33040|[email protected],-33002|Edge=TRUE|Defer=App|"
"RemoteAssistance-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|App=%SystemRoot%\\system32\\msra.exe|[email protected],-33007|[email protected],-33010|[email protected],-33002|"
"RemoteAssistance-In-TCP-EdgeScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|App=%SystemRoot%\\system32\\msra.exe|[email protected],-33003|[email protected],-33006|[email protected],-33002|Edge=TRUE|Defer=App|"
"Collab-PNRP-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32031|[email protected],-32034|[email protected],-32002|"
"Collab-PNRP-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-32027|[email protected],-32030|[email protected],-32002|"
"Collab-PNRP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3540|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|[email protected],-32023|[email protected],-32026|[email protected],-32002|"
"Collab-PNRP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3540|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|[email protected],-32019|[email protected],-32022|[email protected],-32002|Edge=TRUE|Defer=App|"
"Collab-P2PHost-WSD-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\p2phost.exe|[email protected],-32015|[email protected],-32018|[email protected],-32002|"
"Collab-P2PHost-WSD-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\p2phost.exe|[email protected],-32011|[email protected],-32014|[email protected],-32002|"
"Collab-P2PHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\\system32\\p2phost.exe|[email protected],-32007|[email protected],-32010|[email protected],-32002|"
"Collab-P2PHost-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|App=%SystemRoot%\\system32\\p2phost.exe|[email protected],-32003|[email protected],-32006|[email protected],-32002|Edge=TRUE|Defer=App|"
"Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|Name=HomeGroup Out (PNRP)|Desc=@%systemroot%\\system32\\provsvc.dll,-208|EmbedCtxt=@%systemroot%\\system32\\provsvc.dll,-202|"
"Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|Name=HomeGroup In (PNRP)|Desc=@%systemroot%\\system32\\provsvc.dll,-206|EmbedCtxt=@%systemroot%\\system32\\provsvc.dll,-202|"
"Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=p2psvc|Name=HomeGroup Out|Desc=@%systemroot%\\system32\\provsvc.dll,-204|EmbedCtxt=@%systemroot%\\system32\\provsvc.dll,-202|"
"Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=p2psvc|Name=HomeGroup In|Desc=@%systemroot%\\system32\\provsvc.dll,-201|EmbedCtxt=@%systemroot%\\system32\\provsvc.dll,-202|"
"WMPNSS-RME-HTTP-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=10245|App=System|[email protected],-31501|[email protected],-31502|[email protected],-31500|Edge=TRUE|Defer=App|"
"WMPNSS-UPnP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-31321|[email protected],-31322|[email protected],-31252|"
"WMPNSS-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31317|[email protected],-31320|[email protected],-31252|"
"WMPNSS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31313|[email protected],-31316|[email protected],-31252|"
"WMPNSS-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31309|[email protected],-31312|[email protected],-31252|"
"WMPNSS-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31305|[email protected],-31308|[email protected],-31252|"
"WMPNSS-WMP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31301|[email protected],-31304|[email protected],-31252|"
"WMPNSS-WMP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31297|[email protected],-31300|[email protected],-31252|"
"WMPNSS-WMP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31293|[email protected],-31296|[email protected],-31252|"
"WMPNSS-HTTPSTR-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=10243|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31289|[email protected],-31292|[email protected],-31252|"
"WMPNSS-HTTPSTR-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=10243|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31285|[email protected],-31288|[email protected],-31252|"
"WMPNSS-UPnPHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31281|[email protected],-31284|[email protected],-31252|"
"WMPNSS-UPnPHost-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31277|[email protected],-31280|[email protected],-31252|"
"WMPNSS-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=ssdpsrv|[email protected],-31273|[email protected],-31276|[email protected],-31252|"
"WMPNSS-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=ssdpsrv|[email protected],-31269|[email protected],-31272|[email protected],-31252|"
"WMPNSS-QWave-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31265|[email protected],-31268|[email protected],-31252|"
