| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-ThreadsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.05.2018, 14:17
| #16 |
 |  Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 12. Teil Code:
ATTFilter 05/13/18 " 07:39:37.757" 48158515 11d4 0448 ERROR CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1394 "Verification of deleting file C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE failed!"
05/13/18 " 07:39:37.757" 48158515 11d4 0448 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1496 "Scheduling DOR cleaning for file 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE'"
05/13/18 " 07:39:37.758" 48158515 11d4 0448 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE"
05/13/18 " 07:39:37.760" 48158515 11d4 0448 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 684 "Completed quarantining and DOR queueing File 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE'"
05/13/18 " 07:39:37.760" 48158515 11d4 0448 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Process C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE"
05/13/18 " 07:39:37.760" 48158515 11d4 0448 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 668 "Succeeded remediating (but did not quarantine) Process 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE'"
05/13/18 " 07:39:37.760" 48158515 11d4 0448 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Module C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE"
05/13/18 " 07:39:37.761" 48158515 11d4 0448 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 668 "Succeeded remediating (but did not quarantine) Module 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE'"
05/13/18 " 07:39:37.761" 48158515 11d4 0448 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegKey HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE"
05/13/18 " 07:39:37.761" 48158515 11d4 0448 INFO CleanControllerImpl RemovalEngine::RemediateRegKey "RemovalEngine.cpp" 468 "Cleaning reg key HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE, anti - rootkit = false"
05/13/18 " 07:39:37.762" 48158515 11d4 0448 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg key 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE'"
05/13/18 " 07:39:37.762" 48158515 11d4 0448 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE"
05/13/18 " 07:39:37.764" 48158531 11d4 0448 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE'"
05/13/18 " 07:39:37.764" 48158531 11d4 0448 INFO CleanControllerImpl Cleaner::RebuildSystemRegistryValues "Cleaner.cpp" 443 "Rebuilding system registry values."
05/13/18 " 07:39:37.765" 48158531 11d4 0448 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 426 "Successfully rebuilt registry value at HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit, from 'C:\WINDOWS\system32\userinit.exe' to 'C:\WINDOWS\system32\userinit.exe,'."
05/13/18 " 07:39:37.765" 48158531 11d4 0448 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 426 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages, from 'scecli^^' to 'scecli'."
05/13/18 " 07:39:37.766" 48158531 11d4 0448 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 426 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages, from 'kerberos^msv1_0^schannel^wdigest^tspkg^pku2u^^' to 'kerberos^msv1_0^schannel^wdigest^tspkg^pku2u'."
05/13/18 " 07:39:37.766" 48158531 11d4 0448 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 426 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages, from 'msv1_0^^' to 'msv1_0'."
05/13/18 " 07:39:37.783" 48158546 11d4 1738 ERROR CleanController CCleanController::FireQuarantineItemAdded "CleanController.cpp" 1638 "Firing quarantine item added failed, 0x800706ba"
05/13/18 " 07:39:37.784" 48158546 11d4 1738 ERROR CleanController CCleanController::FireItemRemediated "CleanController.cpp" 2042 "Firing quarantine item added failed, 0x800706ba"
05/13/18 " 07:39:37.785" 48158546 11d4 1738 ERROR CleanController CCleanController::FireItemRemediated "CleanController.cpp" 2042 "Firing quarantine item added failed, 0x800706ba"
05/13/18 " 07:39:37.786" 48158546 11d4 1738 ERROR CleanController CCleanController::FireItemRemediated "CleanController.cpp" 2042 "Firing quarantine item added failed, 0x800706ba"
05/13/18 " 07:39:37.786" 48158546 11d4 1738 ERROR CleanController CCleanController::FireQuarantineItemAdded "CleanController.cpp" 1638 "Firing quarantine item added failed, 0x800706ba"
05/13/18 " 07:39:37.787" 48158546 11d4 1738 ERROR CleanController CCleanController::FireItemRemediated "CleanController.cpp" 2042 "Firing quarantine item added failed, 0x800706ba"
05/13/18 " 07:39:37.991" 48158750 11d4 0448 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 255 "Scheduling delete registry key: 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK'"
05/13/18 " 07:39:38.050" 48158812 11d4 0448 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 223 "Scheduling delete file: 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE'"
05/13/18 " 07:39:38.051" 48158812 11d4 0448 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 255 "Scheduling delete registry key: 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE'"
05/13/18 " 07:39:38.056" 48158812 11d4 0448 INFO CleanControllerImpl Cleaner::ExecutePostCleanupActions "Cleaner.cpp" 570 "Executing post-cleanup actions"
05/13/18 " 07:39:38.058" 48158812 11d4 0448 INFO Actions ActionsManager::ProcessThreatActionsV2 "ActionsManager.cpp" 845 "Executing post cleanup actions"
05/13/18 " 07:39:38.061" 48158812 11d4 0448 INFO CleanControllerImpl Cleaner::Clean "Cleaner.cpp" 261 "Completed clean from client MbamUI, detection results C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\e030a797-5661-11e8-ad41-2c56dc97df15.json, status DORRequired"
05/13/18 " 07:39:38.064" 48158828 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::SetAutoStartOverrideDueToDOR "CleanControllerImpl.cpp" 2709 "Service auto-start override was set"
05/13/18 " 07:41:11.197" 48251953 11d4 6478 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/13/18 " 07:42:56.791" 48357546 11d4 1738 ERROR CleanController CCleanController::FireCleanStateChanged "CleanController.cpp" 1593 "Firing clean state changed failed, 0x800706ba"
05/13/18 " 07:43:04.044" 48364796 11d4 6608 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:43:05.388" 48366140 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 452 "Stopping Service Controller"
05/13/18 " 07:43:05.435" 48366187 11d4 58c8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_190c30b26847c2b5a045142099028858>::operator () "ServiceControllerImplementation.cpp" 493 "Stopping Self Protection Controller"
05/13/18 " 07:43:05.435" 48366187 11d4 58c8 INFO SPControllerModuleLoader SPControllerModuleLoader::UnloadImplementation "SPControllerModuleLoader.cpp" 100 "Unloaded the Self-Protection Controller implementation module."
05/13/18 " 07:43:05.435" 48366187 11d4 58c8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_190c30b26847c2b5a045142099028858>::operator () "ServiceControllerImplementation.cpp" 502 "Successfully stopped Self Protection Controller"
05/13/18 " 07:43:05.435" 48366187 11d4 5de8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_b2422856f0c022b6288473137984fd73>::operator () "ServiceControllerImplementation.cpp" 510 "Stopping Anti-Exploit Controller"
05/13/18 " 07:43:05.435" 48366187 11d4 50ec INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_c10f67412ffbdf52fb2d97117ce6bb58>::operator () "ServiceControllerImplementation.cpp" 531 "Stopping ARW Controller"
05/13/18 " 07:43:05.435" 48366187 11d4 433c INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_3ab253b62c87d7dfeb39a2084d1a556f>::operator () "ServiceControllerImplementation.cpp" 549 "Stopping MWAC Controller"
05/13/18 " 07:43:05.435" 48366187 11d4 1a54 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f61b3d206481c2d666de473471a73387>::operator () "ServiceControllerImplementation.cpp" 568 "Stopping RTP Controller"
05/13/18 " 07:43:05.451" 48366203 11d4 1a54 INFO RtpSDK RtpUserImpl::Stop "RtpUserImpl.cpp" 299 "Rtp driver stopped."
05/13/18 " 07:43:05.451" 48366203 11d4 1a54 INFO RtpShim RtpShimImpl::Stop "RtpShimImpl.cpp" 245 "Rtp successfully stopped."
05/13/18 " 07:43:05.466" 48366218 11d4 50ec INFO ArwSDK "" 0 "ArwSdk: Logging stopped."
05/13/18 " 07:43:05.466" 48366218 11d4 50ec INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwShimModuleLoader::UnloadModule "ArwShimModuleLoader.cpp" 75 "Unloaded the Anti-Ransomware Sdk implementation module."
05/13/18 " 07:43:05.482" 48366234 11d4 50ec INFO ArwControllerCOM CArwControllerModuleLoader::UnloadImplementation "ArwControllerModuleLoader.cpp" 90 "Unloaded the Anti-Ransomware Controller implementation module."
05/13/18 " 07:43:05.482" 48366234 11d4 50ec INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_c10f67412ffbdf52fb2d97117ce6bb58>::operator () "ServiceControllerImplementation.cpp" 540 "Successfully stopped ARW Controller"
05/13/18 " 07:43:05.497" 48366250 11d4 433c INFO MwacControllerCOM CMwacControllerModuleLoader::UnloadImplementation "MWACControllerModuleLoader.cpp" 90 "Unloaded the Web Access Controller implementation module."
05/13/18 " 07:43:05.497" 48366250 11d4 433c INFO MWACControllerCOM CMWACController::Stop_impl "MWACController.cpp" 677 "The MWAC Controller impl is unloaded."
05/13/18 " 07:43:05.497" 48366250 11d4 433c INFO MWACControllerCOM CMWACController::StopV2 "MWACController.cpp" 384 "MWAC Controller shutdown complete"
05/13/18 " 07:43:05.497" 48366250 11d4 433c INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_3ab253b62c87d7dfeb39a2084d1a556f>::operator () "ServiceControllerImplementation.cpp" 560 "Successfully stopped MWAC Controller"
05/13/18 " 07:43:05.497" 48366250 11d4 6608 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:43:05.638" 48366390 11d4 1a54 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/13/18 " 07:43:05.904" 48366656 11d4 1a54 INFO RTPControllerCOM CRTPControllerModuleLoader::UnloadImplementation "RTPControllerModuleLoader.cpp" 114 "Unloaded the RTP Controller implementation module."
05/13/18 " 07:43:05.904" 48366656 11d4 1a54 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f61b3d206481c2d666de473471a73387>::operator () "ServiceControllerImplementation.cpp" 577 "Successfully stopped RTP Controller"
05/13/18 " 07:43:06.279" 48367031 11d4 5de8 INFO AeShimImpl AeShimImpl::MbaeStop "AeShimImpl.cpp" 373 "MBAE stopped."
05/13/18 " 07:43:06.279" 48367031 11d4 5de8 INFO AEControllerModuleLoader CAeControllerModuleLoader::UnloadImplementation "AEControllerModuleLoader.cpp" 120 "Unloaded the Anti-Exploit Controller implementation module."
05/13/18 " 07:43:06.279" 48367031 11d4 5de8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_b2422856f0c022b6288473137984fd73>::operator () "ServiceControllerImplementation.cpp" 519 "Successfully stopped Anti-Exploit Controller"
05/13/18 " 07:43:06.279" 48367031 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 619 "Stopping Scan Controller"
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 WARNING SwissarmyShim SwissarmyShimImpl::ValidateHandle "SwissarmyShimImpl.cpp" 1817 "DDA not installed."
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 WARNING SwissarmyShim SwissarmyShimImpl::IsInstalled "SwissarmyShimImpl.cpp" 155 "Invalid SwissarmyHandle (2ecd5490)"
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 INFO ScanControllerCOM CScanControllerModuleLoader::UnloadImplementation "ScanControllerModuleLoader.cpp" 205 "Unloaded the Scan Controller implementation module."
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 628 "Successfully stopped Scan Controller"
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 635 "Stopping Clean Controller"
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 INFO CleanController CCleanController::StopV2 "CleanController.cpp" 384 "Shutting down CleanController"
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 INFO CleanControllerImpl CleanControllerImpl::StopV2 "CleanControllerImpl.cpp" 165 "Stopping Clean Controller Impl"
05/13/18 " 07:43:06.294" 48367046 11d4 0448 WARNING SwissarmyShim SwissarmyShimImpl::ValidateHandle "SwissarmyShimImpl.cpp" 1817 "DDA not installed."
05/13/18 " 07:43:06.294" 48367046 11d4 0448 WARNING SwissarmyShim SwissarmyShimImpl::IsInstalled "SwissarmyShimImpl.cpp" 155 "Invalid SwissarmyHandle (2fe8ca90)"
05/13/18 " 07:43:06.294" 48367046 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop::<lambda_4375c5e3f6111d1e5b82059269c270c0>::operator () "CleanControllerImpl.cpp" 811 "Exiting CleanControllerImpl::ThreadLoop()"
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 INFO CleanController CCleanController::StopV2 "CleanController.cpp" 419 "CleanController shutdown complete"
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 645 "Successfully stopped Clean Controller"
05/13/18 " 07:43:06.294" 48367046 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 664 "Stopping Telemetry Controller"
05/13/18 " 07:43:06.310" 48367062 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 673 "Successfully stopped Telemetry Controller"
05/13/18 " 07:43:06.310" 48367062 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 680 "Stopping Cloud Controller"
05/13/18 " 07:43:06.326" 48367078 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 689 "Successfully stopped Cloud Controller"
05/13/18 " 07:43:06.326" 48367078 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 696 "Stopping Update Controller"
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO UpdateControllerCOM CUpdateControllerModuleLoader::UnloadImplementation "UpdateControllerModuleLoader.cpp" 139 "Unloaded the Update Controller implementation module."
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 705 "Successfully stopped Update Controller"
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 719 "Stopping License Controller"
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO LicenseControllerCOM CLicenseControllerModuleLoader::UnloadImplementation "LicenseControllerModuleLoader.cpp" 145 "Unloaded the License Controller implementation module."
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 728 "Successfully stopped License Controller"
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 735 "Stopping Policies Controller"
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO PoliciesControllerCOM CPoliciesControllerModuleLoader::UnloadImplementation "PoliciesControllerModuleLoader.cpp" 114 "Unloaded the Policies Controller implementation module."
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO PoliciesControllerCOM CPoliciesController::Stop "PoliciesController.cpp" 133 "Policies Controller shutdown complete"
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 744 "Successfully stopped Policies Controller"
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 757 "Service Controller stopped successfully in 0.955 seconds."
05/13/18 " 07:43:06.341" 48367093 11d4 11d8 INFO LogController CLogController::Stop "LogController.cpp" 192 "Stopping logging"
05/13/18 " 07:44:13.508" 45265 12d8 1588 INFO LogController CLogController::Start "LogController.cpp" 93 "Started logging"
05/13/18 " 07:44:13.508" 45265 12d8 1588 INFO LogController CLogController::Start "LogController.cpp" 95 "Local time zone: 'Mitteleuropäische Sommerzeit' (UTC+02:00)"
05/13/18 " 07:44:13.664" 45421 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 371 "Service Controller starting controller initialization"
05/13/18 " 07:44:13.664" 45421 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 372 "Product code MBAM-C"
05/13/18 " 07:44:13.679" 45437 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 373 "Product version 3.5.1.2522"
05/13/18 " 07:44:13.679" 45437 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 374 "Product build consumer"
05/13/18 " 07:44:13.757" 45515 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 375 "OS Version Windows 10 (Build 16299.431)"
05/13/18 " 07:44:14.492" 46250 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "ServiceControllerImplementation.cpp" 2023 "Policies Controller Started"
05/13/18 " 07:44:14.601" 46359 12d8 1588 INFO LicenseControllerCOM CLicenseController::Start "LicenseController.cpp" 98 "CLicenseController::Start"
05/13/18 " 07:44:14.758" 46515 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "ServiceControllerImplementation.cpp" 2053 "License Controller Started"
05/13/18 " 07:44:15.226" 46984 12d8 1588 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "UpdateControllerImplHelper.cpp" 324 "COMPONENT PACKAGE VERSION: 1.0.365, DB PACKAGE VERSION: 1.0.5088"
05/13/18 " 07:44:15.492" 47250 12d8 1588 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 07:44:22.867" 54625 12d8 1588 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 07:44:22.867" 54625 12d8 1588 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 07:44:22.898" 54656 12d8 1588 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetMinSupportedCULevel "UpdateControllerImplHelper.cpp" 5122 "Minimum supported Component (CU) package version is: 1.0.354"
05/13/18 " 07:44:22.898" 54656 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "ServiceControllerImplementation.cpp" 2110 "Update Controller Started"
05/13/18 " 07:44:22.898" 54656 12d8 1588 INFO CloudController CCloudController::Start "CloudController.cpp" 101 "CCloudController::Initialize"
05/13/18 " 07:44:23.023" 54781 12d8 1588 INFO CloudCtrlImpl Initialize "CloudControllerImpl.cpp" 58 "CC Initialize called"
05/13/18 " 07:44:23.211" 54968 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "ServiceControllerImplementation.cpp" 2141 "Cloud Controller Started"
05/13/18 " 07:44:23.289" 55046 12d8 1588 INFO TelemController CTelemetryController::Start_impl "TelemetryController.cpp" 157 "::Initialize"
05/13/18 " 07:44:23.476" 55234 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartTelemetryController "ServiceControllerImplementation.cpp" 2202 "Telemetry Controller Started"
05/13/18 " 07:44:23.508" 55265 12d8 1588 INFO CleanController CCleanController::StartV2 "CleanController.cpp" 155 "Initializing CleanController"
05/13/18 " 07:44:23.664" 55421 12d8 1588 INFO CleanControllerImpl CleanControllerImpl::Start "CleanControllerImpl.cpp" 90 "Starting Clean Controller Impl"
05/13/18 " 07:44:23.664" 55421 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 825 "Initializing system paths and resolving DOR status"
05/13/18 " 07:44:23.711" 55468 12d8 1588 INFO CleanController CCleanController::StartV2::<lambda_0c7e478e3a96988dedb44b6982b548fa>::operator () "CleanController.cpp" 156 "CleanController initialization complete"
05/13/18 " 07:44:23.711" 55468 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartCleanController "ServiceControllerImplementation.cpp" 2264 "Clean Controller Started"
05/13/18 " 07:44:24.351" 56109 12d8 1588 INFO SwissarmyDDA DDAInstall "dda.cpp" 261 "Successfully installed swissarmy driver."
05/13/18 " 07:44:24.351" 56109 12d8 1588 INFO SwissarmyShim SwissarmyShimImpl::InstallEx "SwissarmyShimImpl.cpp" 1715 "Swissarmy was successfully installed. DdaContext (000001AED1FA2480), Mode (1), DriverName (MBAMSwissArmy), DeviceFileName (\\.\MBAMSwissArmy), LogFile (), BootStart (false)."
05/13/18 " 07:44:24.757" 56515 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartScanController "ServiceControllerImplementation.cpp" 2294 "Scan Controller Started"
05/13/18 " 07:44:25.008" 56765 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartRtpController "ServiceControllerImplementation.cpp" 2324 "RTP Controller Started"
05/13/18 " 07:44:25.039" 56796 12d8 1588 INFO MWACControllerCOM CMWACController::InitializeV2 "MWACController.cpp" 315 "Initializing MWAC Controller"
05/13/18 " 07:44:25.039" 56796 12d8 1588 INFO MWACControllerCOM CMWACController::InitializeV2::<lambda_643a76174211e62591089d2d15f087a3>::operator () "MWACController.cpp" 316 "MWAC Controller initialization complete"
05/13/18 " 07:44:25.320" 57078 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartMWACController "ServiceControllerImplementation.cpp" 2355 "MWAC Controller Started"
05/13/18 " 07:44:25.617" 57375 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartArwController "ServiceControllerImplementation.cpp" 2388 "ARW Controller Started"
05/13/18 " 07:44:25.633" 57390 12d8 183c INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/13/18 " 07:44:26.054" 57812 12d8 1854 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::LoadAeSdk "AEControllerImplHelper.cpp" 292 "Load and initialize the MbaeSdk"
05/13/18 " 07:44:26.054" 57812 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartAEController "ServiceControllerImplementation.cpp" 2418 "Anti-Exploit Controller Started"
05/13/18 " 07:44:26.273" 58031 12d8 1848 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwRulesHandler::LoadConfig "RulesHandler.cpp" 39 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwRulesConfig.json. Using default values."
