| Delta187 | 04.08.2019 18:16 |
Hallo und danke für die Hilfe.
Adwcleaner vom 04.08. Code:
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-04-2019
# Duration: 00:01:15
# OS: Windows 10 Home
# Scanned: 35815
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1364 octets] - [19/06/2018 13:42:45]
AdwCleaner[C00].txt - [1512 octets] - [19/06/2018 13:42:56]
AdwCleaner[S01].txt - [1364 octets] - [20/06/2018 10:07:10]
AdwCleaner[S02].txt - [2677 octets] - [11/09/2018 16:40:47]
AdwCleaner[C02].txt - [2641 octets] - [11/09/2018 16:41:15]
AdwCleaner[S03].txt - [2117 octets] - [26/07/2019 15:54:55]
AdwCleaner[C03].txt - [2214 octets] - [26/07/2019 15:57:14]
AdwCleaner[S04].txt - [1753 octets] - [26/07/2019 16:30:24]
AdwCleaner[C04].txt - [1941 octets] - [26/07/2019 16:30:43]
AdwCleaner[S05].txt - [2631 octets] - [27/07/2019 16:28:35]
AdwCleaner[C05].txt - [2709 octets] - [27/07/2019 16:29:03]
AdwCleaner[S06].txt - [1997 octets] - [27/07/2019 16:33:47]
AdwCleaner[S07].txt - [2058 octets] - [27/07/2019 16:34:55]
AdwCleaner[S08].txt - [2119 octets] - [27/07/2019 16:35:51]
AdwCleaner[C08].txt - [2307 octets] - [27/07/2019 16:36:21]
AdwCleaner_Debug.log - [26654 octets] - [29/07/2019 17:45:38]
AdwCleaner[S09].txt - [2303 octets] - [29/07/2019 17:46:38]
AdwCleaner[C09].txt - [2559 octets] - [29/07/2019 17:46:56]
AdwCleaner[S10].txt - [2426 octets] - [29/07/2019 18:04:49]
AdwCleaner[S11].txt - [2487 octets] - [03/08/2019 11:11:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S12].txt ##########
Adwcleaner vom 26.07. mit Funden Code:
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-26-2019
# Duration: 00:00:28
# OS: Windows 10 Home
# Scanned: 35810
# Detected: 6
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Chip C:\Users\Wolfi\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Yontoo HKLM\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}
PUP.Optional.Yontoo HKLM\SOFTWARE\Classes\AppID\{238571b1-12e9-411c-8e56-d249dabecdd7}
PUP.Optional.Yontoo HKLM\Software\Wow6432Node\\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}
PUP.Optional.Yontoo HKLM\Software\Wow6432Node\\Classes\AppID\{238571b1-12e9-411c-8e56-d249dabecdd7}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
Preinstalled.HPCleanFLC
AdwCleaner[S00].txt - [1364 octets] - [19/06/2018 13:42:45]
AdwCleaner[C00].txt - [1512 octets] - [19/06/2018 13:42:56]
AdwCleaner[S01].txt - [1364 octets] - [20/06/2018 10:07:10]
AdwCleaner[S02].txt - [2677 octets] - [11/09/2018 16:40:47]
AdwCleaner[C02].txt - [2641 octets] - [11/09/2018 16:41:15]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
Malwarebytes vom 08.04. (ältere Einträge wären in einer ganz großen Datei, die ich zippen müsste) Code:
08/04/19 " 17:51:24.834" 518382578 2e8c 031c INFO LogController CLogController::Start "logcontroller.cpp" 93 "Started logging"
08/04/19 " 17:51:24.835" 518382578 2e8c 031c INFO LogController CLogController::Start "logcontroller.cpp" 95 "Local time zone: 'Mitteleuropäische Sommerzeit' (UTC+02:00)"
08/04/19 " 17:51:24.835" 518382578 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 380 "Service Controller starting controller initialization"
08/04/19 " 17:51:24.851" 518382593 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 381 "Product code MBAM-C"
08/04/19 " 17:51:24.851" 518382593 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 382 "Product version 3.8.3.2965"
08/04/19 " 17:51:24.865" 518382609 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 383 "Product build consumer"
08/04/19 " 17:51:24.866" 518382609 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 384 "OS Version Windows 10 (Build 18362.267)"
08/04/19 " 17:51:24.866" 518382609 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "servicecontrollerimplementation.cpp" 389 "Service start requested with startTray set to: 1"
08/04/19 " 17:51:25.112" 518382859 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "servicecontrollerimplementation.cpp" 2211 "Policies Controller Started"
08/04/19 " 17:51:25.113" 518382859 2e8c 031c INFO LicenseControllerCOM CLicenseController::Start "licensecontroller.cpp" 98 "CLicenseController::Start"
08/04/19 " 17:51:25.259" 518383000 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "servicecontrollerimplementation.cpp" 2241 "License Controller Started"
08/04/19 " 17:51:25.424" 518383171 2e8c 031c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "updatecontrollerimplhelper.cpp" 358 "COMPONENT PACKAGE VERSION: 1.0.613, DB PACKAGE VERSION: 1.0.11768"
08/04/19 " 17:51:25.511" 518383250 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisScheduler::run "irisimpl.cpp" 778 "Waiting 13 minutes before first automatic check for IRIS messages."
