start CreateRestorePoint: ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation) Task: {0A819DEB-7EF0-4153-BFAB-63FD4B822BB3} - System32\Tasks\Muvotionatfesy Log => C:\Program Files\Ansithershalopy\wudother.exe [2016-09-27] (Glarysoft Ltd) C:\Program Files\Ansithershalopy Task: {852431A2-C6A6-4FA3-8A5D-762B6BA8EA8C} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-04] (Symantec Corporation) Task: {98DE6933-3778-4E83-BB93-E13CC3930F48} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-04] (Symantec Corporation) Task: {99E76259-90CA-40FF-BED6-F019D29A584A} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.11.0.41\WSCStub.exe [2017-10-04] (Symantec Corporation) Task: {DFF313FD-EC61-47F2-A0CC-5D86FFDFD767} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-10-04] (Symantec Corporation) Task: {E5CE32C9-3740-4B4A-B569-1A63EF23E4E4} - System32\Tasks\{310DD241-2D5A-4FB9-B4FF-169FCD5351AB} => C:\Windows\system32\pcalua.exe -a "C:\Users\Glowing Starter\Downloads\ID_CS2_UE_NonRet.exe" -d "C:\Users\Glowing Starter\Downloads" C:\Norman\ FirewallRules: [TCP Query User{D0FFE38F-15CA-4D59-BEC4-2BADC9748DDB}C:\program files\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files\1clickdownload\1clickdownloader.exe FirewallRules: [UDP Query User{4C4DEDE0-A63E-45C6-BDA3-72CD18D54042}C:\program files\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files\1clickdownload\1clickdownloader.exe C:\program files\1clickdownload (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.0.41\ns.exe (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.0.41\ns.exe Winsock: Catalog9 12 C:\Program Files\Ansithershalopy\Proxy32.dll [790016 2016-09-27] () Winsock: Catalog9 13 C:\Program Files\Ansithershalopy\Proxy32.dll [790016 2016-09-27] () Winsock: Catalog9 14 C:\Program Files\Ansithershalopy\Proxy32.dll [790016 2016-09-27] () Winsock: Catalog9 15 C:\Program Files\Ansithershalopy\Proxy32.dll [790016 2016-09-27] () BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation) FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.10.0.85\coFFAddon => niet gevonden C:\ProgramData\Norton CHR Extension: (Norton Security Toolbar) - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-10-04] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.0.41\Exts\Chrome.crx S2 EraserSvc11720; "C:\Program Files\Common Files\Symantec Shared\EENGINE\NS.exe" /h ccCommon [X] C:\Program Files\Common Files\Symantec Shared R1 BHDrvx86; C:\Program Files\Norton Security\NortonData\22.10.0.85\Definitions\BASHDefs\20171023.001\BHDrvx86.sys [1367704 2017-10-11] (Symantec Corporation) C:\Program Files\Norton Security R1 ccSet_NS; C:\Windows\system32\drivers\NS\160B000.029\ccSetx86.sys [147072 2017-10-04] (Symantec Corporation) C:\Windows\system32\drivers\NS\160B000.029\ccSetx86.sys R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [126616 2017-10-19] (Symantec Corporation) R1 IDSVix86; C:\Program Files\Norton Security\NortonData\22.10.0.85\Definitions\IPSDefs\20171024.001\IDSvix86.sys [845976 2017-10-14] (Symantec Corporation) R1 SRTSP; C:\Windows\System32\Drivers\NS\160B000.029\SRTSP.SYS [662688 2017-10-04] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NS\160B000.029\SRTSPX.SYS [41120 2017-10-04] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NS\160B000.029\SYMEFASI.SYS [1393792 2017-10-04] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [89264 2017-08-19] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NS\160B000.029\Ironx86.SYS [241888 2017-10-04] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NS\160B000.029\SYMNETS.SYS [423552 2017-10-04] (Symantec Corporation) C:\Windows\System32\Drivers\NS\160B000.029\SRTSP.SYS C:\Windows\system32\drivers\NS\160B000.029\SRTSPX.SYS C:\Windows\System32\drivers\NS\160B000.029\SYMEFASI.SYS C:\Windows\system32\Drivers\SYMEVENT.SYS C:\Windows\system32\drivers\NS\160B000.029\Ironx86.SYS C:\Windows\System32\Drivers\NS\160B000.029\SYMNETS.SYS EmptyTemp: end