05/13/18 " 07:44:26.273" 58031 12d8 1858 INFO ArwSDK "" 0 "{Thread: 0x00001848, Tick: 0x0000E2AF} [ArwLib::Globals::Impl_SetRules] Rules received."
05/13/18 " 07:44:26.273" 58031 12d8 1858 INFO ArwSDK "" 0 "{Thread: 0x00001848, Tick: 0x0000E2AF} [ArwLib::Globals::Impl_SetRules] Rules applied correctly."
05/13/18 " 07:44:26.507" 58265 12d8 1854 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 205 "mbae-api-na.dll was successfully loaded. aePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbae-api-na.dll>."
05/13/18 " 07:44:26.617" 58375 12d8 1588 INFO SPControllerImpl mb::spcontrollerimpl::SPShimModuleLoader::SPShimSetVerificationMode "SPShimModuleLoader.cpp" 445 "verification mode = 0 ."
05/13/18 " 07:44:26.617" 58375 12d8 1588 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 153 "Verify Driver."
05/13/18 " 07:44:26.617" 58375 12d8 1588 INFO SPSDK VerifyDriver "SelfProtectionUser.cpp" 236 "Verifying SelfProtection driver."
05/13/18 " 07:44:26.617" 58375 12d8 1588 INFO SPSDK VerifyDriver "SelfProtectionUser.cpp" 239 "SelfProtection driver was successfully Verified."
05/13/18 " 07:44:26.617" 58375 12d8 1588 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 160 "Start SP protection."
05/13/18 " 07:44:26.617" 58375 12d8 1588 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::StartProtection "SPControllerImplHelper.cpp" 1100 "Enter StartProtection for SP controller."
05/13/18 " 07:44:26.726" 58484 12d8 1588 INFO SPSDK AnalyzeDriverState "SelfProtectionUser.cpp" 537 "AnalyzeDriverState returns 0x9"
05/13/18 " 07:44:26.726" 58484 12d8 1588 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::StartProtection "SPControllerImplHelper.cpp" 1199 "Current driver state is (9)."
05/13/18 " 07:44:26.820" 58578 12d8 1854 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 220 "Successfully Initialized MBAE"
05/13/18 " 07:44:26.820" 58578 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeSetConfig "AeShimImpl.cpp" 249 "Successfully configured MBAE."
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeSetExclusions "AeShimImpl.cpp" 337 "Successfully set exclusion list"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winrar.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzip.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7z.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zFM.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zG.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (S7Z.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zextractor.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip32.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip64.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wzdisktools.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzipss.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cmd.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mshta.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winhlp32.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wscript.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (quicktimeplayer.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winamp.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (vlc.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mplayer2.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wmplayer.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (powerpnt.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excel.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excelc.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winword.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winwordc.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mspub.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (eqnedt32.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (soffice.bin)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxitreader.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxit reader.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Foxit PhantomPDF.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FoxitPhantomPDF.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrord32.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrobat.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (java.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaw.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaws.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (dragon.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (waterfox.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tor.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tbb-firefox.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (palemoon.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cyberfox.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (icedragon.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (seamonkey.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (maxthon.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mxapploader.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_plugin_wrapper.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_wrapper_32.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (iexplore.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdge.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdgeCP.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (chrome.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (old_chrome.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (firefox.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (plugin-container.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FlashPlayerPlugin*.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (helpctr.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (fltldr.exe)"
05/13/18 " 07:44:26.976" 58734 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mbae-test.exe)"
05/13/18 " 07:44:27.382" 59140 12d8 183c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
05/13/18 " 07:44:27.414" 59171 12d8 1854 INFO AeShimImpl AeShimImpl::MbaeStart "AeShimImpl.cpp" 358 "MBAE started."
05/13/18 " 07:44:27.414" 59171 12d8 1854 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::StartProtectionImpl "AEControllerImplHelper.cpp" 591 "Protection Started"
05/13/18 " 07:44:27.851" 59609 12d8 1848 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartArwProtection "ArwControllerImplHelper.cpp" 746 "Anti-Ransomware protection has been started."
05/13/18 " 07:44:29.586" 61343 12d8 182c INFO RtpShim RtpShimImpl::Install "RtpShimImpl.cpp" 139 "rtp.dll was successfully loaded. rtpPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\rtp.dll>."
05/13/18 " 07:44:29.601" 61359 12d8 182c WARNING RtpSDK RtpUserImpl::Install "RtpUserImpl.cpp" 53 "MBAMProtector already installed! Remove this instance."
05/13/18 " 07:44:29.851" 61609 12d8 1588 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 171 "Successfully initialized the SPControllerImpl, spFolderPath=[C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE]."
05/13/18 " 07:44:29.851" 61609 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 2171 "Self-Protection Controller Started"
05/13/18 " 07:44:29.851" 61609 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 2173 "Start Service Controller complete"
05/13/18 " 07:44:30.023" 61781 12d8 182c INFO RtpSDK RtpUserImpl::Start "RtpUserImpl.cpp" 256 "Rtp driver started."
05/13/18 " 07:44:30.023" 61781 12d8 182c INFO RtpShim RtpShimImpl::Start "RtpShimImpl.cpp" 233 "Rtp successfully started."
05/13/18 " 07:44:32.437" 64187 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 846 "Processing pending actions"
05/13/18 " 07:44:32.780" 64531 12d8 178c INFO Actions ActionsManager::ProcessPendingActionsAfterReboot "ActionsManager.cpp" 972 "Executing pending post cleanup actions"
05/13/18 " 07:44:32.780" 64531 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 932 "DOR has completed for 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\e030a797-5661-11e8-ad41-2c56dc97df15.json'"
05/13/18 " 07:44:32.780" 64531 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 951 "Initializing CLS Engine"
05/13/18 " 07:44:32.796" 64546 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 986 "Initializing swiss army SDK"
05/13/18 " 07:44:32.859" 64609 12d8 178c INFO SwissarmyShim SwissarmyShimImpl::InstallEx "SwissarmyShimImpl.cpp" 1715 "Swissarmy was successfully installed. DdaContext (000001AED902F0E0), Mode (1), DriverName (MBAMSwissArmy), DeviceFileName (\\.\MBAMSwissArmy), LogFile (), BootStart (false)."
05/13/18 " 07:44:32.859" 64609 12d8 178c INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/13/18 " 07:44:32.859" 64609 12d8 178c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/13/18 " 07:44:32.859" 64609 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1033 "Loading Hubble cache"
05/13/18 " 07:44:34.280" 66031 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1060 "Starting white list manager"
05/13/18 " 07:44:34.280" 66031 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1079 "Starting restore engine"
05/13/18 " 07:44:34.280" 66031 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1103 "Initializing Browser SDK"
05/13/18 " 07:44:34.312" 66062 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1135 "Entering into main loop"
05/13/18 " 07:44:38.890" 70640 12d8 1448 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:40.218" 71968 12d8 1b5c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:40.234" 71984 12d8 1448 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:40.234" 71984 12d8 0628 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:40.234" 71984 12d8 0630 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:40.249" 72000 12d8 06e0 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:40.734" 72484 12d8 1b5c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:41.390" 73140 12d8 1448 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:45.452" 77203 12d8 166c INFO IrisImpl mb::updatecontrollerimpl::IrisScheduler::run "IrisImpl.cpp" 654 "Calling check for updates from Iris"
05/13/18 " 07:44:45.452" 77203 12d8 166c INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "IrisImpl.cpp" 85 "Entering IrisCheck. Checking with Iris for messages."
05/13/18 " 07:44:45.468" 77218 12d8 1b5c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:45.577" 77328 12d8 1448 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:45.937" 77687 12d8 1b5c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:46.140" 77890 12d8 1448 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:46.327" 78078 12d8 1b5c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:46.452" 78203 12d8 0630 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:46.812" 78562 12d8 1448 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:44:47.327" 79078 12d8 166c INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::ProcessMessages "IrisImpl.cpp" 255 "JSON response has a messages collection. Processing messages."
05/13/18 " 07:46:39.436" 191187 12d8 0630 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 07:49:34.058" 365812 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/13/18 " 07:49:34.074" 365828 12d8 1908 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x1"
05/13/18 " 07:49:35.152" 366906 12d8 1908 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe' in session 0x1"
05/13/18 " 07:49:38.965" 370718 12d8 15a8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/13/18 " 07:49:38.965" 370718 12d8 15a8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/13/18 " 07:49:39.371" 371125 12d8 15a8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/13/18 " 07:49:39.371" 371125 12d8 15a8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/13/18 " 07:50:04.041" 395796 12d8 1820 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 07:50:04.041" 395796 12d8 1820 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 07:50:04.041" 395796 12d8 1820 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 07:50:06.732" 398484 12d8 182c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|24AAB8C944A6420E901E3D08AB37FE4081279B982D315515F5F21AC479FCAC0A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 07:50:06.732" 398484 12d8 182c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 07:50:06.732" 398484 12d8 182c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 07:50:16.405" 408156 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3AC3D29B89616421F2F92743A9FA32CC14C7D309D0898AC3A73E8668B04B8199' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 07:50:16.405" 408156 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 07:50:16.405" 408156 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 07:52:32.812" 544562 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 07:52:34.687" 546437 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 07:52:35.062" 546812 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 07:52:35.937" 547687 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 07:52:37.265" 549015 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 07:54:18.261" 650015 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 07:54:19.167" 650921 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 07:59:15.451" 947203 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 07:59:16.796" 948546 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 07:59:16.796" 948546 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 07:59:16.796" 948546 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 07:59:16.796" 948546 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 07:59:16.796" 948546 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 07:59:16.796" 948546 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 07:59:16.796" 948546 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 07:59:17.327" 949078 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 07:59:17.327" 949078 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 08:09:18.082" 1549843 12d8 1f24 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::StartScan "Scanner.cpp" 613 "Starting a Threat scan, clientID = MbamUI, clientType = MBClientFullUI."
05/13/18 " 08:09:18.088" 1549843 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 08:09:19.473" 1551234 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 08:09:19.473" 1551234 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 08:09:19.473" 1551234 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (manual)"
05/13/18 " 08:09:19.473" 1551234 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[No], SDK/Ctlr=[No], DB/CLS=[Yes]"
05/13/18 " 08:09:19.475" 1551234 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 08:09:19.990" 1551750 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 08:09:19.990" 1551750 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 08:09:21.379" 1553140 12d8 2864 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 68597 records."
05/13/18 " 08:09:39.379" 1571140 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|95B2916EE68375E982E2647FDF9EA85AC7EC478C0109309567982DF1DBB572B6' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:09:39.379" 1571140 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:09:39.379" 1571140 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:10:01.665" 1593421 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 08:10:18.406" 1610171 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:10:18.406" 1610171 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:10:18.406" 1610171 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:10:21.939" 1613703 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:10:21.939" 1613703 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:10:21.939" 1613703 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:10:23.601" 1615359 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:10:23.601" 1615359 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:10:23.601" 1615359 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:10:29.997" 1621750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:10:29.997" 1621750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\AMDUSB3DEVICEDETECTOR\NUSB3MON.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:10:29.997" 1621750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\AMDUSB3DEVICEDETECTOR\NUSB3MON.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:10:30.589" 1622343 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|24AAB8C944A6420E901E3D08AB37FE4081279B982D315515F5F21AC479FCAC0A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:10:30.589" 1622343 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\SCIROCCO\SCIROCCO TAKE A BREAK\TAKEABREAK.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:10:30.589" 1622343 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\SCIROCCO\SCIROCCO TAKE A BREAK\TAKEABREAK.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:10:31.006" 1622765 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3AC3D29B89616421F2F92743A9FA32CC14C7D309D0898AC3A73E8668B04B8199' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:10:31.006" 1622765 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\BROTHER\BROTHER HELP\BROTHERHELP.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:10:31.006" 1622765 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\BROTHER\BROTHER HELP\BROTHERHELP.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:10:31.918" 1623671 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:10:31.918" 1623671 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\COMMON FILES\SONY SHARED\FSK\SONYSCSIHELPERSERVICE.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:10:31.918" 1623671 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\COMMON FILES\SONY SHARED\FSK\SONYSCSIHELPERSERVICE.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:10:32.370" 1624125 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|271F3DEB0CC6828BD894DC9462D30C4D440A96E1D82927C92CCD8A99D48FA14D' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:10:32.370" 1624125 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\BROWNY02\BRYNSVC.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:10:32.370" 1624125 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\BROWNY02\BRYNSVC.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:10:36.995" 1628750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A69D37C34713A16210D3A325418DF1ACAAA0CD252BCEB41ABDE91775FE193FC9' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:10:36.995" 1628750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\WORDEXPANDER\WORDEXPANDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:10:36.995" 1628750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\WORDEXPANDER\WORDEXPANDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:13.758" 1725515 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3D77947C6FBDF1A23B8059829CF15B2687420D299BAA0BC47DFDAC26F5B00905' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:13.758" 1725515 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\94035798-5674-11e8-ab1c-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:13.758" 1725515 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\94035798-5674-11e8-ab1c-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:13.759" 1725515 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "WhiteListManager.cpp" 201 "Started batch white listing"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|8B0DB0DDFAFF4686A9FD22B15934AC51DB6465982656E93A79BC78B4E5C818ED' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9409c056-5674-11e8-a5f1-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7C2959935B02B92B9D1E721CDD4265E846EE46994DDD951EF171781160CA4670' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\940d1bb6-5674-11e8-ae19-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|DC88CB30BC97CDCEA675F57B2154280529E84BE0AE43AA220FD6490E8A1F3EE8' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\DESKTOP\WINDOWS LIZENZSCHLüSSEL.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9409c056-5674-11e8-a5f1-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\940d1bb6-5674-11e8-ae19-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\DESKTOP\WINDOWS LIZENZSCHLüSSEL.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:14.842" 1726593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_3bcb9cc954dffdcfeac0e133a8c0d2b7>::operator () "WhiteListManager.cpp" 208 "Completed batch white listing"
05/13/18 " 08:12:22.345" 1734109 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|85CBE3F2BD61316543023DFD03984B79BFE7E9E43DB9A7886FCF040A48C84C8C' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:22.345" 1734109 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\ANKI\ANKI.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:22.345" 1734109 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ANKI\ANKI.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:24.715" 1736468 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7496F86C82C6AAA97A0EF8925FC5F197ECCD8E944CE88D8D2A3E35141C64F58E' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:24.715" 1736468 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCUXSYS.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:24.715" 1736468 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCUXSYS.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:25.050" 1736812 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|2CF4F78EC4BE99258BC91F5D94A9AF261F0DBDFD55D0100DCA2CA88813AAD4B4' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:25.050" 1736812 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCBOOT.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:25.050" 1736812 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCBOOT.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:25.440" 1737203 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|06FE230D5474FF988D9AF5292F562707A725E0843941A2AFBB30223BED2755A0' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:25.440" 1737203 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRTWNACCS.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:25.440" 1737203 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRTWNACCS.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:29.012" 1740765 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|1C436467BB14AD031B46747547B7E747041AE73F38F44767B3ED23CAB1AB796E' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:29.012" 1740765 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\GMAILDEFAULTMAKER\GMAILDEFAULTMAKER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:29.012" 1740765 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\GMAILDEFAULTMAKER\GMAILDEFAULTMAKER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:30.093" 1741843 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|79515ACD2F85B95E12495A55EDC0EFE52454559C63A661FF9A74DA0AFD010D75' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:30.093" 1741843 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\JUTOH\JUTOH_LAUNCHER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:30.093" 1741843 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\JUTOH\JUTOH_LAUNCHER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:34.276" 1746031 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7A8ACE1744B8CF940609A35CCE6A3C0A01CF5C7880CD3A8614D71AD9354B8E1A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:34.276" 1746031 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\PC-FAXRECEIVE\PCFAXRX.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:34.276" 1746031 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\PC-FAXRECEIVE\PCFAXRX.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:34.277" 1746031 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "WhiteListManager.cpp" 201 "Started batch white listing"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3D042B08E1F07D16CE48FFB012FBFEB83A3B1C777E32D5DFC2ECDCE6E1113EA9' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRMAPISEND.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|022F11D78E3E6F8651DDEB3E7E4E195A6EA2E28CC57A92B518AB00355AE10D91' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRLOGRX.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3D34D47BCA2A6705A643EF914D6C669F99877050B7466C13F350868694653A06' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRMFRMSS.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRMAPISEND.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRLOGRX.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRMFRMSS.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:34.881" 1746640 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_3bcb9cc954dffdcfeac0e133a8c0d2b7>::operator () "WhiteListManager.cpp" 208 "Completed batch white listing"
05/13/18 " 08:12:44.734" 1756484 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3FA2C24B32E01C88EDD94DABF8A20FDDA99D26E7D1E753BA0A62F62CF92D2A5C' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:44.734" 1756484 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCTRLCNTR.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:44.734" 1756484 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCTRLCNTR.EXE' (shuriken) => Hubble:WhiteListed"
|
|
14.05.2018, 14:18
| #17 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 13. Teil
__________________Code:
ATTFilter 05/13/18 " 08:12:48.397" 1760156 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|E902C3C853E8B7C5C91A8EB6086210DAB56E8571F047632A3D5EAACF7649DB36' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:48.397" 1760156 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER_NODD.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:48.397" 1760156 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER_NODD.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:49.347" 1761109 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|2B3D9CEE0B5C88482E7F802EF110EC50BD848DE79C0E5A64167EEDF932E09167' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:49.347" 1761109 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\JL SEASIDE CALENDAR\JL SEASIDE CALENDAR.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:49.347" 1761109 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\JL SEASIDE CALENDAR\JL SEASIDE CALENDAR.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:51.989" 1763750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|CFDA8654934AA0936A0865AE30DF3F52FC98D5ACA5CE1E549DC6F944606E5ED5' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:51.989" 1763750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\TINYPIC\TINYPIC.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:51.989" 1763750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\TINYPIC\TINYPIC.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:52.455" 1764218 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|C091E5E6769D23C37746C8E636B6644B8FE7D973986E86BB385BE2601EEE2B51' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:52.455" 1764218 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:52.455" 1764218 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:54.228" 1765984 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|1D9FBAF080FF3B9FC552809B08A15A1F039D44F5B4EB9B25EC336E7CD6087B0F' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:54.228" 1765984 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\SCRIVENER\CLIPBOARD.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:54.228" 1765984 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\SCRIVENER\CLIPBOARD.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:56.452" 1768203 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|38A4E59FE4913AAB87C06A358A290A5F9CDB0D17D8077F90E4137E6E3F94C6D7' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:56.452" 1768203 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ad8bc010-5674-11e8-9bbc-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:56.452" 1768203 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ad8bc010-5674-11e8-9bbc-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:56.507" 1768265 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|8E2C3A0087D584DDCEDDA2CFBA7A8DB1ACCBF378A0D9A0BADA7F5891E270CD54' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:56.507" 1768265 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ad958442-5674-11e8-b0d8-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:56.507" 1768265 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ad958442-5674-11e8-b0d8-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:57.251" 1769015 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|1E1DA6511886A623DD2A41250A08B02EBDB374F3CB556C95B58A59A058FEE9B1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:57.251" 1769015 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ade33016-5674-11e8-940f-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:57.251" 1769015 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ade33016-5674-11e8-940f-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:58.355" 1770109 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|85DF17AEC997EA769BD5FA56EA78164F123B6337CFDAB619735C64B58F8791C7' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:58.355" 1770109 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ae97dcaa-5674-11e8-8ed8-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:58.355" 1770109 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ae97dcaa-5674-11e8-8ed8-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:59.632" 1771390 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|F65E80A15F41E8A9EA3384EA68507C6D30FEA5954DBE5026C5156A1C5C1E3CDA' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:59.632" 1771390 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\af50f618-5674-11e8-9a90-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:59.632" 1771390 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\af50f618-5674-11e8-9a90-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:12:59.909" 1771671 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|D7E8B5D18CF3946C0FAB9FBA957A47EF92DD752EE24A52D366A8C18D61E2DCF1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:12:59.909" 1771671 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\af54c6bc-5674-11e8-b37f-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:12:59.909" 1771671 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\af54c6bc-5674-11e8-b37f-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:00.776" 1772531 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7B8795A2FB328442378D56B67D2C85BCE86B0E40B0DCA1B4113F553CBBD906AB' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:00.776" 1772531 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b0135e7e-5674-11e8-8e68-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:00.776" 1772531 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b0135e7e-5674-11e8-8e68-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:01.457" 1773218 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A0ADA2DB30EE5CD575246B4D1271C84F5540B776B3992954070DE6C520518D83' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:01.457" 1773218 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b089c8ac-5674-11e8-8df7-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:01.457" 1773218 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b089c8ac-5674-11e8-8df7-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:01.505" 1773265 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|E8DEA40EB60BBA7D43E59768AFA00D9486300BFD8A2F7BA9576BD1B01B595AD5' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:01.505" 1773265 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b09ded32-5674-11e8-b74d-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:01.505" 1773265 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b09ded32-5674-11e8-b74d-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:03.234" 1774984 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|4338ACA3F0BFC8F164930427162592E5C0B072DF7F5A46457FA4789909B0B6FF' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:03.234" 1774984 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b194d3f4-5674-11e8-8ee0-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:03.234" 1774984 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b194d3f4-5674-11e8-8ee0-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:03.263" 1775015 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|CCA93CF0B2BD40E440DC34160FECBFA0016A3FBC6F603CA7C5442568735A96B1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:03.263" 1775015 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b1b0e7c4-5674-11e8-9ba1-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:03.263" 1775015 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b1b0e7c4-5674-11e8-9ba1-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:05.949" 1777703 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|5D759CF2CDAF9A66763323F342A462A9BE141E74D6A43F6C7C6AD41C18F0674E' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:05.949" 1777703 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b329aa6e-5674-11e8-867f-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:05.949" 1777703 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b329aa6e-5674-11e8-867f-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:06.153" 1777906 