08/04/19 " 17:51:25.565" 518383312 2e8c 031c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 5081 "Signature successfully validated"
08/04/19 " 17:51:27.557" 518385296 2e8c 031c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 5085 "DB manifest successfully validated"
08/04/19 " 17:51:27.557" 518385296 2e8c 031c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "updatecontrollerimplhelper.cpp" 5436 "Validated DB manifest - success"
08/04/19 " 17:51:27.557" 518385296 2e8c 031c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetMinSupportedCULevel "updatecontrollerimplhelper.cpp" 6070 "Minimum supported Component (CU) package version is: 1.0.591"
08/04/19 " 17:51:27.557" 518385296 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "servicecontrollerimplementation.cpp" 2298 "Update Controller Started"
08/04/19 " 17:51:27.564" 518385312 2e8c 031c INFO CloudController CCloudController::Start "cloudcontroller.cpp" 101 "CCloudController::Initialize"
08/04/19 " 17:51:27.741" 518385484 2e8c 031c INFO CloudCtrlImpl Initialize "cloudcontrollerimpl.cpp" 58 "CC Initialize called"
08/04/19 " 17:51:27.906" 518385656 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "servicecontrollerimplementation.cpp" 2329 "Cloud Controller Started"
08/04/19 " 17:51:27.941" 518385687 2e8c 031c INFO TelemController CTelemetryController::Start_impl "telemetrycontroller.cpp" 157 "::Initialize"
08/04/19 " 17:51:28.021" 518385765 2e8c 031c INFO TelemCtrlImpl TelemetryControllerImpl::Initialize "telemetrycontrollerimplhelper.cpp" 183 "Telemetry Controller starting up"
08/04/19 " 17:51:28.060" 518385796 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartTelemetryController "servicecontrollerimplementation.cpp" 2390 "Telemetry Controller Started"
08/04/19 " 17:51:28.095" 518385843 2e8c 031c INFO CleanController CCleanController::StartV2 "cleancontroller.cpp" 155 "Initializing CleanController"
08/04/19 " 17:51:28.196" 518385937 2e8c 031c INFO CleanControllerImpl CleanControllerImpl::Start "cleancontrollerimpl.cpp" 121 "Starting Clean Controller Impl"
08/04/19 " 17:51:28.199" 518385937 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "cleancontrollerimpl.cpp" 939 "Initializing system paths and resolving DOR status"
08/04/19 " 17:51:28.231" 518385968 2e8c 031c INFO CleanController CCleanController::StartV2::<lambda_64e8d1e3be2fec2f97b19c80674bd3b7>::operator () "cleancontroller.cpp" 156 "CleanController initialization complete"
08/04/19 " 17:51:28.231" 518385968 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartCleanController "servicecontrollerimplementation.cpp" 2452 "Clean Controller Started"
08/04/19 " 17:51:28.673" 518386421 2e8c 031c INFO SwissarmyDDA DDAInstall "dda.cpp" 255 "Existing driver is not loaded."
08/04/19 " 17:51:28.710" 518386453 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "cleancontrollerimpl.cpp" 959 "Processing pending actions"
08/04/19 " 17:51:28.942" 518386687 2e8c 0bb8 INFO Actions ActionsManager::ProcessPendingActionsAfterReboot "actionsmanager.cpp" 984 "Executing pending post cleanup actions"
08/04/19 " 17:51:28.942" 518386687 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "cleancontrollerimpl.cpp" 1064 "Initializing CLS Engine"
08/04/19 " 17:51:28.951" 518386687 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "cleancontrollerimpl.cpp" 1098 "Initializing swiss army SDK"
08/04/19 " 17:51:29.273" 518387015 2e8c 031c INFO SwissarmyDDA DDAInstall "dda.cpp" 267 "Successfully installed swissarmy driver."
08/04/19 " 17:51:29.273" 518387015 2e8c 031c INFO SwissarmyShim SwissarmyShimImpl::InstallEx "swissarmyshimimpl.cpp" 1743 "Swissarmy was successfully installed. DdaContext (0000025F395FF270), Mode (0), DriverName (MBAMSwissArmy), DeviceFileName (\\.\MBAMSwissArmy), LogFile (), BootStart (false)."
08/04/19 " 17:51:29.316" 518387062 2e8c 0bb8 INFO SwissarmyShim SwissarmyShimImpl::InstallEx "swissarmyshimimpl.cpp" 1743 "Swissarmy was successfully installed. DdaContext (0000025F3965C7E0), Mode (1), DriverName (MBAMSwissArmy), DeviceFileName (\\.\MBAMSwissArmy), LogFile (), BootStart (false)."
08/04/19 " 17:51:29.518" 518387265 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartScanController "servicecontrollerimplementation.cpp" 2482 "Scan Controller Started"
08/04/19 " 17:51:29.793" 518387531 2e8c 031c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::InitializeImpl "rtpcontrollerimplhelper.cpp" 199 "Initializing RtpControllerImpl.dll (3.2.0.478)"
08/04/19 " 17:51:29.835" 518387578 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartRtpController "servicecontrollerimplementation.cpp" 2526 "RTP Controller Started"
08/04/19 " 17:51:29.998" 518387734 2e8c 031c INFO MWACControllerCOM CMWACController::InitializeV2 "mwaccontroller.cpp" 424 "Initializing MWAC Controller"
08/04/19 " 17:51:30.000" 518387750 2e8c 031c INFO MWACControllerCOM CMWACController::InitializeV2::<lambda_983a9b03a5c3133ada8049d97e7a0c35>::operator () "mwaccontroller.cpp" 425 "MWAC Controller initialization complete"
08/04/19 " 17:51:30.083" 518387828 2e8c 13c4 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "mbamshimimpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
08/04/19 " 17:51:30.155" 518387890 2e8c 031c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::Initialize "mwaccontrollerimplhelper.cpp" 485 "Initializing MWACControllerImpl.dll (3.1.0.355)"
08/04/19 " 17:51:29.273" 518387015 0004 1de0 INFO MBAMSwissArmy DriverEntry "swissarmy.c" 172 "MBAMSwissArmy service started. (4.3.0.170)"
08/04/19 " 17:51:35.578" 518393328 2e8c 3084 WARNING MachineID mb::common::system::MachineId::GetHostMachineId2 "machineid.cpp" 293 "uuid is (1F008740-00C6-0400-E736-20CF30773B5B) bios serial number is(System Serial Number)."
08/04/19 " 17:51:35.578" 518393328 2e8c 3084 INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::KeystoneCheck "keystoneimpl.cpp" 134 "Entering KeystoneCheck. Checking with Keystone for licensing status for our installation_token"
08/04/19 " 17:51:36.124" 518393859 2e8c 3084 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::LicenseState "licenseconfighandler.cpp" 1114 "License state changed."
08/04/19 " 17:51:36.124" 518393859 2e8c 3084 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::SendLicenseStateChangedNotification "licenseconfighandler.cpp" 1553 "Called License state changed callback."
08/04/19 " 17:51:36.124" 518393859 2e8c 3084 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::LicenseState "licenseconfighandler.cpp" 1122 "LicenseStateChangedNotification Sent with license state [3]."
08/04/19 " 17:51:36.124" 518393859 2e8c 3084 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::SetReportLicenseState "licenseconfighandler.cpp" 1626 "Setting ReportStateChange flag to (true)."