"WMPNSS-QWave-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31261|[email protected],-31264|[email protected],-31252|"
"WMPNSS-QWave-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31257|[email protected],-31260|[email protected],-31252|"
"WMPNSS-QWave-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31253|[email protected],-31256|[email protected],-31252|"
"WMPNSS-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31317|[email protected],-31320|[email protected],-31252|"
"WMPNSS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31313|[email protected],-31316|[email protected],-31252|"
"WMPNSS-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31309|[email protected],-31312|[email protected],-31252|"
"WMPNSS-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe|[email protected],-31305|[email protected],-31308|[email protected],-31252|"
"WMPNSS-WMP-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31301|[email protected],-31304|[email protected],-31252|"
"WMPNSS-WMP-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31297|[email protected],-31300|[email protected],-31252|"
"WMPNSS-WMP-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\\Windows Media Player\\wmplayer.exe|[email protected],-31293|[email protected],-31296|[email protected],-31252|"
"WMPNSS-HTTPSTR-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=10243|App=System|[email protected],-31289|[email protected],-31292|[email protected],-31252|"
"WMPNSS-HTTPSTR-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=10243|App=System|[email protected],-31285|[email protected],-31288|[email protected],-31252|"
"WMPNSS-QWave-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=2177|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31265|[email protected],-31268|[email protected],-31252|"
"WMPNSS-QWave-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=2177|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31261|[email protected],-31264|[email protected],-31252|"
"WMPNSS-QWave-Out-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=2177|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31257|[email protected],-31260|[email protected],-31252|"
"WMPNSS-QWave-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=2177|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-31253|[email protected],-31256|[email protected],-31252|"
"WMP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%ProgramFiles%\\Windows Media Player\\wmplayer.exe|[email protected],-31011|[email protected],-31014|[email protected],-31002|"
"WMP-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|App=%ProgramFiles%\\Windows Media Player\\wmplayer.exe|[email protected],-31007|[email protected],-31010|[email protected],-31002|"
"WMP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|App=%ProgramFiles%\\Windows Media Player\\wmplayer.exe|[email protected],-31003|[email protected],-31006|[email protected],-31002|"
"SNMPTRAP-In-UDP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=162|App=%SystemRoot%\\system32\\snmptrap.exe|Svc=SNMPTRAP|[email protected],-7|[email protected],-8|[email protected],-3|"
"SNMPTRAP-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=162|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\snmptrap.exe|Svc=SNMPTRAP|[email protected],-7|[email protected],-8|[email protected],-3|"
"Netlogon-NamedPipe-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|[email protected],-1003|[email protected],-1006|[email protected],-1010|"
"SSTP-IN-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=443|App=System|[email protected],-35002|[email protected],-35003|[email protected],-35001|"
"NetPres-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31761|[email protected],-31764|[email protected],-31752|"
"NetPres-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31765|[email protected],-31768|[email protected],-31752|"
"NetPres-WSDEVNT-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5357|App=System|[email protected],-31769|[email protected],-31770|[email protected],-31752|"
"NetPres-WSDEVNT-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=5357|App=System|[email protected],-31771|[email protected],-31772|[email protected],-31752|"
"NetPres-WSDEVNTS-In-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=5358|App=System|[email protected],-31773|[email protected],-31774|[email protected],-31752|"
"NetPres-WSDEVNTS-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=5358|App=System|[email protected],-31775|[email protected],-31776|[email protected],-31752|"
"NetPres-WSD-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31753|[email protected],-31756|[email protected],-31752|"
"NetPres-WSD-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31757|[email protected],-31760|[email protected],-31752|"