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A731D5993B9864D829FF0E0144572CD816E9998797902D1A6307549213508A18' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:06.153" 1777906 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b32d7b12-5674-11e8-9bad-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:06.153" 1777906 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b32d7b12-5674-11e8-9bad-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:07.128" 1778890 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|22CED8BEFD5EC9BD8DF58CA6FECB27EB1EC289BAAA1350459488CC4691CC16F8' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:07.128" 1778890 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b3d94dd4-5674-11e8-a23e-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:07.128" 1778890 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\b3d94dd4-5674-11e8-a23e-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:14.935" 1786687 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|95B2916EE68375E982E2647FDF9EA85AC7EC478C0109309567982DF1DBB572B6' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:14.935" 1786687 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:14.935" 1786687 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:19.615" 1791375 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 08:13:20.717" 1792468 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|11B4AD54831D7062DFBB38A13A37BCED9C46D28F0DD11A9EAFBC31282632826A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:20.717" 1792468 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\bc069174-5674-11e8-9a97-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:20.717" 1792468 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\bc069174-5674-11e8-9a97-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:33.834" 1805593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A0ADA2DB30EE5CD575246B4D1271C84F5540B776B3992954070DE6C520518D83' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:33.834" 1805593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c3ec9f50-5674-11e8-951c-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:33.834" 1805593 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c3ec9f50-5674-11e8-951c-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:34.032" 1805796 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|4E73515C7004AC747CD129A2372621B4348D9C6185EAA299CF51A8AD75B0F49F' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:34.032" 1805796 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c4066930-5674-11e8-931b-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:34.032" 1805796 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c4066930-5674-11e8-931b-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:39.000" 1810750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|8D44F5F10D6AA32F87D3A1B7D13AD35108BEFB20360A96CC502A4FA6703A5EE5' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:39.000" 1810750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c6d2d9d2-5674-11e8-a35e-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:39.000" 1810750 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c6d2d9d2-5674-11e8-a35e-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:39.227" 1810984 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|4CCE814DD613B765456E23123DD64D5EC7090EA3849C171A232783982ECBA43E' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:39.227" 1810984 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c6d6f8aa-5674-11e8-b859-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:39.227" 1810984 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c6d6f8aa-5674-11e8-b859-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:42.389" 1814140 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7D277AB2CAC293A6CD3C8E2E92F0EF720E1257764FCC1CA9BB210EC7E9A2884F' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:42.389" 1814140 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c8f75508-5674-11e8-ae98-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:42.389" 1814140 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\c8f75508-5674-11e8-ae98-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:45.519" 1817281 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|CF8FE678EB7EE4D74089E1975B94CB364C8C43FBDE43BB12612FD69EE3B234F5' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:45.519" 1817281 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\caccc084-5674-11e8-a63d-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:45.519" 1817281 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\caccc084-5674-11e8-a63d-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:13:54.380" 1826140 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:13:54.380" 1826140 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:13:54.380" 1826140 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:14:06.952" 1838703 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 08:14:06.952" 1838703 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 08:14:06.952" 1838703 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:14:35.725" 1867484 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""f65ccb7abc58d30f0ff3a69eaf3a00edc6735e11285440911473569a236db57d"",""md5"":""3fe749610b6953c454e08abdd3dc420d"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/13/18 " 08:14:35.725" 1867484 12d8 2c58 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\OXYNGER\OXYNGER KEYSHIELD\OXYNGER KEYSHIELD.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 08:14:36.390" 1868140 12d8 2864 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::PerformScan "Scanner.cpp" 938 "Scan completed."
05/13/18 " 08:14:36.390" 1868140 12d8 2864 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/13/18 " 08:14:36.543" 1868296 12d8 2864 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/13/18 " 08:14:36.543" 1868296 12d8 2864 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/13/18 " 08:14:36.605" 1868359 12d8 2864 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/13/18 " 08:14:40.387" 1872140 12d8 2864 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/13/18 " 08:59:16.001" 4547765 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 08:59:17.417" 4549171 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 08:59:17.417" 4549171 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 08:59:17.417" 4549171 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 08:59:17.417" 4549171 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 08:59:17.417" 4549171 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 08:59:17.417" 4549171 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 08:59:17.417" 4549171 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 08:59:17.948" 4549703 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 08:59:17.948" 4549703 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 09:59:16.963" 8148718 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 09:59:18.379" 8150140 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 09:59:18.379" 8150140 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 09:59:18.379" 8150140 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 09:59:18.379" 8150140 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 09:59:18.379" 8150140 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 09:59:18.379" 8150140 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 09:59:18.379" 8150140 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 09:59:18.926" 8150687 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 09:59:18.926" 8150687 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 10:59:16.942" 11748703 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 10:59:18.329" 11750093 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 10:59:18.329" 11750093 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 10:59:18.329" 11750093 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 10:59:18.329" 11750093 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 10:59:18.329" 11750093 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 10:59:18.329" 11750093 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 10:59:18.329" 11750093 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 10:59:18.860" 11750625 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 10:59:18.860" 11750625 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 11:45:18.633" 14510390 12d8 3650 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 11:45:18.649" 14510406 12d8 365c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 11:45:18.649" 14510406 12d8 365c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 11:45:18.649" 14510406 12d8 3650 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 11:45:18.666" 14510421 12d8 365c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 11:59:16.875" 15348625 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 11:59:18.290" 15350046 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 11:59:18.290" 15350046 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 11:59:18.290" 15350046 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 11:59:18.290" 15350046 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 11:59:18.290" 15350046 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 11:59:18.290" 15350046 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 11:59:18.290" 15350046 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 11:59:18.822" 15350578 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 11:59:18.822" 15350578 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 12:59:16.828" 18948593 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 12:59:18.183" 18949937 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 12:59:18.183" 18949937 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 12:59:18.183" 18949937 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 12:59:18.183" 18949937 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 12:59:18.183" 18949937 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 12:59:18.183" 18949937 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 12:59:18.183" 18949937 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 12:59:18.736" 18950500 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 12:59:18.736" 18950500 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 13:49:24.898" 21956656 12d8 1600 INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::KeystoneCheck "KeystoneImpl.cpp" 129 "Entering KeystoneCheck. Checking with Keystone for licensing status for our installation_token"
05/13/18 " 13:49:26.884" 21958640 12d8 1600 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::SetReportLicenseState "LicenseConfigHandler.cpp" 1328 "Setting ReportStateChange flag to (true)."
05/13/18 " 13:49:26.884" 21958640 12d8 1600 INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::KeystoneCheck "KeystoneImpl.cpp" 172 "Successfully checked license with Keystone."
05/13/18 " 13:59:16.752" 22548515 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 13:59:18.117" 22549875 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 13:59:18.117" 22549875 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 13:59:18.118" 22549875 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 13:59:18.118" 22549875 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 13:59:18.119" 22549875 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 13:59:18.119" 22549875 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 13:59:18.119" 22549875 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 13:59:18.638" 22550390 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 13:59:18.638" 22550390 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 14:36:13.502" 24765265 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 14:41:26.304" 25078062 12d8 1970 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 14:41:45.156" 25096906 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:45.609" 25097359 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:46.357" 25098109 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:46.995" 25098750 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:47.497" 25099250 12d8 2f18 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:47.719" 25099484 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:48.057" 25099812 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:51.090" 25102843 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:51.253" 25103015 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:53.969" 25105734 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:41:57.036" 25108796 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:42:32.614" 25144375 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:45:01.950" 25293703 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:48:14.468" 25486218 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 14:59:16.642" 26148406 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 14:59:18.025" 26149781 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 14:59:18.025" 26149781 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 14:59:18.025" 26149781 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 14:59:18.025" 26149781 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 14:59:18.027" 26149781 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 14:59:18.027" 26149781 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 14:59:18.027" 26149781 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 14:59:18.554" 26150312 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 14:59:18.554" 26150312 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 15:02:36.183" 26347937 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:02:42.488" 26354250 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:02:56.304" 26368062 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:03:02.391" 26374140 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:03:04.943" 26376703 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:03:09.439" 26381203 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:03:10.239" 26382000 12d8 3ce0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:03:10.476" 26382234 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:03:10.695" 26382453 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:17:46.886" 27258640 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:17:50.452" 27262203 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:19:06.294" 27338046 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:19:12.212" 27343968 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:20:31.496" 27423250 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:20:34.563" 27426328 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:20:49.566" 27441328 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:22:40.911" 27552671 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:22:48.022" 27559781 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:23:05.676" 27577437 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 15:42:54.556" 28766312 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 15:43:09.229" 28780984 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 15:46:07.889" 28959640 12d8 4504 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 15:46:07.897" 28959656 12d8 4448 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 15:46:07.906" 28959656 12d8 4504 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 15:46:07.912" 28959671 12d8 4448 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 15:46:07.918" 28959671 12d8 4504 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 15:57:39.950" 29651703 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/13/18 " 15:59:16.557" 29748312 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 15:59:17.967" 29749718 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 15:59:17.967" 29749718 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 15:59:17.968" 29749718 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 15:59:17.968" 29749718 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 15:59:17.971" 29749734 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 15:59:17.971" 29749734 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 15:59:17.971" 29749734 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5088]"
05/13/18 " 15:59:18.491" 29750250 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5090) of pkg [mbam-c.dbcls.64bit] (FULL) is available"
05/13/18 " 15:59:18.491" 29750250 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5090) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/13/18 " 15:59:18.492" 29750250 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 640 "Available updates found - beginning download"
05/13/18 " 15:59:18.874" 29750625 12d8 37a8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z"
05/13/18 " 15:59:19.020" 29750781 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/13/18 " 15:59:19.064" 29750828 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/13/18 " 15:59:19.309" 29751062 12d8 1670 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/13/18 " 15:59:19.546" 29751296 12d8 1670 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/13/18 " 15:59:19.548" 29751312 12d8 1670 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions"
05/13/18 " 15:59:19.590" 29751343 12d8 1670 INFO BrowserSDKShim BrowserSDKShim::PrepareUpdate "BrowserSDKShim.cpp" 125 "Starting update of browser sdk"
05/13/18 " 15:59:29.399" 29761156 12d8 1670 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions"
05/13/18 " 15:59:29.577" 29761328 12d8 1670 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/13/18 " 15:59:29.663" 29761421 12d8 1670 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/13/18 " 15:59:34.189" 29765953 12d8 1670 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/13/18 " 15:59:34.189" 29765953 12d8 1670 INFO BrowserSDKShim BrowserSDKShim::FinishUpdate "BrowserSDKShim.cpp" 154 "Finishing update of browser sdk"
05/13/18 " 15:59:34.306" 29766062 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/13/18 " 15:59:34.307" 29766062 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5090"
05/13/18 " 15:59:34.309" 29766062 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.13.02"
05/13/18 " 15:59:34.318" 29766078 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 15:59:35.818" 29767578 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 15:59:35.818" 29767578 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 15:59:35.963" 29767718 12d8 1670 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 15:59:35.963" 29767718 12d8 0ec4 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/13/18 " 15:59:35.965" 29767718 12d8 0ec4 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/13/18 " 15:59:36.540" 29768296 12d8 183c INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/13/18 " 15:59:36.829" 29768593 12d8 183c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
05/13/18 " 16:13:05.473" 30577234 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Edge (and add-ons))"
05/13/18 " 16:17:02.877" 30814640 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/13/18 " 16:23:08.008" 31179765 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:12.602" 31184359 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:13.401" 31185156 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:16.911" 31188671 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:21.614" 31193375 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:23.014" 31194765 12d8 3344 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:23.258" 31195015 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:40.155" 31211906 12d8 4c9c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:40.516" 31212281 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:40.970" 31212734 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:41.499" 31213250 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:45.164" 31216921 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:45.767" 31217531 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:48.395" 31220156 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:50.607" 31222359 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:50.935" 31222687 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:51.001" 31222765 12d8 2d98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:54.093" 31225843 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:55.517" 31227281 12d8 4280 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:56.072" 31227828 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:56.391" 31228156 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:58.750" 31230515 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:23:59.656" 31231421 12d8 4a10 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:00.321" 31232078 12d8 4330 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:00.621" 31232375 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:01.130" 31232890 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:02.698" 31234453 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:02.789" 31234546 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:02.967" 31234718 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:05.051" 31236812 12d8 3c20 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:05.395" 31237156 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:05.882" 31237640 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:07.150" 31238906 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:09.196" 31240953 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:09.467" 31241218 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:31.621" 31263375 12d8 4b50 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:33.710" 31265468 12d8 4c98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:34.526" 31266281 12d8 4bcc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:34.802" 31266562 12d8 472c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:34.964" 31266718 12d8 4c98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:35.284" 31267046 12d8 4c98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:35.691" 31267453 12d8 4c98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:39.662" 31271421 12d8 4c98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:24:39.797" 31271562 12d8 4c98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:03.994" 31295750 12d8 4c98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:16.300" 31308062 12d8 3700 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:17.294" 31309046 12d8 4c98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:18.072" 31309828 12d8 4c98 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:18.571" 31310328 12d8 4f94 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:21.186" 31312937 12d8 4f94 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:23.256" 31315015 12d8 4f94 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:25.278" 31317031 12d8 31d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:26.291" 31318046 12d8 31d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:26.716" 31318468 12d8 4c90 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:27.047" 31318812 12d8 48d4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:27.231" 31318984 12d8 31d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:27.562" 31319312 12d8 31d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:30.012" 31321765 12d8 426c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:30.197" 31321953 12d8 31d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:30.742" 31322500 12d8 31d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:31.102" 31322859 12d8 4930 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:31.904" 31323656 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:25:34.265" 31326015 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:26:09.951" 31361703 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:26:17.638" 31369390 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:26:40.783" 31392546 12d8 4a60 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:26:52.546" 31404296 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:26:54.850" 31406609 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:27:27.422" 31439171 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:27:29.350" 31441109 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:28:18.182" 31489937 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:28:22.687" 31494437 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:28:22.871" 31494625 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:30:06.248" 31598000 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:30:07.081" 31598843 12d8 3870 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:30:10.727" 31602484 12d8 4f88 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:29.355" 32041109 12d8 4f88 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:32.360" 32044125 12d8 4f88 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:33.601" 32045359 12d8 4f88 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:36.188" 32047953 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:36.684" 32048437 12d8 44f0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:36.847" 32048609 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:36.935" 32048687 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:37.425" 32049187 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:37.649" 32049406 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:39.682" 32051437 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:41.027" 32052781 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:37:41.289" 32053046 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:05.637" 32077390 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:26.057" 32097812 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:28.614" 32100375 12d8 538c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:28.883" 32100640 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:29.542" 32101296 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:31.215" 32102968 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:31.912" 32103671 12d8 522c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:32.501" 32104265 12d8 51c0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:32.800" 32104562 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:33.376" 32105140 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:33.701" 32105453 12d8 5330 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:34.117" 32105875 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:35.137" 32106890 12d8 4638 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:35.597" 32107359 12d8 4638 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:35.845" 32107609 12d8 4864 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:36.813" 32108578 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:37.371" 32109125 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:37.819" 32109578 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
|
|
14.05.2018, 14:33
| #18 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM vorletzter Teil
__________________Code:
ATTFilter 05/13/18 " 16:38:38.954" 32110718 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:48.029" 32119781 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:51.016" 32122781 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:51.439" 32123203 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:52.683" 32124437 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:53.029" 32124781 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:55.338" 32127093 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:58.062" 32129812 12d8 52dc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:58.480" 32130234 12d8 4b64 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:58.988" 32130750 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:59.110" 32130875 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:38:59.680" 32131437 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:39:27.649" 32159406 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:39:57.953" 32189718 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:40:27.610" 32219375 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:40:57.099" 32248859 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:40:58.520" 32250281 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:04.452" 32256203 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:17.132" 32268890 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:17.378" 32269140 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:19.099" 32270859 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:20.551" 32272312 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:30.636" 32282390 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:34.080" 32285843 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:36.476" 32288234 12d8 3a58 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:36.916" 32288671 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:37.341" 32289093 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:38.737" 32290500 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:41:40.416" 32292171 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:42:50.727" 32362484 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:43:04.124" 32375875 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:43:06.135" 32377890 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:43:30.332" 32402093 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:43:32.643" 32404406 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:43:33.065" 32404828 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:43:34.963" 32406718 12d8 531c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:43:35.486" 32407250 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:45:20.561" 32512312 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:45:28.675" 32520437 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:45:29.572" 32521328 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:45:30.941" 32522703 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:47:37.803" 32649562 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:47:39.229" 32650984 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:47:52.947" 32664703 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:48:09.551" 32681312 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:48:13.878" 32685640 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:48:18.626" 32690390 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:48:21.024" 32692781 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:48:21.498" 32693250 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:48:46.819" 32718578 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:48:48.410" 32720171 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:48:49.967" 32721718 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:01.515" 32733265 12d8 50fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:32.234" 32763984 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:34.694" 32766453 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:34.748" 32766500 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:35.084" 32766843 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:36.496" 32768250 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:36.732" 32768484 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:42.066" 32773828 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:47.528" 32779281 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:49:49.243" 32781000 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:50:10.807" 32802562 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:50:12.161" 32803921 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:50:13.356" 32805109 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:50:16.399" 32808156 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:50:17.036" 32808796 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:50:17.971" 32809734 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:52:09.997" 32921750 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::PowerSuspendNotificationImpl "ServiceControllerImplementation.cpp" 2563 "Notifying controllers of power suspend"
05/13/18 " 16:52:55.528" 32967281 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::PowerResumeNotificationImpl "ServiceControllerImplementation.cpp" 2595 "Notifying controllers of power resume"
05/13/18 " 16:52:57.816" 32969578 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/13/18 " 16:52:57.832" 32969593 12d8 1908 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x2"
05/13/18 " 16:53:01.063" 32972828 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/13/18 " 16:53:06.938" 32978703 12d8 523c INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/13/18 " 16:53:06.938" 32978703 12d8 523c INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/13/18 " 16:53:25.539" 32997296 12d8 5470 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "IrisImpl.cpp" 85 "Entering IrisCheck. Checking with Iris for messages."