08/04/19 " 17:51:36.158" 518393906 2e8c 3084 INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::KeystoneCheck "keystoneimpl.cpp" 177 "Successfully checked license with Keystone."
08/04/19 " 17:51:37.083" 518394828 2e8c 0bb8 INFO CleanControllerImpl CleanDBParser::Parse "cleandbparser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
08/04/19 " 17:51:37.087" 518394828 2e8c 0bb8 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "galaxyruleparser.cpp" 2988 "Successfully parsed 309 records."
08/04/19 " 17:51:37.087" 518394828 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "cleancontrollerimpl.cpp" 1145 "Loading Hubble cache"
08/04/19 " 17:51:37.185" 518394921 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "cleancontrollerimpl.cpp" 1172 "Starting white list manager"
08/04/19 " 17:51:37.189" 518394937 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "cleancontrollerimpl.cpp" 1191 "Starting restore engine"
08/04/19 " 17:51:37.189" 518394937 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "cleancontrollerimpl.cpp" 1215 "Initializing Browser SDK"
08/04/19 " 17:51:37.221" 518394968 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "cleancontrollerimpl.cpp" 1261 "Entering into main loop"
08/04/19 " 17:51:38.697" 518396437 2e8c 19f0 INFO MWACShimImpl MwacShimImpl::Initialize "mwacshimimpl.cpp" 357 "Initialize MwacSdkShim (3.1.0.356)"
08/04/19 " 17:51:38.780" 518396531 2e8c 19f0 INFO MWACShimImpl MwacShimImpl::InitializeInternal "mwacshimimpl.cpp" 113 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
08/04/19 " 17:51:38.780" 518396531 2e8c 19f0 INFO MwacLibImpl MWAC_Initialize "mwaclib.cpp" 27 "Initializing Mwac SDK (3.1.0.557)"
08/04/19 " 17:51:39.309" 518397046 2e8c 19f0 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "mwaccontrollerimplhelper.cpp" 976 "Initialization succeeded"
08/04/19 " 17:51:39.311" 518397062 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartMWACController "servicecontrollerimplementation.cpp" 2571 "MWAC Controller Started"
08/04/19 " 17:51:39.467" 518397203 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartArwController "servicecontrollerimplementation.cpp" 2618 "ARW Controller Started"
08/04/19 " 17:51:39.727" 518397468 2e8c 031c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::InitializeV2 "aecontrollerimplhelper.cpp" 302 "Successfully Initialized AeControllerImpl 3.1.0.267"
08/04/19 " 17:51:39.727" 518397468 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartAEController "servicecontrollerimplementation.cpp" 2662 "Anti-Exploit Controller Started"
08/04/19 " 17:51:39.839" 518397578 2e8c 031c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "spcontrollerimplhelper.cpp" 77 "Initializing SPControllerImpl.dll (3.1.0.221)"
08/04/19 " 17:51:40.198" 518397937 2e8c 031c INFO SPSDK SetLogging "selfprotectionuser.cpp" 75 "Start Logging TMF file path C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\sdk\MbamChameleon.tmf"
08/04/19 " 17:51:40.377" 518398125 2e8c 031c INFO SPControllerImpl mb::spcontrollerimpl::SPShimModuleLoader::SPShimSetVerificationMode "spshimmoduleloader.cpp" 445 "verification mode = 0 ."
08/04/19 " 17:51:40.462" 518398203 2e8c 031c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "spcontrollerimplhelper.cpp" 174 "Successfully initialized the SPControllerImpl, spFolderPath=[C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE]."
08/04/19 " 17:51:40.462" 518398203 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "servicecontrollerimplementation.cpp" 2359 "Self-Protection Controller Started"
08/04/19 " 17:51:40.462" 518398203 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "servicecontrollerimplementation.cpp" 2361 "Start Service Controller complete"
08/04/19 " 17:51:40.485" 518398234 2e8c 0c04 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "servicecontrollerimplementation.cpp" 97 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0xa"
08/04/19 " 17:51:39.238" 518396987 0004 32b4 INFO MBAMWebProtection DriverEntry "driver.c" 121 "MBAMWebProtection service started. (3.1.0.276)"
08/04/19 " 17:51:39.240" 518396989 2e8c 25dc INFO MBAMWebProtection DriverDispatchCreate "driver.c" 191 "Client has connected."
08/04/19 " 17:51:42.509" 518400250 2e8c 13c4 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "mbamcoreimpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
08/04/19 " 17:51:48.377" 518406125 2e8c 13c4 INFO RtpShim RtpShimImpl::Install "rtpshimimpl.cpp" 157 "rtp.dll was successfully loaded. rtpPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\rtp.dll>."
08/04/19 " 17:51:48.566" 518406312 2e8c 13c4 WARNING RtpSDK RtpUserImpl::Install "rtpuserimpl.cpp" 123 "Set sample path to C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\RtpDetectionSamples\"
08/04/19 " 17:51:48.588" 518406328 2e8c 13c4 WARNING RtpSDK RtpUserImpl::Start "rtpuserimpl.cpp" 245 "Set sample path in filter driver [C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\RtpDetectionSamples\]"
08/04/19 " 17:51:48.589" 518406328 2e8c 13c4 INFO RtpSDK RtpUserImpl::Start "rtpuserimpl.cpp" 289 "Rtp driver started."
08/04/19 " 17:51:48.589" 518406328 2e8c 13c4 INFO RtpShim RtpShimImpl::Start "rtpshimimpl.cpp" 251 "Rtp successfully started."
08/04/19 " 17:51:48.589" 518406328 2e8c 13c4 WARNING RtpSDK RtpUserImpl::SetGameApp "rtpuserimpl.cpp" 513 "Set/Remove game appin filter driver [] 1"
08/04/19 " 17:51:48.610" 518406359 2e8c 1fd8 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::SetLicenseState "mwaccontrollerimplhelper.cpp" 3309 "Entering SetLicenseState Current State is [Enabled]; New License State is [Trial Expired]"
08/04/19 " 17:51:48.689" 518406437 2e8c 13c4 INFO RtpSDK RtpUserImpl::Stop "rtpuserimpl.cpp" 332 "Rtp driver stopped."
08/04/19 " 17:51:48.689" 518406437 2e8c 13c4 INFO RtpShim RtpShimImpl::Stop "rtpshimimpl.cpp" 263 "Rtp successfully stopped."
