About 6 weeks ago IE became really really slow. Youd be typing and only half the letters would appear with one word mixed with the other half of the next.

The download dialogue box takes about 5 minutes to appear and when it does it invariably freezes and stops responding.

Have run Spybot S&D several times and removes a few basic tracking cookies etc but nothings helped. Have reset internet explorer and to no avail.

It has taken me the past hour to download Tweaking Resistry Backup and Run iT

Have managed to download aswMBR and run it - log below

FRST will not download as when the dialogue finally appears and I press "Run" it keeps coming up with the message "FRST.exe couldn't be downloaded.

When I try to save as - I get " This app could not be run on your PC

Have tried this with 32 bit and 64 bit versions - same with both.

Incidentally I am running Windows 10 32 bit on a x64 based processor.

Any help appreciated.

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2017-10-03 19:58:47
-----------------------------
19:58:47.341 OS Version: Windows 6.2.9200
19:58:47.341 Number of processors: 2 586 0xF0B
19:58:47.356 ComputerName: DESKTOP-2FD7588 UserName: Dad
19:58:55.517 Initialize success
19:58:55.532 VM: initialized successfully
19:58:55.532 VM: Intel CPU BiosDisabled
19:59:12.710 Disk 0 \Device\Harddisk0\DR0 -> \Device\00000020
19:59:12.710 Disk 0 Vendor: WDC_WD5000AVDS-63U7B0 01.00A01 Size: 476940MB BusType: 11
19:59:12.741 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000021
19:59:12.741 Disk 1 Vendor: WDC_WD20EADS-00R6B0 01.00A01 Size: 1907729MB BusType: 11
19:59:13.725 Disk 1 MBR read successfully
19:59:13.725 Disk 1 MBR scan
19:59:13.725 Disk 1 Windows 7 default MBR code
19:59:13.757 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1907276 MB offset 2048
19:59:13.788 Disk 1 Partition 2 00 27 Hidden NTFS WinRE NTFS 450 MB offset 3906105344
19:59:13.835 Disk 1 scanning sectors +3907026944
19:59:14.350 Disk 1 scanning C:\WINDOWS\system32\drivers
19:59:59.589 Service scanning
20:01:03.124 Modules scanning
20:01:03.133 Disk 1 trace - called modules:
20:01:03.183 ntoskrnl.exe CLASSPNP.SYS disk.sys avgSP.sys halmacpi.dll storport.sys storahci.sys dxgkrnl.sys atikmpag.sys atikmdag.sys dxgmms1.sys watchdog.sys partmgr.sys volmgr.sys fvevol.sys iorate.sys volsnap.sys NTFS.sys USBPORT.SYS usbuhci.sys
20:01:03.189 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8d066030]
20:01:03.194 3 avgSP.sys[8830bc35] -> nt!IofCallDriver -> \Device\00000021[0x8cb3c030]
20:01:03.198 Disk 1 statistics 128324/0/0 @ 1.55 MB/s
20:01:03.219 Scan finished successfully
20:03:55.471 Disk 1 MBR has been saved successfully to "C:\Users\Dad\Desktop\MBR.dat"
20:03:55.617 The log file has been saved successfully to "C:\Users\Dad\Desktop\aswMBR.txt"

Can you go to the web site (probably with a different computer) and download to a USB drive?
Then use the USB to see if you can get FRST to run?

Use the same method using an USB to Download Tweaking.com - Windows Repair from Here (http://www.tweaking.com/content/page/windows_repair_all_in_one.html)
OR
Windows Repair (all in one) from here (http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/).


