RogueKiller V12.9.6.0 (x64) [Jan 30 2017] (Ücretsiz) by Adlice Software
mail : Support Form | Contact • Adlice Software
Geribildirim : http://forum.adlice.com
Website : Free Virus Cleaner | RogueKiller AntiMalware • Adlice Software
Bolg : http://www.adlice.com
İşletim Sistemi : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
-de başlatıldı : Normal mod
Kullanıcı : Philipp [Yönetici]
-den başlatıldı : C:\Program Files\RogueKiller\RogueKiller64.exe
Mod : Sil – Tarih : 02/03/2017 00:23:59 (Süreç : 00:36:14)
¤¤¤ İşlemler : 1 ¤¤¤
[Adw.DNSUnlocker] ZAM.exe(2744) – C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe[7] → Öldürüldü [TermThr]
¤¤¤ Kayıt : 145 ¤¤¤
[PUP.Ghokswa] (X86) HKEY_LOCAL_MACHINE\Software\Firefox → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\1ClickDow nload → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\APN PIP → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr_ Toolbar → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\InstallCo re → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Search Settings → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Softonic → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\SweetIM → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Systweak → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\YTD → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\1ClickDow nload → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\APN PIP → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr_ Toolbar → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\InstallCo re → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Search Settings → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Softonic → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\SweetIM → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Systweak → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\YTD → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\OCS → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\OCS → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Toolbar → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Toolbar → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\Search Settings → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\searchqutoolbar → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\YTD → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\Search Settings → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\searchqutoolbar → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\YTD → Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\Application Updater (“C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe”) → Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\Application Updater (“C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe”) → Seçilmedi
[PUM.Proxy] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 → Seçilmedi
[PUM.Proxy] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 → Seçilmedi
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings | ProxyServer : 46.165.193.67:5056 → Seçilmedi
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings | ProxyServer : 46.165.193.67:5056 → Seçilmedi
[PUM.HomePage] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Internet Explorer\Main | Start Page : Yandex — hızlı İnternet araması → Seçilmedi
[PUM.HomePage] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Internet Explorer\Main | Start Page : Yandex — hızlı İnternet araması → Seçilmedi
[PUM.HomePage] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Internet Explorer\Main | Default_Page_URL : http://www.v9.com/?utm_source=b&utm_...&ts=1350857397 → Seçilmedi
[PUM.HomePage] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Internet Explorer\Main | Default_Page_URL : http://www.v9.com/?utm_source=b&utm_...&ts=1350857397 → Seçilmedi
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\T cpip\Parameters\Interfaces{F1198B90-493F-4495-879E-89672178C3BF} | NameServer : 8.8.8.8,1.1.1.1 ([-][AU]) → Seçilmedi
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\T cpip\Parameters\Interfaces{F1198B90-493F-4495-879E-89672178C3BF} | NameServer : 8.8.8.8,1.1.1.1 ([-][AU]) → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {154E50E9-CF46-4D5A-BADF-8FC96D69EA96} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {A6284518-2AE7-4761-91DC-626726E5A8EA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | TCP Query User{A9983C15-8D44-4140-B48E-3EB68FC61B72}C:\users\philipp\appdata\local\temp\g w2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\users\philipp\appdata\local\ temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | UDP Query User{9893247F-591F-411A-A5A0-6D1D5E2A9585}C:\users\philipp\appdata\local\temp\g w2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\users\philipp\appdata\local \temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {C59BE5A2-C54D-4576-A0CD-AE620B030618} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1040\Agent.exe|Name=Blizzard Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {1EBF8FCA-8695-4942-93B1-6390A4F75E23} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1040\Agent.exe|Name=Blizzard Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {9BC543B4-45C4-4810-9109-911D926AEEE6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1544\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {7A8EF53F-3314-4268-8BA3-12D39F61E7F4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1544\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {DBBE1C86-2809-4AA7-AA3B-0D5C299D7942} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1637\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {271CEEBD-7901-494F-9FE7-96C9810A94DC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1637\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {12AA3395-A2A6-4B67-8B7C-CD00E14F7365} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1675\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {8DE6E3E3-18FA-4CE3-87CA-B09BA90906B5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1675\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {09BB82F7-18E0-405D-8642-6E4AA7CEE361} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1737\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {F93E54A2-C3FE-4F80-83DC-C434D5242BE4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1737\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {DBE3F464-04DC-470E-A92C-274B34722CB9} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users \Philipp\AppData\Local\Facebook\Video\Skype\Facebo okVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {AD41DB8E-80E7-431A-AE68-4050D1F40387} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.2000\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {D1FC718B-D72D-4EF5-96ED-E90A0B1C6A0E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.2000\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {4B2D6E05-483D-49F1-A66B-E23EE778AD00} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.1267\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.1267\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D805F393-DF9F-42DB-8BD8-A10435FFD59E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2045\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2045\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {1F8EFC10-91D2-4DEF-9300-AA828DE18B26} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {65D1CA79-73C8-4C1C-A396-55114CC5C61C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {2E300A00-EF29-4879-AD3F-8C035C177F2F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent .2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\programdata\battle.net\agent \agent.2689\agent.exe|Name=Battle.net Update Agent Update Agent|Edge=TRUE|Defer=App| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent .2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\programdata\battle.net\agen t\agent.2689\agent.exe|Name=Battle.net Update Agent Update Agent|Edge=TRUE|Defer=App| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {07A267BF-9BD3-4856-88D1-A924CF38EFBC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2787\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {04756382-6EB7-495C-85E9-516EED38F5FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2787\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {3363AF0F-0FAE-4932-9BDC-F768D750CD20} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2880\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {FF75CEDC-9CF5-481D-9063-269F7C9A3EEB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2880\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {FBF504C5-7660-4CA0-9461-EE1588F6F15D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3023\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {9B3BB61E-72AA-4C6A-9524-F08E717DB6BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3023\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {2BA43725-5873-4C4B-B214-D17575BED6C1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3109\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {9BE1D182-5C1A-4012-8196-D78F15784A37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3109\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {C5343D04-4C9B-4307-A77C-075B8B2C9E8F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3235\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {B29A6550-56A1-491E-BB46-A0863A286D3F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3235\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {8FCE413C-7C8F-49D2-97AB-12AF69EBBE36} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3286\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {6D6C39D8-B4DC-471E-AD24-04DB637E2F52} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3286\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D746C5F2-5646-488A-AA6A-9EFCB544C556} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3478\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {ECACD096-AD74-4AA4-A843-FDFB10ED1EE7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3478\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {B57AD082-017F-4128-AF5E-A02D6F3AE087} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3634\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {07A18F29-12BC-4AAB-A245-B4291010C345} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3634\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {98CFEB0B-2567-4974-AD58-360ED70FB0BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3688\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D3C6F70D-7E00-41A4-9628-1D22289A2534} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3688\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {6C27E94F-9B54-4A90-9F4C-FBF097292328} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.3689\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {C07014D5-340A-473A-8A73-C045C7E3989F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.3689\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {05E61BB9-15E2-4964-ABBD-67110BF469F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Progr am Files (x86)\Firefox\bin\FirefoxUpdate.exe|Name=Update service| → Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {52F974BB-5934-4D2F-A4D9-CDD1DB7042F7} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Progr am Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {154E50E9-CF46-4D5A-BADF-8FC96D69EA96} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {A6284518-2AE7-4761-91DC-626726E5A8EA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | TCP Query User{A9983C15-8D44-4140-B48E-3EB68FC61B72}C:\users\philipp\appdata\local\temp\g w2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\users\philipp\appdata\local\ temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | UDP Query User{9893247F-591F-411A-A5A0-6D1D5E2A9585}C:\users\philipp\appdata\local\temp\g w2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\users\philipp\appdata\local \temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {C59BE5A2-C54D-4576-A0CD-AE620B030618} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1040\Agent.exe|Name=Blizzard Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {1EBF8FCA-8695-4942-93B1-6390A4F75E23} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1040\Agent.exe|Name=Blizzard Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {9BC543B4-45C4-4810-9109-911D926AEEE6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1544\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {7A8EF53F-3314-4268-8BA3-12D39F61E7F4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1544\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {DBBE1C86-2809-4AA7-AA3B-0D5C299D7942} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1637\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {271CEEBD-7901-494F-9FE7-96C9810A94DC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1637\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {12AA3395-A2A6-4B67-8B7C-CD00E14F7365} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1675\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {8DE6E3E3-18FA-4CE3-87CA-B09BA90906B5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1675\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {09BB82F7-18E0-405D-8642-6E4AA7CEE361} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1737\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {F93E54A2-C3FE-4F80-83DC-C434D5242BE4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1737\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {DBE3F464-04DC-470E-A92C-274B34722CB9} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users \Philipp\AppData\Local\Facebook\Video\Skype\Facebo okVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {AD41DB8E-80E7-431A-AE68-4050D1F40387} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.2000\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {D1FC718B-D72D-4EF5-96ED-E90A0B1C6A0E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.2000\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {4B2D6E05-483D-49F1-A66B-E23EE778AD00} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.1267\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.1267\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D805F393-DF9F-42DB-8BD8-A10435FFD59E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2045\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2045\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {1F8EFC10-91D2-4DEF-9300-AA828DE18B26} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {65D1CA79-73C8-4C1C-A396-55114CC5C61C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {2E300A00-EF29-4879-AD3F-8C035C177F2F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent .2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\programdata\battle.net\agent \agent.2689\agent.exe|Name=Battle.net Update Agent Update Agent|Edge=TRUE|Defer=App| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent .2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\programdata\battle.net\agen t\agent.2689\agent.exe|Name=Battle.net Update Agent Update Agent|Edge=TRUE|Defer=App| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {07A267BF-9BD3-4856-88D1-A924CF38EFBC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2787\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {04756382-6EB7-495C-85E9-516EED38F5FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2787\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {3363AF0F-0FAE-4932-9BDC-F768D750CD20} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2880\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {FF75CEDC-9CF5-481D-9063-269F7C9A3EEB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2880\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {FBF504C5-7660-4CA0-9461-EE1588F6F15D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3023\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {9B3BB61E-72AA-4C6A-9524-F08E717DB6BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3023\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {2BA43725-5873-4C4B-B214-D17575BED6C1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3109\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {9BE1D182-5C1A-4012-8196-D78F15784A37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3109\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {C5343D04-4C9B-4307-A77C-075B8B2C9E8F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3235\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {B29A6550-56A1-491E-BB46-A0863A286D3F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3235\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {8FCE413C-7C8F-49D2-97AB-12AF69EBBE36} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3286\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {6D6C39D8-B4DC-471E-AD24-04DB637E2F52} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3286\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D746C5F2-5646-488A-AA6A-9EFCB544C556} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3478\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {ECACD096-AD74-4AA4-A843-FDFB10ED1EE7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3478\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {B57AD082-017F-4128-AF5E-A02D6F3AE087} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3634\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {07A18F29-12BC-4AAB-A245-B4291010C345} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3634\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {98CFEB0B-2567-4974-AD58-360ED70FB0BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3688\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D3C6F70D-7E00-41A4-9628-1D22289A2534} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3688\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {6C27E94F-9B54-4A90-9F4C-FBF097292328} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.3689\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {C07014D5-340A-473A-8A73-C045C7E3989F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.3689\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {05E61BB9-15E2-4964-ABBD-67110BF469F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Progr am Files (x86)\Firefox\bin\FirefoxUpdate.exe|Name=Update service| → Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {52F974BB-5934-4D2F-A4D9-CDD1DB7042F7} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Progr am Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| → Seçilmedi
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 → Seçilmedi
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 → Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_F_1F6C\Microsoft \Windows NT\CurrentVersion\Windows | AppInit_DLLs : C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll → Seçilmedi
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_F_1F6C\Microsoft \Windows NT\CurrentVersion\Windows | AppInit_DLLs : C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll → Seçilmedi
¤¤¤ Görevler : 0 ¤¤¤
¤¤¤ Dosyalar : 0 ¤¤¤
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Host Dosyaları : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Yüklendi) ¤¤¤
¤¤¤ Web tarayıcıları : 1 ¤¤¤
[PUP.Gen2][Firefox:Addon] q87ndktt.default : Search and New Tab by Yahoo [jid1-16aeif9OQIRKxA@jetpack] → Seçilmedi
¤¤¤ MBR Kontrol : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 Series ATA Device +++++
— User —
[MBR] c394a36c7930a9924d682575f61ab5cc
[BSP] 851432715c4a2eb607f3604d5060c77b : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 … OK
User = LL2 … OK
+++++ PhysicalDrive1: SAMSUNG HM641JI ATA Device +++++
— User —
[MBR] 5460c99fa12c0c8e521f96d5f92dff68
[BSP] 10ee15797d2d9e4ad56c0324fc70ab9a : Kiwi MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 236544 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 484648960 | Size: 352537 MB
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1206644736 | Size: 21296 MB
User = LL1 … OK
User = LL2 … OK
mail : Support Form | Contact • Adlice Software
Geribildirim : http://forum.adlice.com
Website : Free Virus Cleaner | RogueKiller AntiMalware • Adlice Software
Bolg : http://www.adlice.com