"NetPres-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31761|[email protected],-31764|[email protected],-31752|"
"NetPres-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\netproj.exe|[email protected],-31765|[email protected],-31768|[email protected],-31752|"
"NetPres-WSDEVNT-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31769|[email protected],-31770|[email protected],-31752|"
"NetPres-WSDEVNT-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31771|[email protected],-31772|[email protected],-31752|"
"NetPres-WSDEVNTS-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31773|[email protected],-31774|[email protected],-31752|"
"NetPres-WSDEVNTS-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-31775|[email protected],-31776|[email protected],-31752|"
"Microsoft-Windows-PeerDist-HttpTrans-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=80|App=SYSTEM|[email protected],-10000|[email protected],-11000|[email protected],-9000|"
"Microsoft-Windows-PeerDist-HttpTrans-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RPort=80|App=SYSTEM|[email protected],-10001|[email protected],-11001|[email protected],-9000|"
"Microsoft-Windows-PeerDist-WSD-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=PeerDistSvc|[email protected],-10002|[email protected],-11002|[email protected],-9001|"
"Microsoft-Windows-PeerDist-WSD-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\\system32\\svchost.exe|Svc=PeerDistSvc|[email protected],-10003|[email protected],-11003|[email protected],-9001|"
"Microsoft-Windows-PeerDist-HostedServer-In"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=443|App=SYSTEM|[email protected],-10004|[email protected],-11004|[email protected],-9002|"
"Microsoft-Windows-PeerDist-HostedServer-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|LPort=443|App=SYSTEM|[email protected],-10005|[email protected],-11005|[email protected],-9002|"
"Microsoft-Windows-PeerDist-HostedClient-Out"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RPort=443|App=SYSTEM|[email protected],-10006|[email protected],-11006|[email protected],-9003|"
"MCX-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30753|[email protected],-30756|[email protected],-30752|"
"MCX-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30757|[email protected],-30760|[email protected],-30752|"
"MCX-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=554|LPort=8554|LPort=8555|LPort=8556|LPort=8557|LPort=8558|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\ehome\\ehshell.exe|[email protected],-30761|[email protected],-30764|[email protected],-30752|"
"MCX-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\ehome\\ehshell.exe|[email protected],-30765|[email protected],-30768|[email protected],-30752|"
"MCX-QWave-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-30769|[email protected],-30772|[email protected],-30752|"
"MCX-QWave-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-30773|[email protected],-30776|[email protected],-30752|"
"MCX-QWave-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-30777|[email protected],-30780|[email protected],-30752|"
"MCX-QWave-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Qwave|[email protected],-30781|[email protected],-30784|[email protected],-30752|"
"MCX-HTTPSTR-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=10244|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30785|[email protected],-30788|[email protected],-30752|"
"MCX-TERMSRV-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=3390|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30793|[email protected],-30796|[email protected],-30752|"
"MCX-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=7777|LPort=7778|LPort=7779|LPort=7780|LPort=7781|LPort=5004|LPort=5005|LPort=50004|LPort=50005|LPort=50006|LPort=50007|LPort=50008|LPort=50009|LPort=50010|LPort=50011|LPort=50012|LPort=50013|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\ehome\\ehshell.exe|[email protected],-30801|[email protected],-30804|[email protected],-30752|"
"MCX-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\ehome\\ehshell.exe|[email protected],-30805|[email protected],-30808|[email protected],-30752|"
"MCX-MCX2SVC-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=mcx2svc|[email protected],-30810|[email protected],-30811|[email protected],-30752|"
"MCX-Prov-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\\ehome\\mcx2prov.exe|[email protected],-30812|[email protected],-30813|[email protected],-30752|"
"MCX-PlayTo-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30814|[email protected],-30815|[email protected],-30752|"
"MCX-PlayTo-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-30816|[email protected],-30817|[email protected],-30752|"