08/04/19 " 17:51:49.005" 518406750 2e8c 13c4 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "mbamcoreimpl.cpp" 152 "MBAMCore was successfully shutdown."
08/04/19 " 17:51:48.642" 518406391 2e8c 25dc INFO MBAMWebProtection CSIRPCompleteCanceledIrp "cancelsafeirps.c" 99 "Minimum # of IRPs pending: 502 (of at most 504)"
08/04/19 " 17:51:48.642" 518406391 2e8c 176c INFO MBAMWebProtection CSIRPCompleteCanceledIrp "cancelsafeirps.c" 99 "Minimum # of IRPs pending: 503 (of at most 504)"
08/04/19 " 17:51:48.646" 518406395 2e8c 1c58 INFO MBAMWebProtection DriverDispatchCleanup "driver.c" 203 "Client has disconnected."
08/04/19 " 17:51:48.765" 518406514 0004 2f08 INFO MBAMWebProtection AddressHostFinalize "addresshost.c" 404 "At most 0 'localhost' addresses were used."
08/04/19 " 17:51:48.765" 518406514 0004 2f08 INFO MBAMWebProtection DriverUnload "driver.c" 162 "MBAMWebProtection service stopped."
08/04/19 " 17:51:58.092" 518415828 2e8c 0490 ERROR MachineID mb::common::system::MachineId::GetMemorySerialNumbersInternal "machineid.cpp" 1514 "Error 0 calling Next hr=0x00000001"
08/04/19 " 17:51:58.099" 518415843 2e8c 0490 ERROR MachineID mb::common::system::MachineId::GetMemorySerialNumbersInternal "machineid.cpp" 1514 "Error 0 calling Next hr=0x00000001"
08/04/19 " 17:52:26.962" 518444703 2e8c 1df8 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::StartScan "scanner.cpp" 702 "Starting a Threat scan, clientID = MbamUI, clientType = MBClientFullUI."
08/04/19 " 17:52:26.965" 518444703 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 5081 "Signature successfully validated"
08/04/19 " 17:52:27.522" 518445265 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 5085 "DB manifest successfully validated"
08/04/19 " 17:52:27.522" 518445265 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "updatecontrollerimplhelper.cpp" 5436 "Validated DB manifest - success"
08/04/19 " 17:52:27.523" 518445265 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "updatecontrollerimplhelper.cpp" 687 "DoUpdate - Starting check for updates (manual)"
08/04/19 " 17:52:27.523" 518445265 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "updatecontrollerimplhelper.cpp" 696 "Checking for: Installer=[No], SDK/Ctlr=[No], DB/CLS=[Yes]"
08/04/19 " 17:52:27.524" 518445265 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "updatecontrollerimplhelper.cpp" 1435 "DB/ClsEng package --> [mbam-c.dbcls.64bitv2], current version: [1.0.11768]"
08/04/19 " 17:52:28.042" 518445781 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "updatecontrollerimplhelper.cpp" 1273 "A New version (1.0.11854) of pkg [mbam-c.dbcls.64bitv2] (FULL) is available"
08/04/19 " 17:52:28.043" 518445781 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "updatecontrollerimplhelper.cpp" 702 "Available updates found - beginning download"
08/04/19 " 17:52:43.525" 518461265 2e8c 3388 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "updatecontrollerimplhelper.cpp" 3480 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\dbcls.64bit.full.7z"
08/04/19 " 17:52:43.859" 518461609 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "updatecontrollerimplhelper.cpp" 1756 "Successfully downloaded: mbam-c.dbcls.64bitv2"
08/04/19 " 17:52:44.523" 518462265 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 5081 "Signature successfully validated"
08/04/19 " 17:52:45.117" 518462859 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 5085 "DB manifest successfully validated"
08/04/19 " 17:52:45.117" 518462859 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "updatecontrollerimplhelper.cpp" 5436 "Validated DB manifest - success"
08/04/19 " 17:52:45.715" 518463453 2e8c 0e60 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "mbamshimimpl.cpp" 95 "MBAMCore preparing update"
08/04/19 " 17:52:45.715" 518463453 2e8c 0e60 INFO ActionsShim ActionsShim::PrepareUpdate "actionsshim.cpp" 120 "Starting update of actions"
08/04/19 " 17:52:45.716" 518463453 2e8c 0e60 INFO BrowserSDKShim BrowserSDKShim::PrepareUpdate "browsersdkshim.cpp" 125 "Starting update of browser sdk"
08/04/19 " 17:52:45.835" 518463578 2e8c 0e60 INFO ActionsShim ActionsShim::FinishUpdate "actionsshim.cpp" 131 "Finishing update of actions"
08/04/19 " 17:52:46.016" 518463765 2e8c 0e60 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "mbamshimimpl.cpp" 131 "MBAMCore finishing update"
08/04/19 " 17:52:46.016" 518463765 2e8c 0e60 INFO BrowserSDKShim BrowserSDKShim::FinishUpdate "browsersdkshim.cpp" 154 "Finishing update of browser sdk"
08/04/19 " 17:52:46.166" 518463906 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "updatecontrollerimplhelper.cpp" 2267 "DoFullUpdate was successful."
08/04/19 " 17:52:46.166" 518463906 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "updatecontrollerimplhelper.cpp" 2989 "Successfully updated DB/ClsEng package version to: 1.0.11854"
08/04/19 " 17:52:46.734" 518464484 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "updatecontrollerimplhelper.cpp" 2997 "Set DB version to: 2019.08.04.14"
08/04/19 " 17:52:46.931" 518464671 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessUpdatePackages "updatecontrollerimplhelper.cpp" 1843 "Successfully updated DB from 1.0.11768 to 1.0.11854"
08/04/19 " 17:52:46.931" 518464671 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "updatecontrollerimplhelper.cpp" 756 "Update check is complete."
08/04/19 " 17:52:46.931" 518464671 2e8c 1ad4 INFO CleanControllerImpl CleanDBParser::Parse "cleandbparser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
08/04/19 " 17:52:46.933" 518464671 2e8c 1ad4 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "galaxyruleparser.cpp" 2988 "Successfully parsed 318 records."
08/04/19 " 17:52:54.786" 518472531 2e8c 0b84 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "mbamshimimpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
08/04/19 " 17:53:00.056" 518477796 2e8c 0b84 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "mbamcoreimpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
08/04/19 " 17:53:00.644" 518478390 2e8c 0b84 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "galaxyruleparser.cpp" 2988 "Successfully parsed 63260 records."