05/13/18 " 16:53:26.039" 32997796 12d8 5470 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::ProcessMessages "IrisImpl.cpp" 255 "JSON response has a messages collection. Processing messages."
05/13/18 " 16:53:31.680" 33003437 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 16:53:31.680" 33003437 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 16:53:31.680" 33003437 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 16:53:34.753" 33006515 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|24AAB8C944A6420E901E3D08AB37FE4081279B982D315515F5F21AC479FCAC0A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 16:53:34.753" 33006515 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 16:53:34.753" 33006515 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 16:53:38.628" 33010390 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3AC3D29B89616421F2F92743A9FA32CC14C7D309D0898AC3A73E8668B04B8199' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 16:53:38.628" 33010390 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 16:53:38.628" 33010390 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 16:53:39.081" 33010843 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 16:53:41.549" 33013312 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:53:44.206" 33015968 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:53:45.909" 33017671 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:53:47.904" 33019656 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:53:48.638" 33020390 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:53:49.460" 33021218 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:53:55.469" 33027234 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:53:56.749" 33028500 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:53:57.405" 33029156 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:01.466" 33033218 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:01.981" 33033734 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:02.810" 33034562 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:03.782" 33035546 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 16:54:04.416" 33036171 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:05.138" 33036890 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 16:54:05.591" 33037343 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:05.744" 33037500 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:06.664" 33038421 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:07.002" 33038765 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 16:54:08.674" 33040437 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:09.503" 33041265 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:10.562" 33042312 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 16:54:12.298" 33044062 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:12.931" 33044687 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:14.251" 33046015 12d8 1874 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:15.247" 33047000 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:19.165" 33050921 12d8 45cc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:31.216" 33062968 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:34.047" 33065812 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:42.564" 33074328 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:45.139" 33076890 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:46.089" 33077843 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:47.029" 33078781 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:47.304" 33079062 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:47.941" 33079703 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:50.062" 33081812 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:51.924" 33083687 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:54:53.933" 33085687 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/13/18 " 16:57:55.530" 33267281 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 16:57:59.171" 33270921 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 16:57:59.171" 33270921 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 16:57:59.218" 33270968 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 16:57:59.218" 33270968 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 16:57:59.218" 33270968 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 16:57:59.218" 33270968 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 16:57:59.218" 33270968 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5090]"
05/13/18 " 16:57:59.765" 33271515 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 16:57:59.765" 33271515 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 16:58:58.588" 33330343 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 16:58:59.291" 33331046 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 16:58:59.666" 33331421 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 16:59:00.150" 33331906 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 16:59:02.182" 33333937 12d8 12cc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 17:02:22.329" 33534093 12d8 26c4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 17:02:22.579" 33534343 12d8 434c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 17:02:22.829" 33534593 12d8 26c4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 17:02:23.126" 33534890 12d8 434c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 17:02:23.314" 33535078 12d8 26c4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 17:02:23.314" 33535078 12d8 434c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 17:02:23.314" 33535078 12d8 26c4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 17:09:03.364" 33935125 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 17:11:08.956" 34060718 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 17:11:10.783" 34062546 12d8 5ab8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 17:57:55.792" 36867546 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 17:58:00.323" 36872078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 17:58:00.323" 36872078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 17:58:00.323" 36872078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 17:58:00.323" 36872078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 17:58:00.338" 36872093 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 17:58:00.338" 36872093 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 17:58:00.338" 36872093 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5090]"
05/13/18 " 17:58:00.885" 36872640 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 17:58:00.885" 36872640 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 18:02:22.416" 37134171 12d8 2a64 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:02:22.432" 37134187 12d8 2a64 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:02:22.448" 37134203 12d8 542c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:02:22.463" 37134218 12d8 542c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:02:22.463" 37134218 12d8 2a64 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:02:23.245" 37135000 12d8 542c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:02:23.510" 37135265 12d8 2a64 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:26:37.309" 38589062 12d8 2af0 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:26:37.635" 38589390 12d8 2af0 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:26:38.413" 38590171 12d8 47b8 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:26:38.616" 38590375 12d8 47b8 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:26:38.616" 38590375 12d8 2af0 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:26:38.616" 38590375 12d8 47b8 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 18:57:55.893" 40467656 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 18:57:59.221" 40470984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 18:57:59.221" 40470984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 18:57:59.221" 40470984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 18:57:59.221" 40470984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 18:57:59.221" 40470984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 18:57:59.221" 40470984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 18:57:59.221" 40470984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5090]"
05/13/18 " 18:57:59.752" 40471515 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 18:57:59.752" 40471515 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 19:27:12.206" 42223968 12d8 2f34 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:27:12.753" 42224515 12d8 2f34 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:27:12.815" 42224578 12d8 5b4c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:27:12.815" 42224578 12d8 5b4c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:27:12.815" 42224578 12d8 5b4c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:27:12.831" 42224593 12d8 39f4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:27:13.159" 42224921 12d8 5b4c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:47:01.214" 43412968 12d8 2bbc INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:47:01.230" 43412984 12d8 2a40 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:47:01.230" 43412984 12d8 2bbc INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:47:01.246" 43413000 12d8 2a40 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:47:01.246" 43413000 12d8 2bbc INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/13/18 " 19:57:55.776" 44067531 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 19:58:00.308" 44072062 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 19:58:00.308" 44072062 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 19:58:00.308" 44072062 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 19:58:00.308" 44072062 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 19:58:00.323" 44072078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 19:58:00.323" 44072078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 19:58:00.323" 44072078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5090]"
05/13/18 " 19:58:00.948" 44072703 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 19:58:00.948" 44072703 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 20:57:55.970" 47667734 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 20:57:59.220" 47670984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 20:57:59.220" 47670984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 20:57:59.220" 47670984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 20:57:59.220" 47670984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 20:57:59.220" 47670984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 20:57:59.220" 47670984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 20:57:59.220" 47670984 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5090]"
05/13/18 " 20:57:59.752" 47671515 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 20:57:59.752" 47671515 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 21:30:13.880" 49605640 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:30:17.770" 49609531 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:30:19.599" 49611359 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:30:21.020" 49612781 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:30:25.099" 49616859 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:30:32.692" 49624453 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:31:45.578" 49697328 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:38:53.505" 50125265 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/13/18 " 21:38:53.536" 50125296 12d8 1908 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x3"
05/13/18 " 21:38:57.442" 50129203 12d8 90d8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/13/18 " 21:38:57.442" 50129203 12d8 90d8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/13/18 " 21:39:24.536" 50156296 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A69D37C34713A16210D3A325418DF1ACAAA0CD252BCEB41ABDE91775FE193FC9' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 21:39:24.536" 50156296 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\WordExpander\WordExpander.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 21:39:24.536" 50156296 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\WordExpander\WordExpander.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 21:57:55.753" 51267515 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 21:57:57.128" 51268890 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 21:57:57.128" 51268890 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 21:57:57.128" 51268890 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 21:57:57.128" 51268890 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 21:57:57.128" 51268890 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 21:57:57.128" 51268890 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 21:57:57.128" 51268890 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5090]"
05/13/18 " 21:57:57.675" 51269437 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5092) of pkg [mbam-c.dbcls.64bit] (FULL) is available"
05/13/18 " 21:57:57.675" 51269437 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5092) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/13/18 " 21:57:57.675" 51269437 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 640 "Available updates found - beginning download"
05/13/18 " 21:57:58.097" 51269859 12d8 accc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z"
05/13/18 " 21:57:58.206" 51269968 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/13/18 " 21:57:58.237" 51270000 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
Code:
ATTFilter 05/13/18 " 21:57:58.472" 51270234 12d8 2ab8 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/13/18 " 21:57:58.643" 51270406 12d8 2ab8 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/13/18 " 21:57:58.643" 51270406 12d8 2ab8 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions"
05/13/18 " 21:57:58.675" 51270437 12d8 2ab8 INFO BrowserSDKShim BrowserSDKShim::PrepareUpdate "BrowserSDKShim.cpp" 125 "Starting update of browser sdk"
05/13/18 " 21:58:07.456" 51279218 12d8 2ab8 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions"
05/13/18 " 21:58:07.659" 51279421 12d8 2ab8 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/13/18 " 21:58:07.737" 51279500 12d8 2ab8 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/13/18 " 21:58:08.847" 51280609 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/13/18 " 21:58:08.940" 51280703 12d8 1908 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x5"
05/13/18 " 21:58:12.909" 51284671 12d8 90d8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/13/18 " 21:58:12.909" 51284671 12d8 90d8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/13/18 " 21:58:12.956" 51284718 12d8 2ab8 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/13/18 " 21:58:12.956" 51284718 12d8 2ab8 INFO BrowserSDKShim BrowserSDKShim::FinishUpdate "BrowserSDKShim.cpp" 154 "Finishing update of browser sdk"
05/13/18 " 21:58:13.315" 51285078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/13/18 " 21:58:13.315" 51285078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5092"
05/13/18 " 21:58:13.315" 51285078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.13.03"
05/13/18 " 21:58:13.315" 51285078 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 21:58:14.925" 51286687 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 21:58:14.925" 51286687 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 21:58:15.065" 51286828 12d8 2ab8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 21:58:15.065" 51286828 12d8 0ec4 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/13/18 " 21:58:15.065" 51286828 12d8 0ec4 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/13/18 " 21:58:15.956" 51287718 12d8 183c INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/13/18 " 21:58:16.393" 51288156 12d8 183c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
05/13/18 " 21:58:33.503" 51305265 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 21:58:33.503" 51305265 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 21:58:33.503" 51305265 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 21:58:35.225" 51306984 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|24AAB8C944A6420E901E3D08AB37FE4081279B982D315515F5F21AC479FCAC0A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 21:58:35.225" 51306984 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 21:58:35.225" 51306984 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 21:58:36.131" 51307890 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A69D37C34713A16210D3A325418DF1ACAAA0CD252BCEB41ABDE91775FE193FC9' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 21:58:36.131" 51307890 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\WordExpander\WordExpander.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 21:58:36.131" 51307890 12d8 1824 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\WordExpander\WordExpander.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 21:58:45.283" 51317046 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:58:49.542" 51321296 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:58:50.592" 51322343 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:58:51.530" 51323281 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3AC3D29B89616421F2F92743A9FA32CC14C7D309D0898AC3A73E8668B04B8199' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 21:58:51.530" 51323281 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 21:58:51.530" 51323281 12d8 1828 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 21:58:53.970" 51325734 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 21:58:59.391" 51331140 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 22:48:42.484" 54314234 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/13/18 " 22:48:43.171" 54314921 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::PowerSuspendNotificationImpl "ServiceControllerImplementation.cpp" 2563 "Notifying controllers of power suspend"
05/14/18 " 00:22:26.334" 59938093 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::PowerResumeNotificationImpl "ServiceControllerImplementation.cpp" 2595 "Notifying controllers of power resume"
05/14/18 " 00:22:56.345" 59968109 12d8 5470 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "IrisImpl.cpp" 85 "Entering IrisCheck. Checking with Iris for messages."
05/14/18 " 00:22:56.814" 59968578 12d8 5470 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::ProcessMessages "IrisImpl.cpp" 255 "JSON response has a messages collection. Processing messages."
05/14/18 " 00:23:09.941" 59981703 12d8 1904 INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/14/18 " 00:23:09.957" 59981718 12d8 1908 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x7"
05/14/18 " 00:23:12.801" 59984562 12d8 b69c INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/14/18 " 00:23:12.801" 59984562 12d8 b69c INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/14/18 " 00:23:35.678" 60007437 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:23:37.412" 60009171 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:23:38.115" 60009875 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:23:40.528" 60012281 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:23:42.140" 60013890 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:23:46.534" 60018296 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:24:02.515" 60034265 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/14/18 " 00:24:04.141" 60035906 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/14/18 " 00:24:04.141" 60035906 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/14/18 " 00:24:04.144" 60035906 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (manual)"
05/14/18 " 00:24:04.145" 60035906 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[No], SDK/Ctlr=[No], DB/CLS=[Yes]"
05/14/18 " 00:24:04.146" 60035906 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5092]"
05/14/18 " 00:24:04.738" 60036500 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/14/18 " 00:24:04.738" 60036500 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/14/18 " 00:27:26.744" 60238500 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/14/18 " 00:27:28.115" 60239875 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/14/18 " 00:27:28.115" 60239875 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/14/18 " 00:27:28.115" 60239875 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/14/18 " 00:27:28.115" 60239875 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/14/18 " 00:27:28.115" 60239875 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/14/18 " 00:27:28.115" 60239875 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/14/18 " 00:27:28.115" 60239875 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5092]"
05/14/18 " 00:27:28.647" 60240406 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/14/18 " 00:27:28.647" 60240406 12d8 b14c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/14/18 " 00:27:54.126" 60265890 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:28:42.177" 60313937 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:33:42.210" 60613968 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:34:51.921" 60683671 12d8 182c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""f422eb7dc475e79663b390baa45fe757b7b134b8d53f2dc43fdf4fe5cbfd9f79"",""md5"":""2e0323a94915faab10a25f3babf82584"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/14/18 " 00:34:51.921" 60683671 12d8 182c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\ERUNT.exe' (shuriken) => Hubble:WhiteListed"
05/14/18 " 00:36:28.503" 60780265 12d8 182c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""2bf97f6f0c4cf0dceec70f8d3248038481fee8f05df4ac5096cd54131c9877c8"",""md5"":""1bf10e1c4068db390b50f06a4d806e50"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/14/18 " 00:36:28.503" 60780265 12d8 182c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\mod_frst.exe' (shuriken) => Hubble:WhiteListed"
05/14/18 " 00:46:36.218" 61387968 12d8 a704 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/14/18 " 00:50:22.338" 61614093 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 452 "Stopping Service Controller"
05/14/18 " 00:50:22.338" 61614093 12d8 bf68 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_190c30b26847c2b5a045142099028858>::operator () "ServiceControllerImplementation.cpp" 493 "Stopping Self Protection Controller"
05/14/18 " 00:50:22.822" 61614578 12d8 bf68 INFO SPSDK Uninstall "SelfProtectionUser.cpp" 198 "SelfProtection driver was successfully removed."
05/14/18 " 00:50:22.885" 61614640 12d8 bf68 INFO SPControllerModuleLoader SPControllerModuleLoader::UnloadImplementation "SPControllerModuleLoader.cpp" 100 "Unloaded the Self-Protection Controller implementation module."
05/14/18 " 00:50:22.885" 61614640 12d8 bf68 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_190c30b26847c2b5a045142099028858>::operator () "ServiceControllerImplementation.cpp" 502 "Successfully stopped Self Protection Controller"
05/14/18 " 00:50:22.885" 61614640 12d8 2c58 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_b2422856f0c022b6288473137984fd73>::operator () "ServiceControllerImplementation.cpp" 510 "Stopping Anti-Exploit Controller"
05/14/18 " 00:50:22.885" 61614640 12d8 d030 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_c10f67412ffbdf52fb2d97117ce6bb58>::operator () "ServiceControllerImplementation.cpp" 531 "Stopping ARW Controller"
05/14/18 " 00:50:22.885" 61614640 12d8 c37c INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_3ab253b62c87d7dfeb39a2084d1a556f>::operator () "ServiceControllerImplementation.cpp" 549 "Stopping MWAC Controller"
05/14/18 " 00:50:22.885" 61614640 12d8 b578 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f61b3d206481c2d666de473471a73387>::operator () "ServiceControllerImplementation.cpp" 568 "Stopping RTP Controller"
05/14/18 " 00:50:23.166" 61614921 12d8 b578 INFO RtpSDK RtpUserImpl::Stop "RtpUserImpl.cpp" 299 "Rtp driver stopped."
05/14/18 " 00:50:23.166" 61614921 12d8 b578 INFO RtpShim RtpShimImpl::Stop "RtpShimImpl.cpp" 245 "Rtp successfully stopped."
05/14/18 " 00:50:23.228" 61614984 12d8 c37c INFO MwacControllerCOM CMwacControllerModuleLoader::UnloadImplementation "MWACControllerModuleLoader.cpp" 90 "Unloaded the Web Access Controller implementation module."
05/14/18 " 00:50:23.228" 61614984 12d8 c37c INFO MWACControllerCOM CMWACController::Stop_impl "MWACController.cpp" 677 "The MWAC Controller impl is unloaded."