"MCX-McrMgr-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\\ehome\\mcrmgr.exe|[email protected],-30818|[email protected],-30819|[email protected],-30752|"
"MCX-PlayTo-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30820|[email protected],-30821|[email protected],-30752|"
"MCX-FDPHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-30822|[email protected],-30823|[email protected],-30752|"
"RemoteDesktop-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=3389|App=System|[email protected],-28753|[email protected],-28756|[email protected],-28752|"
"RemoteDesktop-UserMode-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=3389|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|[email protected],-28853|[email protected],-28856|[email protected],-28852|"
"WPDMTP-Out-TCP-NoScope"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\\system32\\wudfhost.exe|[email protected],-30503|[email protected],-30506|[email protected],-30502|"
"WPDMTP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\wudfhost.exe|[email protected],-30503|[email protected],-30506|[email protected],-30502|"
"WPDMTP-SSDPSrv-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30507|[email protected],-30510|[email protected],-30502|"
"WPDMTP-SSDPSrv-Out-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|[email protected],-30511|[email protected],-30514|[email protected],-30502|"
"WPDMTP-UPnPHost-In-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-30515|[email protected],-30518|[email protected],-30502|"
"WPDMTP-UPnPHost-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=fdphost|[email protected],-30519|[email protected],-30522|[email protected],-30502|"
"WPDMTP-UPnP-Out-TCP"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=upnphost|[email protected],-30523|[email protected],-30524|[email protected],-30502|"
"RemoteDesktop-UserMode-In-UDP"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3389|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|[email protected],-101|[email protected],-102|[email protected],-28852|"
"{B99ADA06-7F1B-45E0-97CF-111F9757A78F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|Name=File and Printer Sharing (LLMNR-UDP-In)|[email protected],-28549|[email protected],-28502|"
"{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=dnscache|Name=File and Printer Sharing (LLMNR-UDP-Out)|[email protected],-28551|[email protected],-28502|"
"{FF12FAD7-907C-46A9-B753-350099A3C57D}"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|App=%SystemRoot%\\system32\\msra.exe|Name=Remote Assistance (TCP-In)|[email protected],-33006|[email protected],-33002|Edge=TRUE|Defer=App|"
"{FB5CAB66-605E-4D70-8614-A08B382D695F}"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|App=%SystemRoot%\\system32\\msra.exe|Name=Remote Assistance (TCP-Out)|[email protected],-33010|[email protected],-33002|"
"{37027095-D481-4B4D-9488-C28D5D1706B6}"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|Name=Remote Assistance (SSDP UDP-In)|[email protected],-33022|[email protected],-33002|"
"{84D3F720-2CB3-43C1-AB52-EFC9DE6AA178}"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|Name=Remote Assistance (SSDP UDP-Out)|[email protected],-33026|[email protected],-33002|"
"{61194830-003E-400D-82C6-DB3F234ECCD0}"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|Name=Remote Assistance (SSDP TCP-In)|[email protected],-33030|[email protected],-33002|"
"{0057F9E0-1757-413E-8D2B-8338B6B6B248}"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\\system32\\svchost.exe|Svc=Ssdpsrv|Name=Remote Assistance (SSDP TCP-Out)|[email protected],-33034|[email protected],-33002|"
"{BAA9DA42-3443-40D7-91CE-E36076D7F38F}"="v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|LPort=3540|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|Name=Remote Assistance (PNRP-In)|[email protected],-33040|[email protected],-33002|Edge=TRUE|Defer=App|"
"{75712289-501A-4C79-8597-8A5C320CD92E}"="v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|App=%systemroot%\\system32\\svchost.exe|Svc=pnrpsvc|Name=Remote Assistance (PNRP-Out)|[email protected],-33038|[email protected],-33002|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=dword:00000001
"DisableNotifications"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging]
"LogFileSize"=dword:00001000
"LogFilePath"="%systemroot%\\system32\\LogFiles\\Firewall\\pfirewall.log"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System]
"AxInstSV-1"="V2.0|Action=Block|Dir=In|app=%windir%\\System32\\svchost.exe|Svc=AxInstSV|Name=AxInstSV_In_Block|Desc=Network rules for inbound traffic to AxInstSV|"
"AxInstSV-2"="V2.0|Action=Allow|Dir=Out|Protocol=6|app=%windir%\\System32\\svchost.exe|Svc=AxInstSV|Name=AxInstSV_Out_Allow|Desc=Network rules for outbound TCP traffic from AxInstSV|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