08/04/19 " 17:53:00.664" 518478406 2e8c 0b84 INFO MBAMSwissArmy VerifyFile "fileverify.cpp" 634 "Verified MBAM signature on \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
08/04/19 " 17:53:29.650" 518507390 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\WINDOWS\CTREGRUN.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:53:29.653" 518507390 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|05630A6053652D7528572A662FD9C422EB0CAD2D91508CF85748AFE6802C027C' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:53:29.653" 518507390 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\WINDOWS\CTREGRUN.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:53:29.653" 518507390 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\WINDOWS\CTREGRUN.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:53:35.829" 518513578 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\WINDOWS\RUNSERVICE.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:53:35.831" 518513578 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|39AE6E21D116AEC9EA65632F3325E848FFBEC6169A88ADC4814639F97A290D91' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:53:35.831" 518513578 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\WINDOWS\RUNSERVICE.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:53:35.831" 518513578 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\WINDOWS\RUNSERVICE.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:56:25.935" 518683671 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 5081 "Signature successfully validated"
08/04/19 " 17:56:26.549" 518684296 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "updatecontrollerimplhelper.cpp" 5085 "DB manifest successfully validated"
08/04/19 " 17:56:26.549" 518684296 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "updatecontrollerimplhelper.cpp" 5436 "Validated DB manifest - success"
08/04/19 " 17:56:26.550" 518684296 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "updatecontrollerimplhelper.cpp" 687 "DoUpdate - Starting check for updates (automatic)"
08/04/19 " 17:56:26.550" 518684296 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "updatecontrollerimplhelper.cpp" 696 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[No]"
08/04/19 " 17:56:26.551" 518684296 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "updatecontrollerimplhelper.cpp" 1362 "Installer package --> [mbam-c.installer.consumer], current version: [3.8.3]"
08/04/19 " 17:56:26.551" 518684296 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "updatecontrollerimplhelper.cpp" 1401 "SDK/Controller package --> [mbam-c.ctlr.64bitv2], current version: [1.0.613]"
08/04/19 " 17:56:27.058" 518684796 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "updatecontrollerimplhelper.cpp" 730 "Checked for updates - no updates available"
08/04/19 " 17:56:27.058" 518684796 2e8c 0e60 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "updatecontrollerimplhelper.cpp" 756 "Update check is complete."
08/04/19 " 17:57:05.114" 518722859 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::thread::SimpleThreadPool::GrowThreadPool "simplethreadpool.cpp" 222 "FileSignatureVerifier: Growing thread pool"
08/04/19 " 17:57:05.322" 518723062 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|F3FC4068EBB5B8DF9E0F0660D65CC7BCA4B146E04A6E1A72ED4BF6CB74DD4CBA' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:05.323" 518723062 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\PROGRAMDATA\BUHL DATA SERVICE GMBH\WISO STEUER-SPARBUCH\2019\UPDATES\BTSPATCH.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:05.323" 518723062 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\PROGRAMDATA\BUHL DATA SERVICE GMBH\WISO STEUER-SPARBUCH\2019\UPDATES\BTSPATCH.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:07.875" 518725625 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\807cc926b6d011e995cb20cf30773b5b', result=0x800b0003, last error='Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt. (0x800b0003)'"
08/04/19 " 17:57:07.875" 518725625 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|F3FC4068EBB5B8DF9E0F0660D65CC7BCA4B146E04A6E1A72ED4BF6CB74DD4CBA' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:07.875" 518725625 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\807cc926b6d011e995cb20cf30773b5b' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:07.875" 518725625 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\807cc926b6d011e995cb20cf30773b5b' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:40.818" 518758562 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|B0EB08C99504276C20A1682756A4DE376B51CED5B61FFCC42049D4B5496A634D' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:40.818" 518758562 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\APPDATA\ROAMING\FVD DOWNLOADER MODULE\FVD_DOWNLOADER_MODULE.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:40.818" 518758562 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\APPDATA\ROAMING\FVD DOWNLOADER MODULE\FVD_DOWNLOADER_MODULE.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:44.395" 518762140 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\MANUAL_DE_64893225ADBA469EB114F3B2C1FBBA77.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:57:44.395" 518762140 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|96B9394BC5D54FACC9AF576E119F347BDA1610B3469A34C413635EE273062E23' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:44.395" 518762140 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\MANUAL_DE_64893225ADBA469EB114F3B2C1FBBA77.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:44.395" 518762140 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\MANUAL_DE_64893225ADBA469EB114F3B2C1FBBA77.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:44.398" 518762140 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "whitelistmanager.cpp" 217 "Started batch white listing"
08/04/19 " 17:57:46.222" 518763968 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\NEWSHORTCUT7_64893225ADBA469EB114F3B2C1FBBA77.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:57:46.225" 518763968 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\NEWSHORTCUT4_64893225ADBA469EB114F3B2C1FBBA77.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:57:46.228" 518763968 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\MANUAL_FR_64893225ADBA469EB114F3B2C1FBBA77.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:57:46.230" 518763968 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\MANUAL_UK_64893225ADBA469EB114F3B2C1FBBA77.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:57:46.342" 518764078 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\S11LAUNCHER.EXE_64893225ADBA469EB114F3B2C1FBBA77.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\S11LAUNCHER.EXEE_64893225ADBA469EB114F3B2C1FBBA77.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|96B9394BC5D54FACC9AF576E119F347BDA1610B3469A34C413635EE273062E23' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\NEWSHORTCUT7_64893225ADBA469EB114F3B2C1FBBA77.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|96B9394BC5D54FACC9AF576E119F347BDA1610B3469A34C413635EE273062E23' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\NEWSHORTCUT4_64893225ADBA469EB114F3B2C1FBBA77.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|96B9394BC5D54FACC9AF576E119F347BDA1610B3469A34C413635EE273062E23' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\MANUAL_FR_64893225ADBA469EB114F3B2C1FBBA77.