05/14/18 " 00:50:23.228" 61614984 12d8 c37c INFO MWACControllerCOM CMWACController::StopV2 "MWACController.cpp" 384 "MWAC Controller shutdown complete"
05/14/18 " 00:50:23.228" 61614984 12d8 c37c INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_3ab253b62c87d7dfeb39a2084d1a556f>::operator () "ServiceControllerImplementation.cpp" 560 "Successfully stopped MWAC Controller"
05/14/18 " 00:50:23.760" 61615515 12d8 b578 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/14/18 " 00:50:23.822" 61615578 12d8 b578 INFO RTPControllerCOM CRTPControllerModuleLoader::UnloadImplementation "RTPControllerModuleLoader.cpp" 114 "Unloaded the RTP Controller implementation module."
05/14/18 " 00:50:23.822" 61615578 12d8 b578 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f61b3d206481c2d666de473471a73387>::operator () "ServiceControllerImplementation.cpp" 577 "Successfully stopped RTP Controller"
05/14/18 " 00:50:26.400" 61618156 12d8 2c58 INFO AeShimImpl AeShimImpl::MbaeStop "AeShimImpl.cpp" 373 "MBAE stopped."
05/14/18 " 00:50:26.416" 61618171 12d8 2c58 INFO AeShimImpl AeShimImpl::MbaeShutdown "AeShimImpl.cpp" 430 "MBAE Shutdown"
05/14/18 " 00:50:26.525" 61618281 12d8 2c58 INFO AEControllerModuleLoader CAeControllerModuleLoader::UnloadImplementation "AEControllerModuleLoader.cpp" 120 "Unloaded the Anti-Exploit Controller implementation module."
05/14/18 " 00:50:26.525" 61618281 12d8 2c58 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_b2422856f0c022b6288473137984fd73>::operator () "ServiceControllerImplementation.cpp" 519 "Successfully stopped Anti-Exploit Controller"
05/14/18 " 00:50:28.244" 61620000 12d8 d030 INFO ArwSDK "" 0 "ArwSdk: Logging stopped."
05/14/18 " 00:50:28.463" 61620218 12d8 d030 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwShimModuleLoader::UnloadModule "ArwShimModuleLoader.cpp" 75 "Unloaded the Anti-Ransomware Sdk implementation module."
05/14/18 " 00:50:28.510" 61620265 12d8 d030 INFO ArwControllerCOM CArwControllerModuleLoader::UnloadImplementation "ArwControllerModuleLoader.cpp" 90 "Unloaded the Anti-Ransomware Controller implementation module."
05/14/18 " 00:50:28.510" 61620265 12d8 d030 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_c10f67412ffbdf52fb2d97117ce6bb58>::operator () "ServiceControllerImplementation.cpp" 540 "Successfully stopped ARW Controller"
05/14/18 " 00:50:28.510" 61620265 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 619 "Stopping Scan Controller"
05/14/18 " 00:50:28.556" 61620312 12d8 1588 INFO SwissarmyShim SwissarmyShimImpl::UninstallInternal "SwissarmyShimImpl.cpp" 1783 "Swissarmy uninstalled. DdaContext (000001AED1FA2480)"
05/14/18 " 00:50:28.556" 61620312 12d8 1588 INFO SwissarmyShim SwissarmyShimImpl::Uninstall "SwissarmyShimImpl.cpp" 208 "Successfully uninstalled Swissarmy. SwissarmyHandle (d1fa2480)"
05/14/18 " 00:50:28.588" 61620343 12d8 1588 INFO ScanControllerCOM CScanControllerModuleLoader::UnloadImplementation "ScanControllerModuleLoader.cpp" 205 "Unloaded the Scan Controller implementation module."
05/14/18 " 00:50:28.588" 61620343 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 628 "Successfully stopped Scan Controller"
05/14/18 " 00:50:28.588" 61620343 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 635 "Stopping Clean Controller"
05/14/18 " 00:50:28.588" 61620343 12d8 1588 INFO CleanController CCleanController::StopV2 "CleanController.cpp" 384 "Shutting down CleanController"
05/14/18 " 00:50:28.603" 61620359 12d8 1588 INFO CleanControllerImpl CleanControllerImpl::StopV2 "CleanControllerImpl.cpp" 165 "Stopping Clean Controller Impl"
05/14/18 " 00:50:29.010" 61620765 12d8 178c INFO SwissarmyDDA DDAUnload "dda.cpp" 281 "Swissarmy driver successfully removed."
05/14/18 " 00:50:29.010" 61620765 12d8 178c INFO SwissarmyShim SwissarmyShimImpl::UninstallInternal "SwissarmyShimImpl.cpp" 1783 "Swissarmy uninstalled. DdaContext (000001AED902F0E0)"
05/14/18 " 00:50:29.010" 61620765 12d8 178c INFO SwissarmyShim SwissarmyShimImpl::Uninstall "SwissarmyShimImpl.cpp" 208 "Successfully uninstalled Swissarmy. SwissarmyHandle (d902f0e0)"
05/14/18 " 00:50:29.135" 61620890 12d8 178c INFO CleanControllerImpl CleanControllerImpl::ThreadLoop::<lambda_4375c5e3f6111d1e5b82059269c270c0>::operator () "CleanControllerImpl.cpp" 811 "Exiting CleanControllerImpl::ThreadLoop()"
05/14/18 " 00:50:29.181" 61620937 12d8 1588 INFO CleanController CCleanController::StopV2 "CleanController.cpp" 419 "CleanController shutdown complete"
05/14/18 " 00:50:29.181" 61620937 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 645 "Successfully stopped Clean Controller"
05/14/18 " 00:50:29.181" 61620937 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 664 "Stopping Telemetry Controller"
05/14/18 " 00:50:29.213" 61620968 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 673 "Successfully stopped Telemetry Controller"
05/14/18 " 00:50:29.213" 61620968 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 680 "Stopping Cloud Controller"
05/14/18 " 00:50:29.275" 61621031 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 689 "Successfully stopped Cloud Controller"
05/14/18 " 00:50:29.275" 61621031 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 696 "Stopping Update Controller"
05/14/18 " 00:50:29.338" 61621093 12d8 1588 INFO UpdateControllerCOM CUpdateControllerModuleLoader::UnloadImplementation "UpdateControllerModuleLoader.cpp" 139 "Unloaded the Update Controller implementation module."
05/14/18 " 00:50:29.338" 61621093 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 705 "Successfully stopped Update Controller"
05/14/18 " 00:50:29.338" 61621093 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 719 "Stopping License Controller"
05/14/18 " 00:50:29.385" 61621140 12d8 1588 INFO LicenseControllerCOM CLicenseControllerModuleLoader::UnloadImplementation "LicenseControllerModuleLoader.cpp" 145 "Unloaded the License Controller implementation module."
05/14/18 " 00:50:29.385" 61621140 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 728 "Successfully stopped License Controller"
05/14/18 " 00:50:29.385" 61621140 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 735 "Stopping Policies Controller"
05/14/18 " 00:50:29.400" 61621156 12d8 1588 INFO PoliciesControllerCOM CPoliciesControllerModuleLoader::UnloadImplementation "PoliciesControllerModuleLoader.cpp" 114 "Unloaded the Policies Controller implementation module."
05/14/18 " 00:50:29.400" 61621156 12d8 1588 INFO PoliciesControllerCOM CPoliciesController::Stop "PoliciesController.cpp" 133 "Policies Controller shutdown complete"
05/14/18 " 00:50:29.400" 61621156 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 744 "Successfully stopped Policies Controller"
05/14/18 " 00:50:29.400" 61621156 12d8 1588 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 757 "Service Controller stopped successfully in 7.071 seconds."
05/14/18 " 00:50:29.400" 61621156 12d8 1588 INFO LogController CLogController::Stop "LogController.cpp" 192 "Stopping logging"
Code:
ATTFilter C:\$Recycle.Bin\S-1-5-21-2369424989-362787197-3549092213-1000\$R3GHQBB.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Dropbox\Martina\Werbetexten\Hintergrundwissen\Wilke_Nichefinding.pdf PDF/Phishing.A.Gen Trojaner
C:\Dropbox\Martina\Werbetexten\Website\Traffic_generation\Traffic-Report_Kim Roach.pdf PDF/Phishing.A.Gen Trojaner
C:\Dropbox\Martina\Werbetexten\Website\Traffic_generation\Underground-Traffic-Black-Book.pdf PDF/Phishing.A.Gen Trojaner
C:\Dropbox\Martina\Werbetexten\Website\Traffic_generation\untapped-traffic.pdf PDF/Phishing.A.Gen Trojaner
C:\sich_ALTES_G\ehem Inhalte Kingston Stick\Martina\Werbetexten\Hintergrundwissen\Wilke_Nichefinding.pdf PDF/Phishing.A.Gen Trojaner
C:\sich_ALTES_G\ehem Inhalte Kingston Stick\Martina\Werbetexten\Website\Traffic_generation\Traffic-Report_Kim Roach.pdf PDF/Phishing.A.Gen Trojaner
C:\sich_ALTES_G\ehem Inhalte Kingston Stick\Martina\Werbetexten\Website\Traffic_generation\Underground-Traffic-Black-Book.pdf PDF/Phishing.A.Gen Trojaner
C:\sich_ALTES_G\ehem Inhalte Kingston Stick\Martina\Werbetexten\Website\Traffic_generation\untapped-traffic.pdf PDF/Phishing.A.Gen Trojaner
C:\sich_ALTES_G\GroßeDateien_Videos_etc\Inhalt_Challenge_Bibendum_Stick\Downloads\AshampooBurningStudioElements.zip Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung,Win32/Toolbar.Conduit.AS eventuell unerwünschte Anwendung
C:\sich_ALTES_G\GroßeDateien_Videos_etc\Inhalt_Challenge_Bibendum_Stick\Downloads\cnet_TakeABreakSetup_exe.exe Variante von Win32/InstallCore.D eventuell unerwünschte Anwendung
C:\sich_ALTES_G\GroßeDateien_Videos_etc\Inhalt_Challenge_Bibendum_Stick\Downloads\FreeAudioDub.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\sich_ALTES_G\GroßeDateien_Videos_etc\Inhalt_Challenge_Bibendum_Stick\Downloads\FreeVideoDub.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\sich_ALTES_G\GroßeDateien_Videos_etc\Inhalt_Challenge_Bibendum_Stick\Downloads\FreeVideoToMp3Converter.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\sich_ALTES_G\GroßeDateien_Videos_etc\Inhalt_Challenge_Bibendum_Stick\Downloads\AshampooBurningStudioElements\Setup.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung,Win32/Toolbar.Conduit.AS eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Adobe Digital Editions - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\anki-2.0.36 - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\AshampooBurningStudioElements.zip Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung,Win32/Toolbar.Conduit.AS eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\BitBox Browser in the Box Firefox Edition - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\driverscanner.exe Variante von Win32/UniBlue.F eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Dropbox - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\FFSetup3.6.0.0.exe Variante von Win32/Hao123.A eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Free AVI Video Converter - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\FreeAudioDub.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\FreeVideoDub.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\FreeVideoToMP3Converter_alt.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\FreeVideoToMP3Converter_alt1.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\jing_2.8.13007.1 - CHIP-Downloader.exe Variante von Win32/DownloadSponsor.A eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\LibreOffice 32 Bit - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\LibreOffice 64 Bit - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\PDFCreator-2_1_1-setup.exe Win32/InstallMonetizer.AQ eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\ReaderInstaller_CB-DL-Manager.exe Variante von Win32/DownloadGuide.D eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\ShellExView - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Skype - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\TeamViewer - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\TinyPic - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\TV Browser - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Unlocker1.9.1-x64.exe Win32/Adware.ADON eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\webde_updatestardrivers.exe Win32/UwS.UpdStarDrv.A Anwendung
C:\Users\Admin\Downloads\Downloads\AshampooBurningStudioElements\Setup.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung,Win32/Toolbar.Conduit.AS eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Downloads\AshampooBurningStudioElements.zip Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung,Win32/Toolbar.Conduit.AS eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Downloads\FreeAudioDub.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Downloads\FreeVideoDub.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Downloads\FreeVideoToMP3Converter_alt.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Downloads\FreeVideoToMP3Converter_alt1.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Downloads\AshampooBurningStudioElements\Setup.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung,Win32/Toolbar.Conduit.AS eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\Filezilla\FileZilla - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Admin\Downloads\Downloads\MediathekView\MediathekView - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\marelro\Dropbox\Martina\Werbetexten\Hintergrundwissen\Wilke_Nichefinding.pdf PDF/Phishing.A.Gen Trojaner
C:\Users\marelro\Dropbox\Martina\Werbetexten\Website\Traffic_generation\Traffic-Report_Kim Roach.pdf PDF/Phishing.A.Gen Trojaner
C:\Users\marelro\Dropbox\Martina\Werbetexten\Website\Traffic_generation\Underground-Traffic-Black-Book.pdf PDF/Phishing.A.Gen Trojaner
C:\Users\marelro\Dropbox\Martina\Werbetexten\Website\Traffic_generation\untapped-traffic.pdf PDF/Phishing.A.Gen Trojaner
C:\Windows\Temp\WebCompanion.zip Variante von MSIL/WebCompanion.D eventuell unerwünschte Anwendung,Variante von MSIL/WebCompanion.C eventuell unerwünschte Anwendung
C:\Windows\Temp\wctmp_2012866140\WcInstaller.exe Variante von MSIL/WebCompanion.C eventuell unerwünschte Anwendung
C:\Windows\Temp\wctmp_694811458\WcInstaller.exe Variante von MSIL/WebCompanion.C eventuell unerwünschte Anwendung
|
|
14.05.2018, 14:36
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Was postest du denn da?  Bitte lies die Anleitung zu Malwarebytes, da steht auch welche Logs wie gepostet werden sollen!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.05.2018, 14:47
| #20 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Sorry! (drum war's so schwierig) Hab 2 Berichte nach Anleitung gefunden: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 12.05.18
Scan-Zeit: 13:49
Protokolldatei: 98c086ec-55da-11e8-b8f6-2c56dc97df15.json
Administrator: Nein
-Softwaredaten-
Version: 3.5.1.2522
Komponentenversion: 1.0.365
Version des Aktualisierungspakets: 1.0.5078
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 16299.371)
CPU: x64
Dateisystem: NTFS
Benutzer: Admin-PC\marelro
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 414834
Erkannte Bedrohungen: 58
In die Quarantäne verschobene Bedrohungen: 53
Abgelaufene Zeit: 5 Min., 59 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 1
PUP.Optional.ChipDe, C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE, Keine Aktion durch Benutzer, [7305], [449637],1.0.5078
Modul: 1
PUP.Optional.ChipDe, C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE, Keine Aktion durch Benutzer, [7305], [449637],1.0.5078
Registrierungsschlüssel: 8
PUP.Optional.Conduit, HKU\S-1-5-21-2369424989-362787197-3549092213-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [221], [236865],1.0.5078
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [221], [236865],1.0.5078
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [221], [236865],1.0.5078
PUP.Optional.Conduit, HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, In Quarantäne, [221], [236865],1.0.5078
PUP.Optional.GreatDealz, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lobonlhedgiilkfmbbbfhkaoefacipgj, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.ChipDe, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}, In Quarantäne, [7305], [458401],1.0.5078
PUP.Optional.ChipDe, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\chip1click, Keine Aktion durch Benutzer, [7305], [449637],1.0.5078
PUP.Optional.ChipDe, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\chip 1-click download service, Keine Aktion durch Benutzer, [7305], [463412],1.0.5078
Registrierungswert: 2
PUP.Optional.Conduit, HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In Quarantäne, [221], [236865],1.0.5078
PUP.Optional.Conduit, HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, In Quarantäne, [221], [236865],1.0.5078
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 16
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.IoloSC, C:\PROGRAM FILES (X86)\IOLO\SYSTEM CHECKUP, In Quarantäne, [1047], [349237],1.0.5078
PUP.Optional.GreatDealz, C:\PROGRAM FILES (X86)\GREATDEALZ, In Quarantäne, [1919], [388477],1.0.5078
Datei: 30
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json, In Quarantäne, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Ersetzt, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Ersetzt, [1919], [466866],1.0.5078
PUP.Optional.GreatDealz, C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx, In Quarantäne, [1919], [388477],1.0.5078
PUP.Optional.ChipDe, C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE, Keine Aktion durch Benutzer, [7305], [449637],1.0.5078
PUP.Optional.Conduit, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS, Ersetzt, [221], [301520],1.0.5078
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 13.05.18
Scan-Zeit: 05:58
Protokolldatei: e030a797-5661-11e8-ad41-2c56dc97df15.json
Administrator: Ja
-Softwaredaten-
Version: 3.5.1.2522
Komponentenversion: 1.0.365
Version des Aktualisierungspakets: 1.0.5086
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 16299.431)
CPU: x64
Dateisystem: NTFS
Benutzer: System
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Zeitplaner
Ergebnis: Abgeschlossen
Gescannte Objekte: 412330
Erkannte Bedrohungen: 5
In die Quarantäne verschobene Bedrohungen: 5
Abgelaufene Zeit: 14 Min., 15 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 1
PUP.Optional.ChipDe, C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE, In Quarantäne, [7306], [449637],1.0.5086
Modul: 1
PUP.Optional.ChipDe, C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE, In Quarantäne, [7306], [449637],1.0.5086
Registrierungsschlüssel: 2
PUP.Optional.ChipDe, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\chip1click, In Quarantäne, [7306], [449637],1.0.5086
PUP.Optional.ChipDe, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\chip 1-click download service, In Quarantäne, [7306], [463412],1.0.5086
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 1
PUP.Optional.ChipDe, C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE, In Quarantäne, [7306], [449637],1.0.5086
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
14.05.2018, 14:50
| #21 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-ThreadsZitat:
 Lesestoff:chip.de / CHIP-Installer Keine Downloads mehr von CHIP.de! Die verarschen ihre Kunden aus reiner Profitgier. Siehe auch http://www.trojaner-board.de/168364-...mpfehlung.html und CHIP-Installer - was ist das? - Anleitungen Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads |
|
14.05.2018, 14:55
| #22 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Und hier noch das vom FRST-Tool (hab das unter Admin noch mal frisch gemacht) FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12.05.2018
durchgeführt von Admin (Administrator) auf ADMIN-PC (14-05-2018 15:46:59)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin & marelro & (Verfügbare Profile: Admin & marelro & DefaultAppPool)
Platform: Windows 10 Pro Version 1709 16299.431 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Everything\Everything.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Scirocco Consultants Inc.) C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe
(Nextcloud GmbH) C:\Program Files (x86)\Nextcloud\nextcloud.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET spol. s r.o.) C:\Users\marelro\Downloads\esetonlinescanner_deu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Everything\Everything.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kerish Products) C:\Program Files (x86)\Kerish Doctor\KerishDoctor.exe
(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Scirocco Consultants Inc.) C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe
(Bartels Media GmbH) C:\Program Files (x86)\WordExpander\WordExpander.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe
() C:\Program Files\Everything\Everything.exe
(ESET spol. s r.o.) C:\Users\Admin\Downloads\Downloads\esetonlinescanner_deu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-12] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-05-04] (Dropbox, Inc.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4596904 2016-08-12] (Fitbit, Inc.)