"HidServ-1"="V2.0|Action=Block|Dir=in|App=%windir%\\System32\\svchost.exe|Svc=HidServ|Name=Block any traffic to HidServ|"
"HidServ-2"="V2.0|Action=Block|Dir=out|App=%windir%\\System32\\svchost.exe|Svc=HidServ|Name=Block any traffic from HidServ|"
"Eventlog-1"="V2.0|Action=Allow|Dir=In|LPort=RPC|Protocol=6|App=%SystemRoot%\\system32\\svchost.exe|Svc=EventLog|Name=Allow RPC/TCP traffic to EventLog|"
"Eventlog-2"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=EventLog|Name=Block any traffic to EventLog|"
"Eventlog-3"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=EventLog|Name=Block any traffic from EventLog|"
"PolicyAgent-1"="V2.0|Action=Allow|Dir=Out|RPort=389|Protocol=6|App=%SystemRoot%\\system32\\svchost.exe|Svc=PolicyAgent|[email protected],-23300|[email protected],-23301|"
"PolicyAgent-2"="V2.0|Action=Allow|Dir=Out|RPort=389|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=PolicyAgent|[email protected],-23302|[email protected],-23303|"
"PolicyAgent-3"="V2.0|Action=Allow|Dir=In|LPort=RPC|Protocol=6|App=%SystemRoot%\\system32\\svchost.exe|Svc=PolicyAgent|[email protected],-23312|[email protected],-23313|"
"PolicyAgent-4"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=PolicyAgent|[email protected],-23304|"
"PolicyAgent-5"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=PolicyAgent|[email protected],-23305|"
"DPS-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=DPS|Name=Block any other traffic to and from DPS|"
"DPS-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=DPS|Name=Block any other traffic to and from DPS|"
"WdiSystemHost-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=WdiSystemHost|Name=Block any other traffic to and from WdiSystemHost|"
"WdiSystemHost-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=WdiSystemHost|Name=Block any other traffic to and from WdiSystemHost|"
"Netman-1"="V2.0|Dir=In|Action=Block|App=%SystemRoot%\\System32\\svchost.exe|Svc=Netman|Name=Block all inbound traffic to Netman|"
"Netman-2"="V2.0|Dir=Out|Action=Block|App=%SystemRoot%\\System32\\svchost.exe|Svc=Netman|Name=Block all outbound traffic from Netman|"
"BFE-1"="V2.0|Action=Block|Dir=in|App=%SystemRoot%\\System32\\svchost.exe|Svc=BFE|Name=Block inbound traffic to BFE|"
"BFE-2"="V2.0|Action=Block|Dir=out|App=%SystemRoot%\\System32\\svchost.exe|Svc=BFE|Name=Block outbound traffic from BFE|"
"DHCP-1"="V2.0|Action=Allow|Dir=Out|LPORT=68|RPort=67|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=DHCP|Name=@%SystemRoot%\\system32\\dhcpcore.dll,-102|Desc=@%SystemRoot%\\system32\\dhcpcore.dll,-102|"
"DHCP-1-1"="V2.0|Action=Allow|Dir=In|LPORT=68|RPort=67|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=DHCP|Name=@%SystemRoot%\\system32\\dhcpcore.dll,-102|Desc=@%SystemRoot%\\system32\\dhcpcore.dll,-102|"
"DHCP-2"="V2.0|Action=Allow|Dir=In|LPORT=546|RPort=547|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=DHCP|Name=@%SystemRoot%\\system32\\dhcpcore.dll,-102|Desc=@%SystemRoot%\\system32\\dhcpcore.dll,-102|"
"DHCP-3"="V2.0|Action=Allow|Dir=Out|LPORT=546|RPort=547|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=DHCP|Name=@%SystemRoot%\\system32\\dhcpcore.dll,-102|Desc=@%SystemRoot%\\system32\\dhcpcore.dll,-102|"
"DHCP-4"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=DHCP|Name=@%SystemRoot%\\system32\\dhcpcore.dll,-102|"
"DHCP-5"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=DHCP|Name=@%SystemRoot%\\system32\\dhcpcore.dll,-102|"
"Trkwks-1"="V2.0|Action=Block|Dir=in|App=%windir%\\System32\\svchost.exe|Svc=trkwks|Name=Block any traffic to TrkWks service|"
"Trkwks-2"="V2.0|Action=Block|Dir=out|App=%windir%\\System32\\svchost.exe|Svc=trkwks|Name=Block any traffic from TrkWks service|"
"AVEndpointBuilder-1"="V2.0|Action=Block|Dir=in|App=%SystemRoot%\\system32\\svchost.exe|Svc=AudioEndpointBuilder|Name=Block any inbound traffic to AudioEndpointBuilder|"
"AVEndpointBuilder-2"="V2.0|Action=Block|Dir=out|App=%SystemRoot%\\system32\\svchost.exe|Svc=AudioEndpointBuilder|Name=Block any outbound traffic from AudioEndpointBuilder|"
"Audiosrv-1"="V2.0|Action=Block|Dir=in|App=%SystemRoot%\\system32\\svchost.exe|Svc=Audiosrv|Name=Block any inbound traffic to Audiosrv|"
"Audiosrv-2"="V2.0|Action=Block|Dir=out|App=%SystemRoot%\\system32\\svchost.exe|Svc=Audiosrv|Name=Block any outbound traffic from Audiosrv|"
"LMHosts-1"="V2.0|Action=Allow|Dir=Out|RPort=53|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=lmhosts|Name=@%SystemRoot%\\system32\\lmhsvc.dll,-103|"
"LMHosts-2"="V2.0|Action=Allow|Dir=Out|RPort=53|Protocol=6|App=%SystemRoot%\\system32\\svchost.exe|Svc=lmhosts|Name=@%SystemRoot%\\system32\\lmhsvc.dll,-103|"