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|96B9394BC5D54FACC9AF576E119F347BDA1610B3469A34C413635EE273062E23' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\MANUAL_UK_64893225ADBA469EB114F3B2C1FBBA77.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|B1EC5B23C45C0506B4E3C3B997DEBE3D3BAE533E03A7C01E32C28ABA646E0B7A' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:46.347" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\S11LAUNCHER.EXE_64893225ADBA469EB114F3B2C1FBBA77.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:46.348" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|B1EC5B23C45C0506B4E3C3B997DEBE3D3BAE533E03A7C01E32C28ABA646E0B7A' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:57:46.348" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\S11LAUNCHER.EXEE_64893225ADBA469EB114F3B2C1FBBA77.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:57:46.348" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\NEWSHORTCUT7_64893225ADBA469EB114F3B2C1FBBA77.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:46.348" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\NEWSHORTCUT4_64893225ADBA469EB114F3B2C1FBBA77.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:46.348" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\MANUAL_FR_64893225ADBA469EB114F3B2C1FBBA77.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:46.348" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\MANUAL_UK_64893225ADBA469EB114F3B2C1FBBA77.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:46.348" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\S11LAUNCHER.EXE_64893225ADBA469EB114F3B2C1FBBA77.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:46.348" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\APPDATA\ROAMING\MICROSOFT\INSTALLER\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\S11LAUNCHER.EXEE_64893225ADBA469EB114F3B2C1FBBA77.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:57:46.348" 518764093 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_e6dc6a1b7fc4ce25f691eccc4ec19eda>::operator () "whitelistmanager.cpp" 224 "Completed batch white listing"
08/04/19 " 17:58:22.278" 518800015 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\PROGRAM FILES\ICAROS\ICAROSCONFIG.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:58:22.278" 518800015 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|C1F5AED63A487F43923A7261182BC1D2E3A173A04AC2730CAC00B2228049BA06' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:58:22.278" 518800015 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\PROGRAM FILES\ICAROS\ICAROSCONFIG.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:58:22.278" 518800015 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\PROGRAM FILES\ICAROS\ICAROSCONFIG.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:58:47.441" 518825187 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\be1d2730b6d011e9961e20cf30773b5b', result=0x800b0003, last error='Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt. (0x800b0003)'"
08/04/19 " 17:58:47.441" 518825187 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|73AA371BD1582BBC8822CF541ECFC08719812411695086FBE03D9A26962977BC' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:58:47.441" 518825187 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\be1d2730b6d011e9961e20cf30773b5b' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:58:47.441" 518825187 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\be1d2730b6d011e9961e20cf30773b5b' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:58:49.983" 518827718 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl "filesignatureverifier.cpp" 301 "WinVerifyTrust failed for file='C:\PROGRAM FILES (X86)\PRINTKEY2000\PRINTKEY2000.EXE', result=0x800b0100, last error='Es war keine Signatur im Antragsteller vorhanden. (0x800b0100)'"
08/04/19 " 17:58:49.983" 518827718 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|8054140B8F67E9B0E2AD8ABB7DE6027CAF85DD4A9E1EB9E1EE4350876BCA6356' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 17:58:49.983" 518827718 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\PROGRAM FILES (X86)\PRINTKEY2000\PRINTKEY2000.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 17:58:49.983" 518827718 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\PROGRAM FILES (X86)\PRINTKEY2000\PRINTKEY2000.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 17:58:50.571" 518828313 2e8c 0308 WARNING MBAMSwissArmy HandleIoctlReadFile "ioctl.c" 259 "File (C:\HIBERFIL.SYS) is too large for input/output. (9662140416) bytes"
08/04/19 " 17:58:50.580" 518828322 2e8c 0308 WARNING MBAMSwissArmy HandleIoctlReadFile "ioctl.c" 259 "File (C:\HIBERFIL.SYS) is too large for input/output. (9662140416) bytes"
08/04/19 " 17:58:51.186" 518828928 2e8c 21b4 WARNING MBAMSwissArmy HandleIoctlReadFile "ioctl.c" 259 "File (C:\PAGEFILE.SYS) is too large for input/output. (12884901888) bytes"
08/04/19 " 17:58:51.186" 518828928 2e8c 21b4 WARNING MBAMSwissArmy HandleIoctlReadFile "ioctl.c" 259 "File (C:\PAGEFILE.SYS) is too large for input/output. (12884901888) bytes"
08/04/19 " 18:00:52.075" 518949812 2e8c 1b5c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "rtpcontrollerimplhelper.cpp" 3018 "WscChangeCallback"
08/04/19 " 18:02:31.385" 519049125 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|70D5D4D6B4117825702CE61682A5C6AA8A58CF4B99A12B60D966545DE8680F7A' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 18:02:31.385" 519049125 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\APPDATA\LOCAL\TEMP\VSUSETUP.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 18:02:31.385" 519049125 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\APPDATA\LOCAL\TEMP\VSUSETUP.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 18:02:41.365" 519059109 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "hubblecache.cpp" 244 "Found hash 'shuriken|5D1533CB1BA3516EBADC19E070A3D883A186FB6DAA0F2DABB3559B7E766617E2' in Hubble cache, white list status = 'WhiteListed'"
08/04/19 " 18:02:41.365" 519059109 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "hubblewhitelister.cpp" 245 "Found hash of file 'C:\USERS\WOLFI\DOWNLOADS\ADWCLEANER_7.4.EXE' in Hubble's cache, value = WhiteListed"
08/04/19 " 18:02:41.365" 519059109 2e8c 2338 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "whitelistmanager.cpp" 269 "White list status: File 'C:\USERS\WOLFI\DOWNLOADS\ADWCLEANER_7.4.EXE' (shuriken) => Hubble:WhiteListed"
08/04/19 " 18:04:25.675" 519163421 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 452 "Checking for Iris content files"
08/04/19 " 18:04:25.676" 519163421 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisScheduler::run "irisimpl.cpp" 792 "Checking for message updates from Iris"
08/04/19 " 18:04:25.676" 519163421 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "irisimpl.cpp" 115 "Entering IrisCheck. Checking with Iris for messages."
08/04/19 " 18:04:25.676" 519163421 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 146 "Entering SendIrisRequest with URL (https://iris.mwbsys.com/api/v2/messages/mbam-c/9e36a65ecf13e34ba40f4b66a0a2403f80da97e0?array_compatibility_mode=true)."
08/04/19 " 18:04:25.676" 519163421 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 178 "Sending Request to Iris Server."
08/04/19 " 18:04:26.200" 519163937 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 200 "Response from Iris: {""message_collections"":[]}"
08/04/19 " 18:04:26.200" 519163937 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::SendIrisRequest "irisimpl.cpp" 208 "SendRequest returned with statusCode [200]."