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-10-24] (Sony Corporation)
HKLM-x32\...\Run: [GDataUsbProtection] => C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe [1412216 2014-09-05] (G Data Software AG)
HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2862312 2018-01-26] (1und1 Mail und Media GmbH)
HKLM-x32\...\RunOnce: [MailCheck IE Update] => C:\Program Files (x86)\Common Files\1&1 Mail & Media GmbH\MailCheck IE\Update\nsl117E.tmp\WEB.DE_MailCheck_IE_Update_2.7.2.0.exe [4173464 2018-04-28] (1&1 Mail & Media GmbH)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Run: [TakeABreak] => C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe [925696 2012-08-01] (Scirocco Consultants Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Run: [WordExpander] => C:\Program Files (x86)\WordExpander\WordExpander.exe [488448 2011-12-22] (Bartels Media GmbH)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4596904 2016-08-12] (Fitbit, Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Run: [TakeABreak] => C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe [925696 2012-08-01] (Scirocco Consultants Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Run: [WordExpander] => C:\Program Files (x86)\WordExpander\WordExpander.exe [488448 2011-12-22] (Bartels Media GmbH)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4596904 2016-08-12] (Fitbit, Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\Run: [TakeABreak] => C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe [925696 2012-08-01] (Scirocco Consultants Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\Run: [Nextcloud] => C:\Program Files (x86)\Nextcloud\nextcloud.exe [4604806 2017-11-20] (Nextcloud GmbH)
HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\Run: [TakeABreak] => C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe [925696 2012-08-01] (Scirocco Consultants Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\Run: [Nextcloud] => C:\Program Files (x86)\Nextcloud\nextcloud.exe [4604806 2017-11-20] (Nextcloud GmbH)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154057347\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b103b51a-61bb-4ebc-8364-f2d3e4cd28dc}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/tb/ie_startpage
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/tb/ie_startpage
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-2369424989-362787197-3549092213-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/?gws_rd=ssl
HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> DefaultScope {A1ACEAB6-04F0-4803-84F8-34D36B6FCB18} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {1B6BEA53-C67C-4329-9F0F-DE874680E198} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {4C3472AE-5D40-4315-A00E-D6113A4E0557} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {A1ACEAB6-04F0-4803-84F8-34D36B6FCB18} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {B4DD821A-7DA5-423C-B77D-FCAAFDD916A4} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> DefaultScope {A1ACEAB6-04F0-4803-84F8-34D36B6FCB18} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {1B6BEA53-C67C-4329-9F0F-DE874680E198} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {4C3472AE-5D40-4315-A00E-D6113A4E0557} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {A1ACEAB6-04F0-4803-84F8-34D36B6FCB18} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {B4DD821A-7DA5-423C-B77D-FCAAFDD916A4} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> {6B866410-DBD1-477F-BB59-E3134350240B} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> {6D3AC202-51B6-4E51-B36E-7D9F54D5C5D9} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> {BE151D4D-A751-49F8-92B5-3C488857D889} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> {D0D3503D-8EA8-4906-A1CA-4789D163BFF8} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> {6B866410-DBD1-477F-BB59-E3134350240B} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> {6D3AC202-51B6-4E51-B36E-7D9F54D5C5D9} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> {BE151D4D-A751-49F8-92B5-3C488857D889} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> {D0D3503D-8EA8-4906-A1CA-4789D163BFF8} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-15] (Oracle Corporation)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-04-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-15] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-04-30] (Microsoft Corporation)
Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Toolbar: HKLM-x32 - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Toolbar: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Toolbar: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> hxxp://go.web.de/tb/ie_startpage
FireFox:
========
FF DefaultProfile: 9xuu7j7s.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default [2018-05-14]
FF Homepage: Mozilla\Firefox\Profiles\9xuu7j7s.default -> www.google.de
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2017-07-05]
FF Extension: (Textmarker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\textMarker@underFlyingBirches.org.xpi [2018-05-13]
FF Extension: (uMatrix) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\uMatrix@raymondhill.net.xpi [2018-05-10]
FF Extension: (Avast Online Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\wrc@avast.com.xpi [2017-10-06]
FF Extension: (Video DownloadHelper) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-04-15]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\searchplugins\google-lavasoft.xml [2016-11-19]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\KompoZer\Profiles\6meji5zn.default [2017-04-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-11] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-15] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-25] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-10-24] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2018-05-14]
CHR Extension: (Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-18]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-18]
CHR Extension: (Full Page Screen Capture) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2018-05-14]
CHR Extension: (Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-18]
CHR Extension: (Plus for Trello (time track, reports, scrum)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjpophepkbhejnglcmkdnncmaanojkf [2018-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-14]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-02] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-12] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-12] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566448 2018-04-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-05-04] (Dropbox, Inc.)
R2 Everything; C:\Program Files\Everything\Everything.exe [2197608 2017-06-07] ()
S2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5911720 2016-08-12] (Fitbit, Inc.) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-10] (Microsoft Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WEBDE_MailCheck_Update; C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Update.exe [593128 2018-01-26] (Pixality Computersysteme GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-10] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-10] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-10] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-10] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560 2018-05-12] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-12] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120 2018-05-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111360 2018-05-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-05-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-05-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381552 2018-05-12] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-15] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R3 GDKBBlocker; C:\WINDOWS\system32\drivers\GDKBBlocker64.sys [30720 2018-04-07] (G Data Software AG)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-11-23] (REALiX(tm))
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2017-05-17] (Highresolution Enterprises [www.highrez.co.uk])
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-05-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-05-14] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-05-14] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-14] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-05-14] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-29] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [828688 2018-04-15] (IDRIX)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-05-14 15:46 - 2018-05-14 15:47 - 000035161 _____ C:\Users\Admin\Desktop\FRST.txt
2018-05-14 15:41 - 2018-05-14 15:41 - 000001981 _____ C:\Users\Admin\Desktop\MBAM_Bericht_vom_1305.txt
2018-05-14 15:40 - 2018-05-14 15:40 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-14 15:40 - 2018-05-14 15:40 - 000011783 _____ C:\Users\Admin\Desktop\MBAM_Bericht_vom1205.txt
2018-05-14 15:39 - 2018-05-14 15:39 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-14 15:39 - 2018-05-14 15:39 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-14 15:39 - 2018-05-14 15:39 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-14 15:39 - 2018-05-14 15:39 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-14 14:09 - 2018-05-14 14:10 - 000094313 _____ C:\Users\marelro\Downloads\FRST.txt
2018-05-14 14:08 - 2018-05-14 15:46 - 000000000 ____D C:\FRST
2018-05-14 13:07 - 2018-05-14 13:07 - 002404864 _____ (Farbar) C:\Users\marelro\Downloads\FRST64.exe
2018-05-14 00:33 - 2018-05-14 00:34 - 002404864 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2018-05-13 22:28 - 2018-05-13 22:28 - 000000648 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1000.job
2018-05-13 22:28 - 2018-05-13 22:28 - 000000552 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1000.job
2018-05-13 21:50 - 2018-05-14 14:10 - 000063877 _____ C:\Users\marelro\Downloads\Addition.txt
2018-05-13 16:58 - 2018-05-13 16:58 - 000000000 ____D C:\Users\marelro\AppData\Local\ESET
2018-05-13 16:58 - 2018-05-13 16:58 - 000000000 ____D C:\Users\Admin\AppData\Local\ESET
2018-05-13 16:56 - 2018-05-13 16:56 - 006974584 _____ (ESET spol. s r.o.) C:\Users\marelro\Downloads\esetonlinescanner_deu.exe
2018-05-12 18:19 - 2018-05-01 23:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-12 18:19 - 2018-05-01 23:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-12 18:12 - 2018-05-12 18:12 - 000001249 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2018-05-12 18:12 - 2018-05-12 18:12 - 000000000 ____D C:\Users\Default\AppData\Roaming\Foxit Software
2018-05-12 18:12 - 2018-05-12 18:12 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Foxit Software
2018-05-12 13:49 - 2018-05-12 13:49 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-12 13:49 - 2018-05-12 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-12 13:49 - 2018-05-12 13:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-12 13:49 - 2018-05-12 13:49 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-12 13:49 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-05-12 13:48 - 2018-05-12 13:48 - 075086152 _____ (Malwarebytes ) C:\Users\marelro\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.365-1.0.5068.exe
2018-05-12 01:58 - 2018-05-12 01:58 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-05-12 01:51 - 2018-05-12 01:50 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000381552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000159120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000111360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-05-12 01:51 - 2018-03-10 06:54 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-05-12 01:51 - 2018-03-10 06:54 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-05-12 01:51 - 2018-03-10 06:54 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-05-12 01:51 - 2018-03-10 06:54 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-05-12 01:50 - 2018-05-12 01:50 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-05-11 07:31 - 2018-05-11 07:31 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-11 07:31 - 2018-05-11 07:31 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-11 07:31 - 2018-05-11 07:31 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-11 07:31 - 2018-05-11 07:31 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-11 07:29 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-11 07:29 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-11 07:29 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-11 07:29 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-11 07:29 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-11 07:29 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-11 07:29 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-11 07:29 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-11 07:29 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-11 07:29 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-11 07:29 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-11 07:29 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-11 07:29 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-11 07:29 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-11 07:29 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-11 07:29 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-11 07:29 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-11 07:29 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-11 07:29 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-11 07:29 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-11 07:29 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-11 07:29 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-11 07:29 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-11 07:29 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-11 07:29 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-11 07:29 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-11 07:29 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-11 07:29 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-11 07:29 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-11 07:29 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-11 07:29 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-11 07:29 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-11 07:29 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-11 07:29 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-11 07:29 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-11 07:29 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-11 07:29 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-11 07:29 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-11 07:29 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-11 07:29 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-11 07:29 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-11 07:29 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-11 07:29 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-11 07:29 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-11 07:29 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-11 07:29 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-11 07:29 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-11 07:29 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-11 07:29 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-11 07:29 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-11 07:29 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-11 07:29 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-11 07:29 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-11 07:29 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-11 07:29 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-11 07:29 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-11 07:29 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-11 07:29 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-11 07:29 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-11 07:29 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-11 07:29 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-11 07:29 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-11 07:29 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-11 07:29 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-11 07:29 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-11 07:29 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-11 07:29 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-11 07:29 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-11 07:29 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-11 07:29 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-11 07:29 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-11 07:29 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-11 07:29 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-11 07:29 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-11 07:29 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-11 07:29 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-11 07:29 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-11 07:29 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-11 07:29 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-11 07:29 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-11 07:29 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-11 07:29 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-11 07:29 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-11 07:29 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-11 07:29 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-11 07:29 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-11 07:29 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-11 07:29 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-11 07:29 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-11 07:29 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-11 07:29 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-11 07:29 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-11 07:29 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-11 07:29 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-11 07:29 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-11 07:29 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-11 07:29 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-11 07:29 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-11 07:29 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-11 07:29 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-11 07:29 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-11 07:29 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-11 07:29 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-11 07:29 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-11 07:29 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-11 07:29 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-11 07:29 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-11 07:29 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-11 07:29 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-11 07:29 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-11 07:29 - 2018-04-15 22:00 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-11 07:28 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-11 07:28 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-11 07:28 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-11 07:28 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-11 07:28 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-11 07:28 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-11 07:28 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-11 07:28 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-11 07:28 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-11 07:28 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-11 07:28 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-11 07:28 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-11 07:28 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-11 07:28 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-11 07:28 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-11 07:28 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-11 07:28 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-11 07:28 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-11 07:28 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-11 07:28 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-11 07:28 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-11 07:28 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-11 07:28 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-11 07:28 - 2018-05-03 09:36 - 000397728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-05-11 07:28 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 001628064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 000831392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 000645536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-11 07:28 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-11 07:28 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-11 07:28 - 2018-05-03 09:32 - 000744864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-05-11 07:28 - 2018-05-03 09:32 - 000670104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-05-11 07:28 - 2018-05-03 09:32 - 000231328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-05-11 07:28 - 2018-05-03 09:31 - 001420704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-05-11 07:28 - 2018-05-03 09:30 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-05-11 07:28 - 2018-05-03 09:30 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-05-11 07:28 - 2018-05-03 09:30 - 000813984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-05-11 07:28 - 2018-05-03 09:30 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-05-11 07:28 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-11 07:28 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-11 07:28 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-11 07:28 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-11 07:28 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-11 07:28 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-11 07:28 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-11 07:28 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-11 07:28 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-11 07:28 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-11 07:28 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-11 07:28 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-11 07:28 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-11 07:28 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-11 07:28 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-11 07:28 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-11 07:28 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-11 07:28 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-11 07:28 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-11 07:28 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-11 07:28 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-11 07:28 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-11 07:28 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-11 07:28 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-11 07:28 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-11 07:28 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-11 07:28 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-11 07:28 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-11 07:28 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-11 07:28 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-11 07:28 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-11 07:28 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-11 07:28 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-11 07:28 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-11 07:28 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-11 07:28 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-11 07:28 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-11 07:28 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-11 07:28 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-11 07:28 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-11 07:28 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-11 07:28 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-11 07:28 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-11 07:28 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-11 07:28 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-11 07:28 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-11 07:28 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-11 07:28 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-11 07:28 - 2018-04-15 23:36 - 002376088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2018-05-11 07:28 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-11 07:28 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-11 07:28 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-11 07:28 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-11 07:28 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-11 07:28 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-11 07:28 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-11 07:28 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-11 07:28 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-11 07:28 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-11 07:28 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-11 07:28 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-11 07:28 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-11 07:28 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-11 07:28 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-11 07:28 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-11 07:28 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-11 07:28 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-11 07:28 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-11 07:28 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-11 07:28 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-11 07:28 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-11 07:28 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-11 07:28 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-11 07:28 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-11 07:28 - 2018-04-15 22:33 - 001623960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2018-05-11 07:28 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-11 07:28 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-11 07:28 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-11 07:28 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-11 07:28 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-11 07:28 - 2018-04-15 22:12 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-11 07:28 - 2018-04-15 22:08 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-11 07:28 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-11 07:28 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-11 07:28 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-11 07:28 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-11 07:28 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-11 07:28 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-11 07:28 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-11 07:28 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-11 07:28 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-11 07:28 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-11 07:28 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-11 06:49 - 2018-05-12 18:17 - 000000660 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1004.job