"LMHosts-3"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=lmhosts|Name=@%SystemRoot%\\system32\\lmhsvc.dll,-103|"
"LMHosts-4"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=lmhosts|Name=@%SystemRoot%\\system32\\lmhsvc.dll,-103|"
"MPSSVC-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=Mpssvc|[email protected],-23306|"
"MPSSVC-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=Mpssvc|[email protected],-23307|"
"WerSvc-1"="V2.0|Action=Block|Dir=In|app=%windir%\\System32\\svchost.exe|Svc=WerSvc|Name=WerSvc_In_Block|Desc=Network rules for inbound traffic to WerSvc|"
"WerSvc-2"="V2.0|Action=Block|Dir=Out|app=%windir%\\System32\\svchost.exe|Svc=WerSvc|Name=WerSvc_Out_Block|Desc=Network rules for outbound traffic from WerSvc|"
"WudfSvc-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=WudfSvc|Name=Block any traffic to and from WudfSvc|"
"WudfSvc-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=WudfSvc|Name=Block any traffic to and from WudfSvc|"
"SNMPTRAP-1"="V2.0|Action=Allow|Dir=In|Protocol=17|App=%SystemRoot%\\system32\\snmptrap.exe|Svc=SNMPTRAP|Name=@%SystemRoot%\\system32\\snmptrap.exe,-5|"
"SNMPTRAP-2"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\snmptrap.exe|Svc=SNMPTRAP|Name=@%SystemRoot%\\system32\\snmptrap.exe,-6|"
"SNMPTRAP-3"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\snmptrap.exe|Svc=SNMPTRAP|Name=@%SystemRoot%\\system32\\snmptrap.exe,-6|"
"UI0Detect-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\System32\\UI0Detect.exe|Svc=UI0Detect|Name=Block any traffic to and from UI0Detect|"
"UI0Detect-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\System32\\UI0Detect.exe|Svc=UI0Detect|Name=Block any traffic to and from UI0Detect|"
"uxsms-1"="V2.0|Action=Block|Dir=in|App=%SystemRoot%\\System32\\svchost.exe|Svc=uxsms|Name=Block inbound traffic to uxsms|"
"uxsms-2"="V2.0|Action=Block|Dir=out|App=%SystemRoot%\\System32\\svchost.exe|Svc=uxsms|Name=Block outbound traffic from uxsms|"
"dot3svc-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\System32\\svchost.exe|Svc=dot3svc|Name=Block any traffic to and from dot3svc|"
"dot3svc-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\System32\\svchost.exe|Svc=dot3svc|Name=Block any traffic to and from dot3svc|"
"IPBusEnum-1"="V2.0|Action=Block|Dir=in|App=%SystemRoot%\\system32\\svchost.exe|Svc=IPBusEnum|Name=Block any inbound traffic to IPBusEnum|"
"IPBusEnum-2"="V2.0|Action=Block|Dir=out|App=%SystemRoot%\\system32\\svchost.exe|Svc=IPBusEnum|Name=Block any outbound traffic from IPBusEnum|"
"PNRP Block In"="v2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|Name=Block PNRP from all other ports|"
"PnrpAuto Block In"="v2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPAutoReg|Name=Block PnrpAuto from all ports|"
"Sysmain-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=sysmain|Name=Block outbound access to sysmain|"
"PnrpAuto Block Out"="v2.0|Action=Block|Dir=out|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPAutoReg|Name=Block PnrpAuto from all ports|"
"PcaSvc-1"="V2.0|Action=Block|Dir=in|App=%SystemRoot%\\system32\\svchost.exe|Svc=PcaSvc|[email protected],-3|[email protected],-5|"
"HomeGroup Allow Out (PRNP)"="v2.0|Action=Allow|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=HomeGroupProvider|RPort=3540|Protocol=17|Name=Allow PNRP to send from port 3540|"
"PcaSvc-2"="V2.0|Action=Block|Dir=out|App=%SystemRoot%\\system32\\svchost.exe|Svc=PcaSvc|[email protected],-4|[email protected],-6|"
"HomeGroup Block In"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=HomeGroupProvider|Name=Block homegroup incoming|"
"SearchFilterHost-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\SearchFilterHost.exe|Name=Block all inbound traffic to SearchFilterHost|"
"Wlansvc-2"="V2.0|Dir=Out|Action=Block|App=%SystemRoot%\\System32\\svchost.exe|Svc=Wlansvc|Name=Block any traffic to and from Wlansvc|"
"P2P Grouping Block In"="v2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=p2psvc|Name=Block Grouping from all other ports|"
"Sysmain-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=sysmain|Name=Block inbound access to sysmain|"
"HomeGroup Allow In"="v2.0|Action=Allow|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=HomeGroupProvider|LPort=3587|Protocol=6|Name=Allow Grouping to receive from port 3587|"
"WSC Deny All Inbound"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=WscSvc|Name=Deny all inbound traffic to WSC|"
"SearchFilterHost-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\SearchFilterHost.exe|Name=Block all outbound traffic from SearchFilterHost|"
"Wlansvc-1"="V2.0|Dir=In|Action=Block|App=%SystemRoot%\\System32\\svchost.exe|Svc=Wlansvc|Name=Block any traffic to and from Wlansvc|"