08/04/19 " 18:04:26.200" 519163937 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::ProcessIrisResponse "irisimpl.cpp" 299 "Processing Iris Response..."
08/04/19 " 18:04:26.332" 519164078 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent "irisimpl.cpp" 452 "Checking for Iris content files"
08/04/19 " 18:04:26.333" 519164078 2e8c 30c0 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "irisimpl.cpp" 136 "Successfully checked messages with Iris."
08/04/19 " 18:05:32.880" 519230625 2e8c 0b84 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "mbamcoreimpl.cpp" 152 "MBAMCore was successfully shutdown."
08/04/19 " 18:05:33.058" 519230796 2e8c 0b84 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::PerformScan "scanner.cpp" 1083 "Scan completed."
08/04/19 " 18:05:33.083" 519230828 2e8c 0b84 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "mbamshimimpl.cpp" 95 "MBAMCore preparing update"
08/04/19 " 18:05:33.083" 519230828 2e8c 0b84 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "mbamshimimpl.cpp" 131 "MBAMCore finishing update"
08/04/19 " 18:05:46.682" 519244421 2e8c 23a0 INFO ServiceController CServiceController::Stop "servicecontroller.cpp" 133 "Stop called from an external process"
08/04/19 " 18:05:46.682" 519244421 2e8c 031c INFO ServiceController CServiceController::Stop "servicecontroller.cpp" 139 "Calling stop during shutdown: F"
08/04/19 " 18:05:46.683" 519244421 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 631 "Stopping Service Controller"
08/04/19 " 18:05:46.683" 519244421 2e8c 06f0 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f4ad7235df974f460492e217f7282b2e>::operator () "servicecontrollerimplementation.cpp" 672 "Stopping Self Protection Controller"
08/04/19 " 18:05:46.782" 519244531 2e8c 06f0 INFO SPControllerModuleLoader SPControllerModuleLoader::UnloadImplementation "spcontrollermoduleloader.cpp" 100 "Unloaded the Self-Protection Controller implementation module."
08/04/19 " 18:05:46.782" 519244531 2e8c 06f0 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f4ad7235df974f460492e217f7282b2e>::operator () "servicecontrollerimplementation.cpp" 681 "Successfully stopped Self Protection Controller"
08/04/19 " 18:05:46.783" 519244531 2e8c 3178 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f812cb78af399da66ffa1881b5d05f56>::operator () "servicecontrollerimplementation.cpp" 695 "Stopping Anti-Exploit Controller"
08/04/19 " 18:05:46.783" 519244531 2e8c 0660 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_66dbdae740801cdca3d59e15102ea671>::operator () "servicecontrollerimplementation.cpp" 716 "Stopping ARW Controller"
08/04/19 " 18:05:46.783" 519244531 2e8c 22e4 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_7657e7915e97286d67fb5f5a38de20d4>::operator () "servicecontrollerimplementation.cpp" 734 "Stopping MWAC Controller"
08/04/19 " 18:05:46.783" 519244531 2e8c 2870 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_993b1393dd6a232db312dbcdbffa41cf>::operator () "servicecontrollerimplementation.cpp" 753 "Stopping RTP Controller"
08/04/19 " 18:05:46.784" 519244531 2e8c 2870 ERROR RTPControllerImpl mb::rtpcontrollerimpl::RtpShimModuleLoader::SetScanCallback "rtpshimloader.cpp" 342 "RtpShimSetScanCallback function ptr not set, ignoring call"
08/04/19 " 18:05:46.784" 519244531 2e8c 2870 ERROR RTPControllerImpl mb::rtpcontrollerimpl::RtpShimModuleLoader::SetDoppelCallback "rtpshimloader.cpp" 363 "RtpShimSetDoppelCallback function ptr not set, ignoring call"
08/04/19 " 18:05:46.784" 519244531 2e8c 2870 ERROR RTPControllerImpl mb::rtpcontrollerimpl::RtpShimModuleLoader::SetNotifyCallback "rtpshimloader.cpp" 384 "RtpShimSetNotifyCallback function ptr not set, ignoring call"
08/04/19 " 18:05:46.784" 519244531 2e8c 2870 ERROR RTPControllerImpl mb::rtpcontrollerimpl::RtpShimModuleLoader::IsStarted "rtpshimloader.cpp" 237 "RtpShimIsStarted function ptr not set, ignoring call"
08/04/19 " 18:05:46.784" 519244531 2e8c 2870 ERROR RTPControllerImpl mb::rtpcontrollerimpl::RtpShimModuleLoader::IsInstalled "rtpshimloader.cpp" 178 "RtpShimIsInstalled function ptr not set, ignoring call"
08/04/19 " 18:05:46.784" 519244531 2e8c 2870 ERROR RTPControllerImpl mb::rtpcontrollerimpl::MBAMShimModuleLoader::MBAMShimShutdown "mbamshimmoduleloader.cpp" 171 "Cannot shutdown the shim! MBAMShim is not loaded."
08/04/19 " 18:05:47.864" 519245609 2e8c 22e4 INFO MwacControllerCOM CMwacControllerModuleLoader::UnloadImplementation "mwaccontrollermoduleloader.cpp" 92 "Unloaded the Web Access Controller implementation module."
08/04/19 " 18:05:47.864" 519245609 2e8c 22e4 INFO MWACControllerCOM CMWACController::Stop_impl "mwaccontroller.cpp" 890 "The MWAC Controller impl is unloaded."
08/04/19 " 18:05:47.864" 519245609 2e8c 22e4 INFO MWACControllerCOM CMWACController::StopV2 "mwaccontroller.cpp" 530 "MWAC Controller shutdown complete"
08/04/19 " 18:05:47.909" 519245656 2e8c 22e4 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_7657e7915e97286d67fb5f5a38de20d4>::operator () "servicecontrollerimplementation.cpp" 745 "Successfully stopped MWAC Controller"
08/04/19 " 18:05:47.909" 519245656 2e8c 22e4 INFO MWACControllerCOM CMWACController::StopV2 "mwaccontroller.cpp" 530 "MWAC Controller shutdown complete"
08/04/19 " 18:05:47.953" 519245703 2e8c 3178 INFO AEControllerModuleLoader CAeControllerModuleLoader::UnloadImplementation "aecontrollermoduleloader.cpp" 120 "Unloaded the Anti-Exploit Controller implementation module."