Install and then run the program
Execute the instructions on Step 1 Important
Click Next on Step 2 Optional, do the Pre Scan skip Step 3 and 4 Optional for now.
On Step 5 Backup System Restore Do a Registry backup. When you have completed this click Next
Click Repairs - Open Repairs in the bottom right corner
Uncheck the All repair button then select just the item(s) listed below

01 - Repair Registry Permissions
03 - Reset Service permissions
04 - Register System Files
05 - Repair WMI
06 - Repair Windows Firewall
07 - Repair Internet Explorer
10 - Remove Policies Set By Infections
17 - Repair Windows Updates
19 - Repair Volume Shadow Copy Service
21 - Repair MSI (Windows Installer)
26 - Restore Important Windows Services
27 - Set Windows Service to Default Startup



Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
Please copy and paste the Contents of this file on your next reply.


Restart the computer normally.

~~~
A couple of things to try
Disable your antivirus and attempt to download and run the above tools?
Boot into safe mode?

Let me know how you make out.

Ok I finally got FRST to download and Run (32 bit version) (Disabled Malwarebytes and AVG)

Here's the Log :

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2017 01
Ran by Dad (administrator) on DESKTOP-2FD7588 (04-10-2017 18:56:09)
Running from C:\Users\Dad\Desktop
Loaded Profiles: Dad (Available Profiles: Dad)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\HDD Regenerator\hrsrv.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\Aiseesoft Studio\FoneLab\AppService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Logitech Inc.) C:\Program Files\Logitech\Video\LogiTray.exe
() C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgui.exe
(Insight Software Solutions) C:\Program Files\Keyboard Express 3\keyexp.exe
(Logitech Inc.) C:\Program Files\Logitech\Video\FxSvr2.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x86__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-09-14] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Corel Update Helper] => c:\Program Files\Corel\Corel PaintShop Pro X8\pua.exe [1490888 2015-11-27] (Corel Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [FoneLabAppService] => C:\Program Files\Aiseesoft Studio\FoneLab\AppService.exe [81640 2015-09-18] ()
HKLM\...\Run: [FaxCenterServer] => "C:\Program Files\Dell PC Fax\fm3032.exe" /s
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM\...\Run: [HDD Regenerator] => C:\Program Files\HDD Regenerator\Shell.exe [90336 2013-05-08] ()
HKLM\...\Run: [LogitechVideoRepair] => C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-06-08] (Logitech Inc.)
HKLM\...\Run: [LogitechVideoTray] => C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-06-08] (Logitech Inc.)
HKLM\...\Run: [Monitor] => C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [124544 2016-02-11] (LeapFrog Enterprises, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [289248 2017-09-04] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261432 2017-09-11] (Apple Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Run: [LogitechSoftwareUpdate] => C:\Program Files\Logitech\Video\ManifestEngine.exe [196608 2005-06-08] (Logitech Inc.)
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Policies\Explorer: []
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Keyboard Express 3.lnk [2015-12-10]
ShortcutTarget: Keyboard Express 3.lnk -> C:\Program Files\Keyboard Express 3\keyexp.exe (Insight Software Solutions)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4926ba25-6cf7-4277-9b08-c1ad41a8c60b}: [NameServer] 62.6.40.178,62.6.40.162
Tcpip\..\Interfaces\{4926ba25-6cf7-4277-9b08-c1ad41a8c60b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ae5530b1-4c29-475e-91c1-1e2608f6b211}: [NameServer] 45.32.155.235,108.61.178.207
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-004-752
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={AD1DB690-F951-4B2B-9C85-145BE2B61EF1}&mid=409ad691902747ccb062d15805c271ac-0c7233c5c59cc201da8a7ddd4985513d8e8381be&lang=en&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2015-12-09 02:58:28&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {EFE22B57-9F3C-4B9E-AB38-0368E469796D} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-09-24] (Microsoft Corporation)
BHO: Watch for Browser Events -> {42A7CE31-CEE7-4CCE-A060-A44A7E52E062} -> C:\Program Files\Keyboard Express 3\kie.dll [2009-10-28] (Insight Software Solutions)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-24] (Microsoft Corporation)