İşletim Sistemi : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
-de başlatıldı : Normal mod
Kullanıcı : Philipp [Yönetici]
-den başlatıldı : C:\Program Files\RogueKiller\RogueKiller64.exe
Mod : Sil – Tarih : 02/03/2017 00:23:59 (Süreç : 00:36:14)
¤¤¤ İşlemler : 1 ¤¤¤
[Adw.DNSUnlocker] ZAM.exe(2744) – C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe[7] → Öldürüldü [TermThr]
¤¤¤ Kayıt : 145 ¤¤¤
[PUP.Ghokswa] (X86) HKEY_LOCAL_MACHINE\Software\Firefox → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\1ClickDow nload → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\APN PIP → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr_ Toolbar → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\InstallCo re → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Search Settings → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Softonic → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\SweetIM → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Systweak → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\YTD → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\1ClickDow nload → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\APN PIP → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr_ Toolbar → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\InstallCo re → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Search Settings → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Softonic → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\SweetIM → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Systweak → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\YTD → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\OCS → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\OCS → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Toolbar → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Toolbar → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\Search Settings → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\searchqutoolbar → Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\YTD → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\Search Settings → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\searchqutoolbar → Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLo w\Software\YTD → Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\Application Updater (“C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe”) → Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\Application Updater (“C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe”) → Seçilmedi
[PUM.Proxy] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 → Seçilmedi
[PUM.Proxy] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 → Seçilmedi
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings | ProxyServer : 46.165.193.67:5056 → Seçilmedi
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings | ProxyServer : 46.165.193.67:5056 → Seçilmedi
[PUM.HomePage] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Internet Explorer\Main | Start Page : Yandex — hızlı İnternet araması → Seçilmedi
[PUM.HomePage] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Internet Explorer\Main | Start Page : Yandex — hızlı İnternet araması → Seçilmedi
[PUM.HomePage] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Internet Explorer\Main | Default_Page_URL : http://www.v9.com/?utm_source=b&utm_...&ts=1350857397 → Seçilmedi
[PUM.HomePage] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft \Internet Explorer\Main | Default_Page_URL : http://www.v9.com/?utm_source=b&utm_...&ts=1350857397 → Seçilmedi
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\T cpip\Parameters\Interfaces{F1198B90-493F-4495-879E-89672178C3BF} | NameServer : 8.8.8.8,1.1.1.1 ([-][AU]) → Seçilmedi
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\T cpip\Parameters\Interfaces{F1198B90-493F-4495-879E-89672178C3BF} | NameServer : 8.8.8.8,1.1.1.1 ([-][AU]) → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {154E50E9-CF46-4D5A-BADF-8FC96D69EA96} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {A6284518-2AE7-4761-91DC-626726E5A8EA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | TCP Query User{A9983C15-8D44-4140-B48E-3EB68FC61B72}C:\users\philipp\appdata\local\temp\g w2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\users\philipp\appdata\local\ temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | UDP Query User{9893247F-591F-411A-A5A0-6D1D5E2A9585}C:\users\philipp\appdata\local\temp\g w2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\users\philipp\appdata\local \temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {C59BE5A2-C54D-4576-A0CD-AE620B030618} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1040\Agent.exe|Name=Blizzard Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {1EBF8FCA-8695-4942-93B1-6390A4F75E23} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1040\Agent.exe|Name=Blizzard Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {9BC543B4-45C4-4810-9109-911D926AEEE6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1544\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {7A8EF53F-3314-4268-8BA3-12D39F61E7F4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1544\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {DBBE1C86-2809-4AA7-AA3B-0D5C299D7942} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1637\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {271CEEBD-7901-494F-9FE7-96C9810A94DC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1637\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {12AA3395-A2A6-4B67-8B7C-CD00E14F7365} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1675\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {8DE6E3E3-18FA-4CE3-87CA-B09BA90906B5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1675\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {09BB82F7-18E0-405D-8642-6E4AA7CEE361} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1737\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {F93E54A2-C3FE-4F80-83DC-C434D5242BE4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1737\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {DBE3F464-04DC-470E-A92C-274B34722CB9} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users \Philipp\AppData\Local\Facebook\Video\Skype\Facebo okVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {AD41DB8E-80E7-431A-AE68-4050D1F40387} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.2000\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 