2018-05-11 06:49 - 2018-05-12 18:17 - 000000564 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1004.job
2018-05-09 11:58 - 2018-05-12 14:08 - 000000600 _____ C:\Users\marelro\AppData\Roaming\winscp.rnd
2018-05-09 05:47 - 2018-05-09 05:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-05-08 23:42 - 2018-05-08 23:42 - 000000600 _____ C:\Users\Admin\AppData\Roaming\winscp.rnd
2018-05-08 23:35 - 2018-05-08 23:35 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2018-05-08 23:35 - 2018-05-08 23:35 - 000001146 _____ C:\Users\Public\Desktop\WinSCP.lnk
2018-05-08 23:35 - 2018-05-08 23:35 - 000000000 ____D C:\Program Files (x86)\WinSCP
2018-05-08 23:32 - 2018-05-08 23:33 - 009649448 _____ (Martin Prikryl ) C:\Users\marelro\Downloads\WinSCP-5.13.1-Setup.exe
2018-05-08 06:39 - 2018-05-08 06:39 - 000006226 _____ C:\Users\marelro\AppData\Local\recently-used.xbel
2018-05-06 13:20 - 2018-05-06 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
2018-05-06 13:20 - 2018-05-06 13:20 - 000000000 ____D C:\Program Files\WEB.DE MailCheck
2018-05-06 13:20 - 2018-05-06 13:20 - 000000000 ____D C:\Program Files (x86)\WEB.DE MailCheck
2018-05-04 20:06 - 2018-05-04 20:06 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-05-04 20:06 - 2018-05-04 20:06 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-05-04 20:06 - 2018-05-04 20:06 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-05-04 20:06 - 2018-05-04 20:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-05-02 18:46 - 2018-05-14 15:32 - 000000000 ____D C:\Users\marelro\Nextcloud
2018-05-02 18:37 - 2018-05-13 16:53 - 000000000 ____D C:\Users\marelro\AppData\Local\Nextcloud
2018-05-02 18:37 - 2018-05-02 18:37 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2018-05-02 18:37 - 2018-05-02 18:37 - 000001088 _____ C:\Users\Public\Desktop\Nextcloud.lnk
2018-05-02 18:31 - 2018-05-02 18:37 - 000000000 ____D C:\Program Files (x86)\Nextcloud
2018-05-02 18:31 - 2018-05-02 18:31 - 039993464 _____ (Nextcloud GmbH) C:\Users\marelro\Downloads\Nextcloud-2.3.3.1-setup.exe
2018-04-28 09:12 - 2018-05-11 22:34 - 000004628 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Users\Default\AppData\Local\Adobe
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Users\Default User\AppData\Local\Adobe
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Macromedia
2018-04-25 11:00 - 2018-04-25 11:00 - 000000000 ____D C:\Users\marelro\AppData\Local\AVAST Software
2018-04-18 14:04 - 2018-04-28 16:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-04-17 05:48 - 2018-05-04 21:38 - 000000000 ____D C:\Users\marelro\AppData\Local\CrashDumps
2018-04-15 20:51 - 2018-04-15 20:52 - 2147483648 _____ C:\Users\marelro\Documents\MARELRO_VC
2018-04-15 20:21 - 2018-04-15 20:21 - 000000000 ____D C:\Users\marelro\AppData\Roaming\VeraCrypt
2018-04-15 20:15 - 2018-04-15 20:15 - 000828688 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys
2018-04-15 20:15 - 2018-04-15 20:15 - 000000888 _____ C:\Users\Public\Desktop\VeraCrypt.lnk
2018-04-15 20:14 - 2018-04-15 20:15 - 000000000 ____D C:\Program Files\VeraCrypt
2018-04-15 20:12 - 2018-04-15 20:12 - 000003670 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2018-04-15 20:12 - 2018-04-15 20:12 - 000003546 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2018-04-15 20:12 - 2018-04-15 20:12 - 000002574 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-04-15 20:12 - 2018-04-15 20:12 - 000002539 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-04-15 20:12 - 2018-04-15 20:12 - 000000000 ____D C:\Users\Admin\AppData\Local\AVAST Software
2018-04-15 20:12 - 2018-04-15 20:12 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-04-15 15:03 - 2018-04-15 15:03 - 000001326 _____ C:\Users\Admin\Desktop\Oxynger KeyShield.lnk
2018-04-15 15:03 - 2018-04-15 15:03 - 000000000 ____D C:\Users\marelro\AppData\Roaming\Oxynger
2018-04-15 15:03 - 2018-04-15 15:03 - 000000000 ____D C:\ProgramData\Oxynger
2018-04-15 15:03 - 2018-04-15 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oxynger KeyShield
2018-04-15 15:03 - 2018-04-15 15:03 - 000000000 ____D C:\Program Files (x86)\Oxynger
2018-04-15 15:02 - 2018-04-15 15:03 - 002518347 _____ (Oxynger Technologies ) C:\Users\marelro\Downloads\Oxynger_KeyShield_Setup.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-05-14 14:11 - 2017-12-02 14:17 - 000000000 ____D C:\Users\marelro\AppData\Roaming\Everything
2018-05-14 14:05 - 2016-11-20 19:39 - 000000000 ____D C:\temp
2018-05-14 12:43 - 2017-12-10 09:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-14 11:28 - 2017-12-02 13:41 - 000000000 ____D C:\Users\marelro\AppData\LocalLow\Mozilla
2018-05-14 02:32 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-14 00:51 - 2016-11-21 13:31 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2018-05-14 00:47 - 2017-02-22 09:23 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Everything
2018-05-14 00:47 - 2016-07-27 12:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2018-05-14 00:36 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-13 22:47 - 2017-09-02 16:40 - 000000000 ____D C:\Users\Admin\AppData\Local\Everything
2018-05-13 22:28 - 2017-12-10 09:43 - 000003802 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1000
2018-05-13 22:28 - 2017-12-10 09:43 - 000003706 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1000
2018-05-13 22:28 - 2017-10-24 11:19 - 000000000 ____D C:\Users\Admin\AppData\Local\GoToMeeting
2018-05-13 16:52 - 2017-12-02 22:39 - 000000000 ____D C:\Users\marelro\AppData\Local\Everything
2018-05-13 16:24 - 2017-12-02 13:47 - 000000000 ____D C:\Users\marelro\AppData\Roaming\Skype
2018-05-13 07:48 - 2017-12-10 09:22 - 003500870 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-13 07:48 - 2017-09-30 16:34 - 001646736 _____ C:\WINDOWS\system32\perfh007.dat
2018-05-13 07:48 - 2017-09-30 16:34 - 000416040 _____ C:\WINDOWS\system32\perfc007.dat
2018-05-13 07:44 - 2017-12-10 09:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-13 07:44 - 2016-11-19 22:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-05-13 07:43 - 2017-09-29 10:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-05-13 07:43 - 2017-05-17 20:30 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-05-12 21:46 - 2017-12-02 17:40 - 000000000 ____D C:\Users\marelro\AppData\Roaming\TV-Browser
2018-05-12 21:10 - 2017-12-10 09:55 - 000000000 ___RD C:\Users\Admin\3D Objects
2018-05-12 21:10 - 2016-04-27 07:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-12 18:23 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-12 18:20 - 2017-12-10 09:47 - 000000000 ___RD C:\Users\marelro\3D Objects
2018-05-12 18:19 - 2016-11-18 11:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-05-12 18:18 - 2017-12-10 09:19 - 000498816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-12 18:17 - 2017-08-26 08:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-12 18:17 - 2015-06-23 20:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-12 18:14 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-12 18:14 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-12 18:12 - 2018-01-08 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2018-05-12 18:00 - 2015-06-23 20:20 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-12 17:54 - 2017-12-10 09:28 - 000000000 ____D C:\Users\marelro\AppData\Local\Packages
2018-05-12 14:03 - 2017-04-26 19:00 - 000000000 ____D C:\Program Files (x86)\iolo
2018-05-11 22:55 - 2016-11-20 22:06 - 000008002 _____ C:\WINDOWS\BRRBCOM.INI
2018-05-11 22:36 - 2017-10-16 12:17 - 000000000 ____D C:\Users\Admin\Desktop\Avada_Full_Package
2018-05-11 22:34 - 2016-11-19 22:19 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2018-05-11 22:33 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-11 22:33 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-11 18:03 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-11 07:47 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-11 07:41 - 2015-06-23 21:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-11 07:38 - 2017-10-11 06:27 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-11 07:38 - 2015-06-23 21:22 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-11 07:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-11 06:49 - 2018-03-17 21:08 - 000003818 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1004
2018-05-11 06:49 - 2018-03-17 21:08 - 000003722 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1004
2018-05-11 06:49 - 2018-03-17 21:08 - 000000000 ____D C:\Users\marelro\AppData\Local\GoToMeeting
2018-05-09 05:48 - 2016-11-18 11:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-05-08 09:42 - 2017-12-04 23:09 - 000000000 __SHD C:\Users\marelro\AppData\Roaming\.#
2018-05-08 08:39 - 2017-12-02 21:25 - 000000000 ____D C:\Users\marelro\Documents\MailStore Home
2018-05-08 08:39 - 2017-11-25 14:03 - 000000000 ____D C:\ProgramData\firebird
2018-05-08 06:44 - 2017-12-13 16:35 - 000000000 ____D C:\Users\marelro\.gimp-2.8
2018-05-07 19:13 - 2017-12-02 22:23 - 000000000 ____D C:\Users\marelro\AppData\Roaming\FileZilla
2018-05-07 12:57 - 2017-12-07 22:39 - 000000000 ____D C:\Users\marelro\AppData\Roaming\vlc
2018-05-05 05:49 - 2017-12-10 10:23 - 000000600 _____ C:\Users\marelro\AppData\Local\PUTTY.RND
2018-05-03 13:25 - 2017-12-13 16:38 - 000000000 ____D C:\Users\marelro\AppData\Local\gtk-2.0
2018-05-02 18:46 - 2017-12-10 09:27 - 000000000 ____D C:\Users\marelro
2018-05-02 08:36 - 2018-03-22 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2018-05-02 05:45 - 2016-11-18 09:33 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-02 05:45 - 2016-11-18 09:33 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-01 19:09 - 2018-03-28 13:00 - 000000000 ____D C:\Users\marelro\Documents\Steuer
2018-05-01 19:08 - 2018-02-26 18:46 - 000000000 ____D C:\Users\marelro\AppData\Local\Buhl
2018-04-28 09:39 - 2017-11-25 14:24 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2018-04-28 09:39 - 2017-11-25 14:24 - 000001097 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2018-04-28 09:39 - 2016-07-27 13:46 - 000000958 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-04-25 11:05 - 2017-12-02 17:44 - 000000000 ___RD C:\Users\marelro\Dropbox
2018-04-25 10:56 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-04-25 10:55 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-04-25 10:55 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-20 08:15 - 2017-02-21 18:20 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-04-20 08:15 - 2016-07-27 12:14 - 000000000 ____D C:\ProgramData\Skype
2018-04-15 20:16 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-15 20:13 - 2016-11-18 11:44 - 000000000 ___RD C:\Dropbox
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2018-05-08 23:42 - 2018-05-08 23:42 - 000000600 _____ () C:\Users\Admin\AppData\Roaming\winscp.rnd
2006-12-11 20:13 - 2006-12-11 20:13 - 000097336 _____ (Un4seen Developments) C:\Users\Admin\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 000013872 _____ (Un4seen Developments) C:\Users\Admin\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 000102912 _____ (Albert L Faber) C:\Users\Admin\AppData\Local\CDRip.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 000155136 _____ () C:\Users\Admin\AppData\Local\lame_enc.dll
2007-01-18 22:09 - 2007-01-18 22:09 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Admin\AppData\Local\No23 Recorder.exe
2005-08-23 23:34 - 2005-08-23 23:34 - 000029184 _____ () C:\Users\Admin\AppData\Local\no23xwrapper.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 000015872 _____ () C:\Users\Admin\AppData\Local\ogg.dll
2017-10-27 17:45 - 2017-12-10 11:31 - 000000600 _____ () C:\Users\Admin\AppData\Local\PUTTY.RND
2017-11-11 01:21 - 2017-11-11 01:21 - 000001434 _____ () C:\Users\Admin\AppData\Local\RecConfig.xml
2017-11-12 21:33 - 2017-11-12 21:33 - 000027498 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-06-24 07:03 - 2015-06-24 07:03 - 000007605 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2006-10-26 02:06 - 2006-10-26 02:06 - 000143872 _____ () C:\Users\Admin\AppData\Local\vorbis.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 000064000 _____ () C:\Users\Admin\AppData\Local\vorbisenc.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 000019456 _____ () C:\Users\Admin\AppData\Local\vorbisfile.dll
Einige Dateien in TEMP:
====================
2018-01-08 21:20 - 2017-10-18 20:55 - 003729984 _____ (Foxit Corporation) C:\Users\Admin\AppData\Local\Temp\FoxitUpdater.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-05-11 09:08
==================== Ende von FRST.txt ============================
|
|
14.05.2018, 14:58
| #23 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Das mit dem Chip-Installer hab ich nach etwas Lesen hier mittlerweile auch mitbekommen. Leider zu spät. Gehe ab jetzt immer zu filepony (Ich habe das mit dem Chocolatey auch gesehen, aber mich noch nicht getraut. Vielleicht, wenn ich wieder etwas bessere Nerven hab. Hier die Addition von FRST: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12.05.2018
durchgeführt von Admin (14-05-2018 15:48:15)
Gestartet von C:\Users\Admin\Desktop
Windows 10 Pro Version 1709 16299.431 (X64) (2017-12-10 07:45:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-2369424989-362787197-3549092213-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2369424989-362787197-3549092213-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2369424989-362787197-3549092213-503 - Limited - Disabled)
Gast (S-1-5-21-2369424989-362787197-3549092213-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2369424989-362787197-3549092213-1003 - Limited - Enabled)
marelro (S-1-5-21-2369424989-362787197-3549092213-1004 - Limited - Enabled) => C:\Users\marelro
WDAGUtilityAccount (S-1-5-21-2369424989-362787197-3549092213-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{17992A33-06A9-9191-B613-86018E3A017E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: - )
AppLogLibSetup (HKLM-x32\...\{7C40ADB8-AD6E-4CDF-94A1-06ACDC99F90F}) (Version: 1.0.2.0 - Brother Industries Ltd.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.13.0 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 65.0.412.162 - AVAST Software)
Brackets (HKLM-x32\...\{9E1DE4E6-DA6C-46E9-9EF2-15189E534511}) (Version: 1.11 - brackets.io)
BrLauncher (HKLM-x32\...\{9483AB22-92AA-4161-9E79-DE77B71949DA}) (Version: 1.1.6.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{E9A086F3-E0CB-4E91-AABE-586D99788BC3}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{8281F578-2B02-4E98-956F-64E5D60D761B}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F98C83EC-0334-4F4E-8AC0-211DAC81ED35}) (Version: 1.0.5.2 - Brother Industries Ltd.) Hidden
BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{1BAE50D4-5F2A-4E34-BD81-B4555109F7C2}) (Version: 4.2.3.1 - Brother Insutries Ltd.) Hidden
ConvertHelper 3.2a1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
DeviceDetect (HKLM-x32\...\{0B226409-96A6-47F0-84D8-89223B6F9479}) (Version: 1.0.3.4 - Brother Industries Ltd.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 49.4.68 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Everything 1.4.1.877 (x64) (HKLM\...\Everything) (Version: 1.4.1.877 (x64) - David Carpenter)
FileZilla Client 3.31.0 (HKLM-x32\...\FileZilla Client) (Version: 3.31.0 - Tim Kosse)
Fitbit Connect (HKLM-x32\...\{3EEEE6FF-206D-47AC-B51D-20086090424A}) (Version: 2.0.1.6782 - Fitbit Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
G DATA USB KEYBOARD GUARD (HKLM-x32\...\{D8CBD59F-B29D-4E38-9D66-DEAEAB473FA9}) (Version: 1.1.0.4 - G DATA Software AG)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
GmailDefaultMaker (HKLM-x32\...\97F743A4-2B02-43DD-8B95-B4DDC413190A) (Version: 2.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
GoTo Opener (HKLM-x32\...\{351B54B2-1AFC-42A7-A8C0-9E05C26F0D1E}) (Version: 1.0.470 - LogMeIn, Inc.)
GoToMeeting 8.27.0.8789 (HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\GoToMeeting) (Version: 8.27.0.8789 - LogMeIn, Inc.)
GoToMeeting 8.27.0.8789 (HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\GoToMeeting) (Version: 8.27.0.8789 - LogMeIn, Inc.)
GoToMeeting 8.27.0.8789 (HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\GoToMeeting) (Version: 8.27.0.8789 - LogMeIn, Inc.)
GoToMeeting 8.27.0.8789 (HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\GoToMeeting) (Version: 8.27.0.8789 - LogMeIn, Inc.)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Jacquie Lawson Seaside Calendar (HKLM-x32\...\{81F01C43-2866-7192-F0B4-5D1B83D2011A}) (Version: 1.0.5 - Microcourt Limited) Hidden
Jacquie Lawson Seaside Calendar (HKLM-x32\...\com.jacquielawson.seaside2016) (Version: 1.0.5 - Microcourt Limited)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jutoh 2.62 (HKLM-x32\...\Jutoh_is1) (Version: 2.62 - Anthemion Software Ltd.)
Kerish Doctor 2018 (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.65 - Kerish Products)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LibreOffice 5.4.1.2 (HKLM\...\{C16F4B36-C5D5-4B14-B9A9-9ECA3C35C22A}) (Version: 5.4.1.2 - The Document Foundation)
MailStore Home 10.2.3.12921 (HKLM-x32\...\MailStore Home_universal1) (Version: 10.2.3.12921 - MailStore Software GmbH)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.9226.2126 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.0.6697 - Mozilla)
Mozilla Thunderbird 52.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.7.0 (x86 de)) (Version: 52.7.0 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
Nextcloud (HKLM-x32\...\Nextcloud) (Version: 2.3.3.1 - Nextcloud GmbH)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Oxynger KeyShield 1.1.0 (HKLM-x32\...\{100C4513-F98A-47E0-AEA0-A67B636D8F7A}_is1) (Version: 1.1.0 - Oxynger Technologies)
PC-FAXReceive (HKLM-x32\...\{8DB92891-74BB-464E-BCF8-6D6A9C2132AC}) (Version: 1.3.8.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{4D52CAB8-06E6-4511-B29C-E2F36B52AE12}) (Version: 1.0.4.5 - Brother Industries Ltd.) Hidden
Reader for PC (HKLM-x32\...\{D279DFB7-97A3-439D-8BE9-95D8AFA68562}) (Version: 2.4.01.10241 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{B6CE4633-EA3F-4856-9BCC-9B8702E076FE}) (Version: 3.8.0.0 - Brother Industries Ltd.) Hidden
Saola Animate (HKLM\...\{C609AB2B-39B6-4B3D-9C6B-8F136126658D}_is1) (Version: 1.1.0 - Atomi Systems, Inc.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scirocco Take a Break 3.1 (HKLM\...\{87764DE1-E730-4234-86A8-E8C60E8DFC6E}) (Version: 3.1 - Scirocco)
Scrivener (HKLM-x32\...\Scrivener 1970) (Version: 1970 - Literature and Latte)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 5.0.0.0 - ASCOMP Software GmbH)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Steuer 2016 (HKLM-x32\...\{284354A5-0D3A-4065-A997-C21762D0160E}) (Version: 24.00.1375 - Buhl Data Service GmbH)
Steuer 2017 (HKLM-x32\...\{595F1685-D937-4E8D-ACED-DB6F09C945C0}) (Version: 25.00.1359 - Buhl Data Service GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
The 5 Bucks a Day Action Enforcer (HKLM-x32\...\The 5 Bucks a Day Action Enforcer_is1) (Version: - Dennis Becker d.b.a. MDM Sports)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TV-Browser 3.4.4 (HKLM-x32\...\tvbrowser) (Version: 3.4.4 - TV-Browser Team)
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
VdhCoApp 1.0.7 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.22 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.2 - VideoLAN)
WEB.DE MailCheck für Windows (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.7.1.0 - 1&1 Mail & Media GmbH)
WEB.DE Suche (HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\1&1 Mail & Media GmbH Search) (Version: 0.8.0.0 - 1&1 Mail & Media GmbH)
WEB.DE Suche (HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\1&1 Mail & Media GmbH Search) (Version: 0.8.0.0 - 1&1 Mail & Media GmbH)
WEB.DE Suche (HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\1&1 Mail & Media GmbH Search) (Version: 0.8.0.0 - 1&1 Mail & Media GmbH)
WEB.DE Suche (HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\1&1 Mail & Media GmbH Search) (Version: 0.8.0.0 - 1&1 Mail & Media GmbH)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
WinSCP 5.13.1 (HKLM-x32\...\winscp3_is1) (Version: 5.13.1 - Martin Prikryl)
WordExpander (HKLM-x32\...\{F76E834B-64B3-42B2-A2F5-EF254ED651E0}) (Version: 1.5.15 - Bartels Media GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331_Classes\CLSID\{9B7F8E54-2CD5-43A9-A106-79A12EB4EBA3}\InprocServer32 -> C:\Users\Admin\AppData\Local\1&1 Mail & Media GmbH\WEB.DE Suche\Application\WEB.DE_Suche_Proxy.dll (1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1000_Classes\CLSID\{9B7F8E54-2CD5-43A9-A106-79A12EB4EBA3}\InprocServer32 -> C:\Users\Admin\AppData\Local\1&1 Mail & Media GmbH\WEB.DE Suche\Application\WEB.DE_Suche_Proxy.dll (1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\marelro\AppData\Local\GoToMeeting\8569\G2MOutlookAddin64.dll (LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949_Classes\CLSID\{9B7F8E54-2CD5-43A9-A106-79A12EB4EBA3}\InprocServer32 -> C:\Users\marelro\AppData\Local\1&1 Mail & Media GmbH\WEB.DE Suche\Application\WEB.DE_Suche_Proxy.dll (1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1004_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\marelro\AppData\Local\GoToMeeting\8569\G2MOutlookAddin64.dll (LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1004_Classes\CLSID\{9B7F8E54-2CD5-43A9-A106-79A12EB4EBA3}\InprocServer32 -> C:\Users\marelro\AppData\Local\1&1 Mail & Media GmbH\WEB.DE Suche\Application\WEB.DE_Suche_Proxy.dll (1und1 Mail und Media GmbH)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\Nextcloud\shellext\OCContextMenu_x64.dll [2017-11-17] (ownCloud Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {019AE14B-7E2F-411D-9878-230D34982797} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {070F1C63-1F24-4926-8B14-65A13E6933BF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {14A42D47-6BBC-461D-B3CA-81DFC6929F45} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-18] (Dropbox, Inc.)
Task: {14EE1F9C-5723-4853-8DF2-6799D6EC559B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D956C91-AFAA-4C8E-87D7-F4D625B83FCB} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {280C2DAB-8FF6-4F04-B936-81707BD61F79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-18] (Google Inc.)
Task: {2A380370-33A8-43F5-8D27-EFD435CC4DDC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3358A7D6-7CE8-4CB7-9120-ED9534297101} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-26] (Microsoft Corporation)
Task: {35151705-20FF-44C8-9F34-2426806459B4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {3E125E18-1699-40B5-B0DF-0F13CCA16867} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4460FF10-9507-4AD1-BF02-7B89BE0544ED} - System32\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1000 => C:\Users\Admin\AppData\Local\GoToMeeting\8789\g2mupdate.exe [2018-05-13] (LogMeIn, Inc.)