"P2P Grouping Allow Out"="v2.0|Action=Allow|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=P2PSvc|RPort=3587|Protocol=6|Name=Allow Grouping to send to port 3587|"
"SearchIndexer-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\SearchIndexer.exe|Svc=WSearch|Name=Block all outbound traffic from SearchIndexer|"
"HomeGroup Allow In (PRNP)"="v2.0|Action=Allow|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=HomeGroupProvider|LPort=3540|Protocol=17|Name=Allow PNRP to receive from port 3540|"
"SearchIndexer-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\SearchIndexer.exe|Svc=WSearch|Name=Block all inbound traffic to SearchIndexer|"
"PNRP Allow Out"="v2.0|Action=Allow|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|LPort=3540|Protocol=17|Name=Allow PNRP to send to port 3540|"
"WindowsDefender-Out"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\\\system32\\\\svchost.exe|Svc=WinDefend|Name=Block any traffic from WinDefend|"
"P2P Ident Block In"="v2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=p2pimsvc|Name=Block Idman from all other ports|"
"P2P Grouping Block Out"="v2.0|Action=Block|Dir=out|App=%SystemRoot%\\system32\\svchost.exe|Svc=p2psvc|Name=Block Grouping from all other ports|"
"HomeGroup Block Out"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=HomeGroupProvider|Name=Block homegroup outgoing|"
"P2P Ident Block Out"="v2.0|Action=Block|Dir=out|App=%SystemRoot%\\system32\\svchost.exe|Svc=p2pimsvc|Name=Block Idman from all other ports|"
"WcsPlugInService-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=WcsPlugInService|[email protected],-160|"
"TabletInputService-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=TabletInputService|Name=Block any traffic to TabletInputService|"
"PNRP Block Out"="v2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|Name=Block PNRP from all other ports|"
"WwanSvc-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=WwanSvc|Name=Block any network traffic to WwanSvc|"
"TabletInputService-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=TabletInputService|Name=Block any traffic from TabletInputService|"
"HomeGroup Allow Out"="v2.0|Action=Allow|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=HomeGroupProvider|RPort=3587|Protocol=6|Name=Allow Grouping to send to port 3587|"
"HomeGroup Listener Block Out"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=HomeGroupListener|Name=Block all outgoing|"
"HomeGroup Listener Block In"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=HomeGroupListener|Name=Block all incoming|"
"PNRP Allow In"="v2.0|Action=Allow|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=PNRPSvc|LPort=3540|Protocol=17|Name=Allow PNRP to send to port 3540|"
"WcsPlugInService-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=WcsPlugInService|[email protected],-161|"
"WindowsDefender-In"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\\\system32\\\\svchost.exe|Svc=WinDefend|Name=Block any traffic to WinDefend|"
"WwanSvc-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=WwanSvc|Name=Block any network traffic from WwanSvc|"
"WSC Deny All Outbound"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=WscSvc|Name=Deny all outbound traffic from WSC|"
"WPDBUSENUM-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=WPDBusEnum|Name=Block all traffic to and from WPDBusEnum|"
"P2P Grouping Allow In"="v2.0|Action=Allow|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=P2PSvc|LPort=3587|Protocol=6|Name=Allow Grouping to receive from port 3587|"
"WPDBUSENUM-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=WPDBusEnum|Name=Block all traffic to and from WPDBusEnum|"
"UmRdpService-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=UmRdpService|Name=Block any traffic to UmRdpService|"
"UmRdpService-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=UmRdpService|Name=Block any traffic from UmRdpService|"
"PeerDist Allow WSD In"="V2.0|Action=Allow|Dir=In|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=PeerDistSvc|Name=Allow incoming WSD to PeerDistSvc|"
"PeerDist Allow WSD In 2"="V2.0|Action=Allow|Dir=In|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=PeerDistSvc|Name=Allow incoming WSD to PeerDistSvc|"
"PeerDist Block Out"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=PeerDistSvc|Name=Block PeerDistSvc From All other ports|"
"CscService-1"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=CscService|Name=Block any other traffic to and from CSCService|"
"PeerDist Allow TCP Out"="V2.0|Action=Allow|Dir=Out|Protocol=6|App=%SystemRoot%\\system32\\svchost.exe|Svc=PeerDistSvc|Name=Allow outgoing TCP from PeerDistSvc|"
"PeerDist Allow WSD Out 2"="V2.0|Action=Allow|Dir=Out|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=PeerDistSvc|Name=Allow outgoing WSD from PeerDistSvc|"