01\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {D1FC718B-D72D-4EF5-96ED-E90A0B1C6A0E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.2000\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {4B2D6E05-483D-49F1-A66B-E23EE778AD00} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.1267\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.1267\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D805F393-DF9F-42DB-8BD8-A10435FFD59E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2045\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2045\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {1F8EFC10-91D2-4DEF-9300-AA828DE18B26} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {65D1CA79-73C8-4C1C-A396-55114CC5C61C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {2E300A00-EF29-4879-AD3F-8C035C177F2F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent .2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\programdata\battle.net\agent \agent.2689\agent.exe|Name=Battle.net Update Agent Update Agent|Edge=TRUE|Defer=App| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent .2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\programdata\battle.net\agen t\agent.2689\agent.exe|Name=Battle.net Update Agent Update Agent|Edge=TRUE|Defer=App| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {07A267BF-9BD3-4856-88D1-A924CF38EFBC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2787\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {04756382-6EB7-495C-85E9-516EED38F5FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2787\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {3363AF0F-0FAE-4932-9BDC-F768D750CD20} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2880\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {FF75CEDC-9CF5-481D-9063-269F7C9A3EEB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2880\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {FBF504C5-7660-4CA0-9461-EE1588F6F15D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3023\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {9B3BB61E-72AA-4C6A-9524-F08E717DB6BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3023\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {2BA43725-5873-4C4B-B214-D17575BED6C1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3109\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {9BE1D182-5C1A-4012-8196-D78F15784A37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3109\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {C5343D04-4C9B-4307-A77C-075B8B2C9E8F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3235\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {B29A6550-56A1-491E-BB46-A0863A286D3F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3235\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {8FCE413C-7C8F-49D2-97AB-12AF69EBBE36} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3286\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {6D6C39D8-B4DC-471E-AD24-04DB637E2F52} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3286\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D746C5F2-5646-488A-AA6A-9EFCB544C556} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3478\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {ECACD096-AD74-4AA4-A843-FDFB10ED1EE7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3478\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {B57AD082-017F-4128-AF5E-A02D6F3AE087} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3634\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {07A18F29-12BC-4AAB-A245-B4291010C345} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3634\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {98CFEB0B-2567-4974-AD58-360ED70FB0BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3688\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D3C6F70D-7E00-41A4-9628-1D22289A2534} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3688\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {6C27E94F-9B54-4A90-9F4C-FBF097292328} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.3689\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {C07014D5-340A-473A-8A73-C045C7E3989F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.3689\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {05E61BB9-15E2-4964-ABBD-67110BF469F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Progr am Files (x86)\Firefox\bin\FirefoxUpdate.exe|Name=Update service| → Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {52F974BB-5934-4D2F-A4D9-CDD1DB7042F7} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Progr am Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {154E50E9-CF46-4D5A-BADF-8FC96D69EA96} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {A6284518-2AE7-4761-91DC-626726E5A8EA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | TCP Query User{A9983C15-8D44-4140-B48E-3EB68FC61B72}C:\users\philipp\appdata\local\temp\g w2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\users\philipp\appdata\local\ temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | UDP Query User{9893247F-591F-411A-A5A0-6D1D5E2A9585}C:\users\philipp\appdata\local\temp\g w2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\users\philipp\appdata\local \temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {C59BE5A2-C54D-4576-A0CD-AE620B030618} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1040\Agent.exe|Name=Blizzard Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {1EBF8FCA-8695-4942-93B1-6390A4F75E23} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1040\Agent.exe|Name=Blizzard Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {9BC543B4-45C4-4810-9109-911D926AEEE6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1544\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {7A8EF53F-3314-4268-8BA3-12D39F61E7F4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1544\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {DBBE1C86-2809-4AA7-AA3B-0D5C299D7942} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1637\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {271CEEBD-7901-494F-9FE7-96C9810A94DC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1637\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {12AA3395-A2A6-4B67-8B7C-CD00E14F7365} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1675\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {8DE6E3E3-18FA-4CE3-87CA-B09BA90906B5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1675\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {09BB82F7-18E0-405D-8642-6E4AA7CEE361} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.1737\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {F93E54A2-C3FE-4F80-83DC-C434D5242BE4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.1737\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {DBE3F464-04DC-470E-A92C-274B34722CB9} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users \Philipp\AppData\Local\Facebook\Video\Skype\Facebo okVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {AD41DB8E-80E7-431A-AE68-4050D1F40387} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.2000\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet0 02\Services\SharedAccess\Parameters\FirewallPolicy \FirewallRules | {D1FC718B-D72D-4EF5-96ED-E90A0B1C6A0E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.2000\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {4B2D6E05-483D-49F1-A66B-E23EE778AD00} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.1267\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.1267\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D805F393-DF9F-42DB-8BD8-A10435FFD59E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2045\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2045\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {1F8EFC10-91D2-4DEF-9300-AA828DE18B26} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {65D1CA79-73C8-4C1C-A396-55114CC5C61C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {2E300A00-EF29-4879-AD3F-8C035C177F2F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.2380\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent .2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\programdata\battle.net\agent \agent.2689\agent.exe|Name=Battle.net Update Agent Update Agent|Edge=TRUE|Defer=App| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent .2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\programdata\battle.net\agen t\agent.2689\agent.exe|Name=Battle.net Update Agent Update Agent|Edge=TRUE|Defer=App| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {07A267BF-9BD3-4856-88D1-A924CF38EFBC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2787\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {04756382-6EB7-495C-85E9-516EED38F5FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2787\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {3363AF0F-0FAE-4932-9BDC-F768D750CD20} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.2880\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {FF75CEDC-9CF5-481D-9063-269F7C9A3EEB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.2880\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {FBF504C5-7660-4CA0-9461-EE1588F6F15D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3023\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {9B3BB61E-72AA-4C6A-9524-F08E717DB6BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3023\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {2BA43725-5873-4C4B-B214-D17575BED6C1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3109\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {9BE1D182-5C1A-4012-8196-D78F15784A37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3109\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {C5343D04-4C9B-4307-A77C-075B8B2C9E8F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3235\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {B29A6550-56A1-491E-BB46-A0863A286D3F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3235\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {8FCE413C-7C8F-49D2-97AB-12AF69EBBE36} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3286\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {6D6C39D8-B4DC-471E-AD24-04DB637E2F52} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3286\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D746C5F2-5646-488A-AA6A-9EFCB544C556} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3478\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {ECACD096-AD74-4AA4-A843-FDFB10ED1EE7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3478\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {B57AD082-017F-4128-AF5E-A02D6F3AE087} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3634\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {07A18F29-12BC-4AAB-A245-B4291010C345} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3634\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {98CFEB0B-2567-4974-AD58-360ED70FB0BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Private|App=C:\ProgramData\Battle.net\Agent \Agent.3688\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {D3C6F70D-7E00-41A4-9628-1D22289A2534} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Private|App=C:\ProgramData\Battle.net\Agen t\Agent.3688\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {6C27E94F-9B54-4A90-9F4C-FBF097292328} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|P rofile=Public|App=C:\ProgramData\Battle.net\Agent\ Agent.3689\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {C07014D5-340A-473A-8A73-C045C7E3989F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17| Profile=Public|App=C:\ProgramData\Battle.net\Agent \Agent.3689\Agent.exe|Name=Battle.net Update Agent| → Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {05E61BB9-15E2-4964-ABBD-67110BF469F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Progr am Files (x86)\Firefox\bin\FirefoxUpdate.exe|Name=Update service| → Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {52F974BB-5934-4D2F-A4D9-CDD1DB7042F7} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Progr am Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| → Seçilmedi
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 → Seçilmedi
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 → Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_F_1F6C\Microsoft \Windows NT\CurrentVersion\Windows | AppInit_DLLs : C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll → Seçilmedi
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_F_1F6C\Microsoft \Windows NT\CurrentVersion\Windows | AppInit_DLLs : C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll → Seçilmedi
¤¤¤ Görevler : 0 ¤¤¤
¤¤¤ Dosyalar : 0 ¤¤¤
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Host Dosyaları : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Yüklendi) ¤¤¤
¤¤¤ Web tarayıcıları : 1 ¤¤¤
[PUP.Gen2][Firefox:Addon] q87ndktt.default : Search and New Tab by Yahoo [jid1-16aeif9OQIRKxA@jetpack] → Seçilmedi
¤¤¤ MBR Kontrol : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 Series ATA Device +++++
— User —
[MBR] c394a36c7930a9924d682575f61ab5cc
[BSP] 851432715c4a2eb607f3604d5060c77b : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 … OK
User = LL2 … OK
+++++ PhysicalDrive1: SAMSUNG HM641JI ATA Device +++++
— User —
[MBR] 5460c99fa12c0c8e521f96d5f92dff68
[BSP] 10ee15797d2d9e4ad56c0324fc70ab9a : Kiwi MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 236544 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 484648960 | Size: 352537 MB
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1206644736 | Size: 21296 MB
User = LL1 … OK
User = LL2 … OK
Comment