Task: {449AD1E6-6A85-4DD5-8B85-848DC369BBD6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {457C00AB-C0B2-4870-9FC4-D2C9E983062C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {4616C919-F2C4-4258-A056-F6D09B3C2F53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-11] (Microsoft Corporation)
Task: {46E4DE95-D61E-4232-AD7C-3662726BBE69} - System32\Tasks\Kerish Doctor => C:\Program Files (x86)\Kerish Doctor\KerishDoctor.exe [2018-02-19] (Kerish Products)
Task: {47EAEE8E-7264-444C-AB87-20D977794601} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {4AA4E9C6-74EB-4DBE-AB2D-FA08C4AF0033} - System32\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1004 => C:\Users\marelro\AppData\Local\GoToMeeting\8789\g2mupload.exe [2018-05-11] (LogMeIn, Inc.)
Task: {4CB9EE4D-D2C2-4774-8066-D5FAEBB6FECE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D5C814C-25F9-4811-9C1C-A6B9F583B1A5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4DC537AF-DBEC-44FD-9361-54480A7BB542} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {4FC57133-DB4D-42CC-A756-6E1C6A6CBB9E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5148C9EE-D59E-4AB1-B85D-81F568D9FFA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {5ECE578D-3A79-4FE5-847C-4FE52F53102F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67158049-CFC7-49B0-8492-D1E46B76D0BD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6CA6B899-9BD4-4A8D-B176-45B7E80C4019} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-15] (AVAST Software)
Task: {7095EAE4-71BA-4751-9E37-8B1CEA37D33B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73DA72A6-D7AC-4489-928D-BFA983D4C1BE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {761546E0-6CE9-46B5-9C5F-F6FE0BFD4C3A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7690F380-941B-4358-9DB7-1DADA7A42771} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-11] (Microsoft Corporation)
Task: {78482A3C-3693-482B-8A07-8694FECE2B24} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7AB93357-DF04-4C8D-90D7-4BA989888E40} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-11] (Microsoft Corporation)
Task: {8C4C6280-3BAE-40F5-BC68-3F1D5F543EAB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9050CC34-9BC0-428F-95A4-17592412DEB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-11] (Adobe Systems Incorporated)
Task: {9556C1EB-9476-40A1-B494-03AD0AA20A8C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {984734FE-26FB-408C-AAD8-BD6BE57A17B7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9A309903-5EE3-4B7C-BE54-F5A22B959C31} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9F3EC7F2-42F7-4A7E-82B3-4839A1791735} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9F9AAF5D-9186-42DE-A833-8FA16E747E5F} - System32\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1000 => C:\Users\Admin\AppData\Local\GoToMeeting\8789\g2mupload.exe [2018-05-13] (LogMeIn, Inc.)
Task: {A013544B-0C72-4EE5-B899-E545677DE491} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {A1734CA6-9A4B-4298-9F04-1D6ED41C3142} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A371A7EE-B909-40BA-A8D7-1CF1DBE7919F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A5C17909-1248-4107-83A7-6ED14C9E4596} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ADB4B16A-947B-4745-9D1D-3AA951B9159A} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {AF3D95D6-AB51-4D14-A2D8-4BE28FDFC4B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-11] (Microsoft Corporation)
Task: {B046C7E1-B518-4CFA-878F-38C46C6A9F07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B2F92FC5-E2FC-4CD3-A42E-3F5201C4E3AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {BBB3F7AF-AE68-42A9-809E-18B54FCEE3B9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-15] (AVAST Software)
Task: {BC658A1F-59A4-40E9-9180-98DB34CB481E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-26] (Microsoft Corporation)
Task: {C1BC032D-BA94-41AA-84BA-9C88754FEB53} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C30F0124-353E-4E6F-AF8F-0F0C7C8F84D2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CE76B8D5-331F-4558-80B9-DF0CED310152} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {CEE6CE1F-CECA-40E4-A435-154AC3AC969E} - System32\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1004 => C:\Users\marelro\AppData\Local\GoToMeeting\8789\g2mupdate.exe [2018-05-11] (LogMeIn, Inc.)
Task: {D1AFB502-1E48-4166-9EAC-9606506C3A0F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2953084-6AC1-4CD5-BED0-28D8795D36E7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D786D55D-E812-49FE-AC50-26848FC3D491} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB50DEBA-FB1C-49AD-9B23-95251D976F22} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-24] (AVAST Software)
Task: {DB515BF4-B75B-41FA-81A1-A7A1383F6AFE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-18] (Dropbox, Inc.)
Task: {DF7D8DE3-183C-43A9-B956-6AADFE6E144A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E3763D9B-B295-4481-99EC-F2E0C084EC04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-18] (Google Inc.)
Task: {EB5335CD-2EC9-4923-AA12-1E98FB1C145B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-12] (AVAST Software)
Task: {FEBB576B-044A-4109-850A-C4065A2B92EC} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1000.job => C:\Users\Admin\AppData\Local\GoToMeeting\8789\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1004.job => C:\Users\marelro\AppData\Local\GoToMeeting\8789\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1000.job => C:\Users\Admin\AppData\Local\GoToMeeting\8789\g2mupload.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1004.job => C:\Users\marelro\AppData\Local\GoToMeeting\8789\g2mupload.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-02-22 09:23 - 2017-06-07 03:42 - 002197608 _____ () C:\Program Files\Everything\Everything.exe
2016-11-20 22:06 - 2005-04-22 14:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-12-04 14:57 - 2016-02-03 12:33 - 000566440 _____ () C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll
2018-02-23 11:44 - 2018-02-23 11:44 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-11-17 20:46 - 2017-11-17 20:46 - 000061952 _____ () C:\Program Files (x86)\Nextcloud\shellext\OCUtil_x64.dll
2018-03-14 07:06 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 07:06 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-16 06:55 - 2018-03-16 06:55 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-09 06:57 - 2018-03-09 06:57 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-22 06:48 - 2018-03-22 06:48 - 004330496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-03-16 06:55 - 2018-03-16 06:55 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-03-27 14:22 - 2018-03-27 14:22 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-27 14:22 - 2018-03-27 14:22 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-27 14:22 - 2018-03-27 14:22 - 022050304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-27 14:22 - 2018-03-27 14:22 - 002584576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-02 05:45 - 2018-04-26 05:14 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libglesv2.dll
2018-05-02 05:45 - 2018-04-26 05:14 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libegl.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 000477696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-03-02 06:50 - 2018-03-02 06:51 - 059575808 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 13:28 - 2017-10-05 13:29 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-02-19 11:42 - 2018-02-19 11:43 - 000010240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 003741184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-14 11:45 - 2017-12-14 11:45 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 015986688 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-03-02 06:50 - 2018-03-02 06:50 - 003592704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-03-02 06:50 - 2018-03-02 06:50 - 003231232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 001369088 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-19 11:34 - 2018-02-19 11:36 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-02 06:50 - 2018-03-02 06:50 - 000094208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-02-19 11:42 - 2018-02-19 11:43 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 000628736 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 000152064 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-12 13:49 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-12 13:49 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-03-10 06:54 - 2018-03-10 06:54 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-12 01:50 - 2018-05-12 01:50 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-11-20 11:32 - 2017-11-20 11:32 - 002475167 _____ () C:\Program Files (x86)\Nextcloud\libnextcloudsync.dll
2017-01-15 00:59 - 2017-01-15 00:59 - 000097898 _____ () C:\Program Files (x86)\Nextcloud\libgcc_s_sjlj-1.dll
2017-01-15 00:59 - 2017-01-15 00:59 - 001304790 _____ () C:\Program Files (x86)\Nextcloud\libstdc++-6.dll
2017-01-15 02:33 - 2017-01-15 02:33 - 000045475 _____ () C:\Program Files (x86)\Nextcloud\libqt5keychain.dll
2017-11-20 11:31 - 2017-11-20 11:31 - 001531702 _____ () C:\Program Files (x86)\Nextcloud\libocsync.dll
2017-01-15 00:33 - 2017-01-15 00:33 - 000085026 _____ () C:\Program Files (x86)\Nextcloud\zlib1.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 000151691 _____ () C:\Program Files (x86)\Nextcloud\libpcre16-0.dll
2017-01-15 01:27 - 2017-01-15 01:27 - 000362986 _____ () C:\Program Files (x86)\Nextcloud\libharfbuzz-0.dll
2017-01-15 00:36 - 2017-01-15 00:36 - 000207141 _____ () C:\Program Files (x86)\Nextcloud\libpng16-16.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 002449109 _____ () C:\Program Files (x86)\Nextcloud\icui18n56.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 001418957 _____ () C:\Program Files (x86)\Nextcloud\icuuc56.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 000351164 _____ () C:\Program Files (x86)\Nextcloud\libjpeg-8.dll
2017-01-15 00:47 - 2017-01-15 00:47 - 000339690 _____ () C:\Program Files (x86)\Nextcloud\libwebp-5.dll
2017-01-15 00:36 - 2017-01-15 00:36 - 001174014 _____ () C:\Program Files (x86)\Nextcloud\libxml2-2.dll
2017-01-15 01:31 - 2017-01-15 01:31 - 000231124 _____ () C:\Program Files (x86)\Nextcloud\libxslt-1.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 000486390 _____ () C:\Program Files (x86)\Nextcloud\libfreetype-6.dll
2017-01-15 00:37 - 2017-01-15 00:37 - 000710321 _____ () C:\Program Files (x86)\Nextcloud\libsqlite3-0.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 025058941 _____ () C:\Program Files (x86)\Nextcloud\icudata56.dll
2018-05-09 05:47 - 2018-05-04 20:06 - 000863048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-05-09 05:47 - 2018-05-04 20:06 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-09 05:47 - 2018-05-04 20:04 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 001845600 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-05-09 05:47 - 2018-05-04 20:06 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-05-09 05:47 - 2018-05-04 20:04 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-05-09 05:47 - 2018-05-04 20:06 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-05-09 05:47 - 2018-05-04 20:04 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000028000 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-05-09 05:47 - 2018-05-04 20:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-05-09 05:47 - 2018-05-04 20:07 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-05-09 05:47 - 2018-05-04 20:06 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-05-09 05:47 - 2018-05-04 20:09 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-09 05:47 - 2018-05-04 20:09 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-05-09 05:47 - 2018-05-04 20:08 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-09 05:47 - 2018-05-04 20:09 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2009-02-27 17:38 - 2009-02-27 17:38 - 000139264 _____ () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 040622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2014-10-24 21:34 - 2014-10-24 21:34 - 000880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2014-04-25 21:46 - 2014-04-25 21:46 - 000798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2018-03-25 18:21 - 2018-03-25 18:21 - 001452728 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\ClientTelemetry.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Admin\Desktop\Zwischenablage_leeren - Verknüpfung.lnk:com.dropbox.attributes [168]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056181\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056265\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-2369424989-362787197-3549092213-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154057347\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{230F31D0-34E5-427A-B8CD-53D1C1D81C59}] => (Allow) C:\Program Files\ATOMI\Saola\Saola.exe
FirewallRules: [{41AF9295-9238-4924-901C-805AB961CCD8}] => (Allow) C:\Program Files\ATOMI\Saola\Saola.exe
FirewallRules: [{4BFE2807-708D-4892-B255-3BD11F009D6F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3F148A02-3B81-4E22-B5B4-28B386853A3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DC67CDEA-BCF4-4C40-9B65-5F771B4F735F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A9A772FB-0DAB-4501-9833-A275A0CE5A9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D12E56A3-ECCA-4E4D-BAA8-CF77214D2F84}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{948A3620-C9C0-4DA5-A298-0C2C69D6ABD7}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{0855C81F-FE3C-4332-BB32-76F266C5F498}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{B7BEEC23-DD44-416F-A302-B343D44EBE9F}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{639CC35E-23A7-4FD1-BBF2-12DC4C7A97DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E2FAC1B9-0EBF-4B50-B48B-51726B35CFCD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D0C60283-25B7-423C-8847-0B12E689513F}] => (Allow) LPort=54925
FirewallRules: [{20EE77C4-6D10-4F59-AB6D-767B9305B7EB}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe
FirewallRules: [{36BA6630-2E8D-4D1F-9B42-C43A4FA18719}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe
FirewallRules: [{045D5592-4798-4842-A26B-B94AC08B6F36}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{29DDD13D-A7AF-4801-9951-C28FF011250D}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [UDP Query User{FB5791D3-ACD6-4B4B-8362-629B0B89A590}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [TCP Query User{9490CBC0-F5AD-4D78-B1EB-DFD94FF16BCA}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{A0A0E456-F129-4937-BC77-79EED6DDD993}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{73BD4B44-B00B-479A-B3BF-2B5E30AE04A8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{99F336F5-DE14-4DAE-8D0B-491CFC6524AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D9687763-30B3-4C5C-B56E-2DBBBD7A13D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9577080C-BC63-4804-AA5B-C7DF799451E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6F8D1994-F175-4A04-8AA3-B35FD84F71F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{16D4F0D4-82E8-4E42-92FE-837A52961724}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{62A88FB8-DC6C-4D7D-A936-56DE51C78E92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{83EDE131-8043-4255-A782-8E23689A612A}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{F19632EE-2689-477C-B964-F955970D2A49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FCBB0E96-5CCA-4DC4-A07F-3787D6AE8F0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F5619C14-3FC7-4FE2-B86D-87800DF8C2E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BBE478C1-3FDF-4F5D-81B3-46CF27575FF2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
02-05-2018 13:02:00 Geplanter Prüfpunkt
11-05-2018 07:27:26 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/14/2018 03:17:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 02:17:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 01:17:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 12:17:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 11:17:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 10:17:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 09:17:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 08:17:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Systemfehler:
=============
Error: (05/14/2018 03:36:50 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 01:08:22 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 01:08:10 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 11:29:18 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
und der APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
im Anwendungscontainer "Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 10:16:12 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\marelro" (SID: S-1-5-21-2369424989-362787197-3549092213-1004) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
und der APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
im Anwendungscontainer "Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 08:33:24 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\marelro" (SID: S-1-5-21-2369424989-362787197-3549092213-1004) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 04:15:33 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\marelro" (SID: S-1-5-21-2369424989-362787197-3549092213-1004) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
und der APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
im Anwendungscontainer "Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 01:39:37 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
und der APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
im Anwendungscontainer "Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2018-05-14 15:39:40.166
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-14 15:39:40.144
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-13 16:13:45.762
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:44.625
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:26.942
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:20.282
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:11.261
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:09.163
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 15300.85 MB
Verfügbarer physikalischer RAM: 7881.02 MB
Summe virtueller Speicher: 30660.85 MB
Verfügbarer virtueller Speicher: 21328.76 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1862.35 GB) (Free:1473.64 GB) NTFS
Drive e: (INTENSO) (Removable) (Total:3.76 GB) (Free:3.65 GB) FAT32
\\?\Volume{8e2248e4-8b96-4b88-af73-b94874c5d56f}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
\\?\Volume{d954de04-9cd7-41f9-ae3e-485e909ef75c}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: F1D57B10)
Partition: GPT.
========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: EF2425A0)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
14.05.2018, 20:32
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-ThreadsLesestoff:Google Chrome Offensichtlich nutzt du den Browser Chrome von Google. Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren, falls es noch installiert ist. Bitte auch Avast deinstallieren. Wir deinstallieren dann am besten auch gleich weiteren unnötigen oder veralteten Krempel. Falls du unbedingt ein Programm aus der u.g. Liste braucht, dann lass es drauf gib aber kurz ne Info welches und warum. Avast können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.05.2018, 08:36
| #25 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Hallo Cosinus. Wichtige Frage: Muss ich nicht bei dem ESET Onlinescan noch auf "Alle säubern" klicken? (Das habe ich bisher noch nicht gemacht, nur den PC mit diesem Auswahlbild immer angelassen). Nach dem Lesen des von dir verlinkten Artikels über Avast bin ich geradezu entsetzt! Wenn man dann bedenkt, dass jetzt wg. der DSGVO viele sich sowas installieren, um konformer zu sein. Ansonsten bin ich gerade dabei, alles zu deinstallieren, was du genannt hast. Ein Wort zu Chrome: Ich hatte den aus 2 Gründen: a) Für die Fernverbindung zu der Firma, bei der ich angestellt war, sollte ich den nutzen (bin ich seit 1. Mai nicht mehr dort angestellt, also entfällt der Grund jetzt) b) Ich habe Firefox eigentlich als Lieblingsbrowser, allerdings hatte ich da UMatrix installiert, nur hat sich gezeigt, dass trotz aller Geduld beim schrittweisen Freigeben (zu Versuchsgründen bis zu 30 Mal und mehr) ich oft immer noch nicht z. B. ein Video anschauen konnte oder ein Bestellknopf gar nicht zu sehen war), darum war es dann oft leichter, auf Chrome auszuweichen - natürlich nur bei bekannten Seiten wie z.B. bekannte Radiosender (mein Mann hört manchmal Vorträge und es tut sich dann nichts, wenn er auf den Playbutton drückt) Ich werde UMatrix dann vermutlich wieder deinstallieren, um Firefox ohne zu nutzen - oder gibt es ein anderes Add-On, das nicht ganz so schwer zu verstehen/handeln ist? PS: Ich habe gesehen, dass ich hier als offline angezeigt wurde, obwohl ich beim Anmelden ein Häkchen gesetzt habe um angemeldet zu bleiben. Nur um zu sagen, ich hatte da irgendwas nicht im Griff, ich hab die ganze Zeit immer davorgehockt, um zu sehen, wie es weitergeht. Auch deinen Post von gestern abend erst heute morgen gesehen. Nur damit es nicht als mangelndes Interesse rüberkommt! |
|
15.05.2018, 09:18
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Nein du sollst die Anweisungen umsetzen, die ich geschrieben habe! Das mit ESET ist erstmal völlig wumpe! Und das Thema mit dem Browser sollte jetzt nicht ausufern, deinstalliere Chrome einfach und fertig! Hast du jetzt alles deinstalliert was ich aufgelistet habe?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.05.2018, 10:17
| #27 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Jetzt ist alles aus deiner Liste weg, einschließlich Avast. |
|
15.05.2018, 11:03
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads gut  Schädlinge suchen mit Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.05.2018, 11:29
| #29 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Geht leider nicht. Ich bin auf deinen Link gegangen (Filepony) und wollte den Killer downloaden, aber da erscheint jetzt leider: Error: JavaScript must be enabled. Was muss ich jetzt tun? |
|
15.05.2018, 12:25
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Ich weiß nicht wie man so helfen soll. Du schreibst nicht welchen Browser du und wieso du da JavaScript deaktiviert hast! Hast du Google Chrome jetzt weggeschmissen und hast Firefox?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads |
| aktualisieren, anderes, anweisung, avast, benutzerkonten, erfolgreich, escan, fenster, folge, gen, jahre, laptop, logfile, mbam, meldungen, neue, neuen, nichts, plagegeister, probleme, quarantäne, rechner, scan, scans, sekunden, win, win7, windows 10 |
dann auf 
und dann auf 
. 
Linear-Darstellung