"CscService-2"="V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\svchost.exe|Svc=CscService|Name=Block any other traffic to and from CSCService|"
"PeerDist Allow TCP In"="V2.0|Action=Allow|Dir=In|Protocol=6|App=%SystemRoot%\\system32\\svchost.exe|Svc=PeerDistSvc|Name=Allow incoming TCP to PeerDistSvc|"
"PeerDist Allow WSD Out"="V2.0|Action=Allow|Dir=Out|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|Protocol=17|App=%SystemRoot%\\system32\\svchost.exe|Svc=PeerDistSvc|Name=Allow outgoing WSD from PeerDistSvc|"
"PeerDist Block In"="V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\svchost.exe|Svc=PeerDistSvc|Name=Block PeerDistSvc From All other ports|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=dword:00000001
"DisableNotifications"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]
"LogFileSize"=dword:00001000
"LogFilePath"="%systemroot%\\system32\\LogFiles\\Firewall\\pfirewall.log"
[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\wscsvc]
"DisplayName"="@%SystemRoot%\\System32\\wscsvc.dll,-200"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,\
72,00,69,00,63,00,74,00,65,00,64,00,00,00
"Start"=dword:00000002
"Type"=dword:00000020
"Description"="@%SystemRoot%\\System32\\wscsvc.dll,-201"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,77,00,69,00,6e,00,\
6d,00,67,00,6d,00,74,00,00,00,00,00
"ObjectName"="NT AUTHORITY\\LocalService"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,00,00
"DelayedAutoStart"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00
[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\wscsvc\Enum]
"0"="Root\\LEGACY_WSCSVC\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001
[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\wscsvc\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,59,00,53,00,54,00,45,00,4d,00,52,00,4f,00,4f,\
00,54,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,73,00,63,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\wscsvc\Security]
"Security"=hex:01,00,14,80,c8,00,00,00,d4,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,98,00,06,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\
00,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,28,00,15,00,00,00,01,06,00,\
00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,\
7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,\
00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"PreshutdownTimeout"=dword:036ee800
"DisplayName"="Windows Update"
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Windows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API."
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"DelayedAutoStart"=dword:00000001
"Type"=dword:00000020
"DependOnService"=hex(7):72,00,70,00,63,00,73,00,73,00,00,00,00,00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,41,00,75,00,64,00,69,00,74,00,50,00,72,\
00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,72,00,\
65,00,61,00,74,00,65,00,47,00,6c,00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,\
00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,72,00,65,00,\
61,00,74,00,65,00,50,00,61,00,67,00,65,00,46,00,69,00,6c,00,65,00,50,00,72,\
00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,63,00,\
62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,\
00,41,00,73,00,73,00,69,00,67,00,6e,00,50,00,72,00,69,00,6d,00,61,00,72,00,\
79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,\
00,67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,\
6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,\
00,00,00,53,00,65,00,49,00,6e,00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,\
75,00,6f,00,74,00,61,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,\
00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\Parameters]
"ServiceDll"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,75,00,61,00,75,00,65,00,6e,00,67,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceMain"="WUServiceMain"
"ServiceDllUnloadOnStop"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\Security]
"Security"=hex:01,00,14,80,78,00,00,00,84,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,00,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,48,00,03,00,00,00,00,00,14,00,9d,00,02,00,01,01,00,00,00,00,00,\
05,0b,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,ff,01,0f,00,01,01,00,00,00,00,00,05,12,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
Endregedit:
Reboot:
*****************
Restore point was successfully created.
====> Registry
The system needed a reboot.
==== End of Fixlog 22:00:02 ====
Farbar Service Scanner Version: 27-01-2016
Ran by Amanda (administrator) on 16-01-2019 at 22:03:54
Running from "C:\Users\Amanda\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
Edited by Jackpine, 16 January 2019 - 09:14 PM.