08/04/19 " 18:05:47.984" 519245734 2e8c 2870 INFO RTPControllerCOM CRTPControllerModuleLoader::UnloadImplementation "rtpcontrollermoduleloader.cpp" 132 "Unloaded the RTP Controller implementation module."
08/04/19 " 18:05:47.996" 519245734 2e8c 3178 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f812cb78af399da66ffa1881b5d05f56>::operator () "servicecontrollerimplementation.cpp" 704 "Successfully stopped Anti-Exploit Controller"
08/04/19 " 18:05:47.996" 519245734 2e8c 2870 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_993b1393dd6a232db312dbcdbffa41cf>::operator () "servicecontrollerimplementation.cpp" 762 "Successfully stopped RTP Controller"
08/04/19 " 18:05:47.996" 519245734 2e8c 0660 INFO ArwControllerCOM CArwControllerModuleLoader::UnloadImplementation "arwcontrollermoduleloader.cpp" 90 "Unloaded the Anti-Ransomware Controller implementation module."
08/04/19 " 18:05:47.997" 519245734 2e8c 0660 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_66dbdae740801cdca3d59e15102ea671>::operator () "servicecontrollerimplementation.cpp" 725 "Successfully stopped ARW Controller"
08/04/19 " 18:05:47.997" 519245734 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 804 "Stopping Scan Controller"
08/04/19 " 18:05:48.031" 519245781 2e8c 031c INFO SwissarmyShim SwissarmyShimImpl::UninstallInternal "swissarmyshimimpl.cpp" 1811 "Swissarmy uninstalled. DdaContext (0000025F395FF270)"
08/04/19 " 18:05:48.045" 519245781 2e8c 031c INFO SwissarmyShim SwissarmyShimImpl::Uninstall "swissarmyshimimpl.cpp" 228 "Successfully uninstalled Swissarmy. SwissarmyHandle (395ff270)"
08/04/19 " 18:05:48.068" 519245812 2e8c 031c INFO ScanControllerCOM CScanControllerModuleLoader::UnloadImplementation "scancontrollermoduleloader.cpp" 238 "Unloaded the Scan Controller implementation module."
08/04/19 " 18:05:48.069" 519245812 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 813 "Successfully stopped Scan Controller"
08/04/19 " 18:05:48.069" 519245812 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 820 "Stopping Clean Controller"
08/04/19 " 18:05:48.069" 519245812 2e8c 031c INFO CleanController CCleanController::StopV2 "cleancontroller.cpp" 403 "Shutting down CleanController"
08/04/19 " 18:05:48.069" 519245812 2e8c 031c INFO CleanControllerImpl CleanControllerImpl::StopV2 "cleancontrollerimpl.cpp" 203 "Stopping Clean Controller Impl"
08/04/19 " 18:05:48.469" 519246218 2e8c 0bb8 INFO SwissarmyDDA DDAUnload "dda.cpp" 287 "Swissarmy driver successfully removed."
08/04/19 " 18:05:48.469" 519246218 2e8c 0bb8 INFO SwissarmyShim SwissarmyShimImpl::UninstallInternal "swissarmyshimimpl.cpp" 1811 "Swissarmy uninstalled. DdaContext (0000025F3965C7E0)"
08/04/19 " 18:05:48.496" 519246234 2e8c 0bb8 INFO SwissarmyShim SwissarmyShimImpl::Uninstall "swissarmyshimimpl.cpp" 228 "Successfully uninstalled Swissarmy. SwissarmyHandle (3965c7e0)"
08/04/19 " 18:05:48.545" 519246281 2e8c 0bb8 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop::<lambda_d149009cd54ca66223ce94a08abe5bd9>::operator () "cleancontrollerimpl.cpp" 925 "Exiting CleanControllerImpl::ThreadLoop()"
08/04/19 " 18:05:48.592" 519246328 2e8c 031c INFO CleanController CCleanController::StopV2 "cleancontroller.cpp" 438 "CleanController shutdown complete"
08/04/19 " 18:05:48.593" 519246343 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 830 "Successfully stopped Clean Controller"
08/04/19 " 18:05:48.593" 519246343 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 849 "Stopping Telemetry Controller"
08/04/19 " 18:05:48.765" 519246515 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 858 "Successfully stopped Telemetry Controller"
08/04/19 " 18:05:48.766" 519246515 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 865 "Stopping Cloud Controller"
08/04/19 " 18:05:48.809" 519246546 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 874 "Successfully stopped Cloud Controller"
08/04/19 " 18:05:48.809" 519246546 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 881 "Stopping Update Controller"
08/04/19 " 18:05:48.837" 519246578 2e8c 031c INFO UpdateControllerCOM CUpdateControllerModuleLoader::UnloadImplementation "updatecontrollermoduleloader.cpp" 146 "Unloaded the Update Controller implementation module."
08/04/19 " 18:05:48.837" 519246578 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 890 "Successfully stopped Update Controller"
08/04/19 " 18:05:48.837" 519246578 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 904 "Stopping License Controller"
08/04/19 " 18:05:48.893" 519246640 2e8c 031c INFO LicenseControllerCOM CLicenseControllerModuleLoader::UnloadImplementation "licensecontrollermoduleloader.cpp" 169 "Unloaded the License Controller implementation module."
08/04/19 " 18:05:48.893" 519246640 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 913 "Successfully stopped License Controller"
08/04/19 " 18:05:48.893" 519246640 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 920 "Stopping Policies Controller"
08/04/19 " 18:05:48.960" 519246703 2e8c 031c INFO PoliciesControllerCOM CPoliciesControllerModuleLoader::UnloadImplementation "policiescontrollermoduleloader.cpp" 116 "Unloaded the Policies Controller implementation module."
08/04/19 " 18:05:48.960" 519246703 2e8c 031c INFO PoliciesControllerCOM CPoliciesController::Stop "policiescontroller.cpp" 133 "Policies Controller shutdown complete"
08/04/19 " 18:05:48.960" 519246703 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 929 "Successfully stopped Policies Controller"
08/04/19 " 18:05:48.960" 519246703 2e8c 031c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "servicecontrollerimplementation.cpp" 942 "Service Controller stopped successfully in 2.277 seconds."
08/04/19 " 18:05:48.961" 519246703 2e8c 031c INFO LogController CLogController::Stop "logcontroller.cpp" 192 "Stopping logging"
|