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler: WSWSVCUchrome - No CLSID Value -

FireFox:
========
FF DefaultProfile: e4gws394.default
FF ProfilePath: C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\e4gws394.default [2017-10-02]
FF Homepage: Mozilla\Firefox\Profiles\e4gws394.default -> hxxp://www.google.co.uk/
FF Extension: (No Name) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-12] ()
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-31] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [276328 2017-09-04] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5881008 2017-09-04] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-09-14] (AVG Technologies CZ, s.r.o.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4939976 2017-09-08] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-10-04] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1104128 2015-12-10] (Flexera Software LLC)
R2 hddrsrv; C:\Program Files\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4430792 2017-08-07] (Malwarebytes)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [805752 2016-09-14] (Nero AG)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiskx.sys [135872 2017-09-04] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriverx.sys [261128 2017-09-04] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidshx.sys [151024 2017-09-04] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgblogx.sys [270344 2017-09-04] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbunivx.sys [43992 2017-09-04] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [35264 2017-09-04] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [117368 2017-09-04] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [91976 2017-09-04] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [63280 2017-09-04] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [766216 2017-09-04] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [492552 2017-09-04] (AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [140648 2017-09-18] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [290264 2017-09-25] (AVG Technologies CZ, s.r.o.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [30888 2016-12-07] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
S3 FlyUsb; C:\WINDOWS\System32\drivers\FlyUsb.sys [19456 2015-06-04] (LeapFrog)
R3 LVUSBSta; C:\WINDOWS\System32\drivers\LVUSBSta.sys [41888 2015-12-09] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
S3 NuidFltr; C:\WINDOWS\System32\drivers\NuidFltr.sys [44328 2016-04-26] (Microsoft Corporation)
R3 pepifilter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [14112 2015-12-09] (Logitech Inc.)
R3 PID_PEPI; C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [1276832 2015-12-09] (Logitech Inc.)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [23552 2014-08-08] (The OpenVPN Project)
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3245056 2016-07-16] (Realtek Semiconductor Corporation )
R2 SBKUPNT; C:\WINDOWS\system32\Drivers\SBKUPNT.SYS [14976 2001-07-13] () [File not signed]
S0 SI3112r; C:\WINDOWS\System32\drivers\SI3112r.sys [116264 2015-12-09] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\drivers\SiWinAcc.sys [19240 2015-12-09] (Silicon Image, Inc)
S3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable_win7.sys [34024 2015-12-04] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
U3 aswMBR; C:\Users\Dad\AppData\Local\Temp\aswMBR.sys [56704 2017-10-03] () [File not signed]
U3 aswVmm; C:\Users\Dad\AppData\Local\Temp\aswVmm.sys [192224 2017-10-03] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-04 18:56 - 2017-10-04 18:57 - 000017089 _____ C:\Users\Dad\Desktop\FRST.txt
2017-10-04 18:54 - 2017-10-04 18:56 - 000000000 ____D C:\FRST
2017-10-04 18:54 - 2017-10-04 18:54 - 001796096 _____ (Farbar) C:\Users\Dad\Desktop\FRST.exe
2017-10-04 18:46 - 2017-10-04 18:46 - 038257112 _____ (Tweaking.com) C:\Users\Dad\Desktop\tweaking.com_windows_repair_aio_setup.exe
2017-10-03 19:58 - 2017-10-03 19:58 - 000002258 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2017-10-03 19:58 - 2017-10-03 19:58 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-DESKTOP-2FD7588-Windows-10-Pro-(32-bit).dat
2017-10-03 19:58 - 2017-10-03 19:58 - 000000000 ____D C:\RegBackup
2017-10-03 19:58 - 2017-10-03 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2017-10-03 19:57 - 2017-10-03 19:58 - 000017361 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2017-10-03 19:57 - 2017-10-03 19:57 - 000000000 ____D C:\Program Files\Tweaking.com
2017-10-03 19:51 - 2017-10-03 19:51 - 005198336 _____ (AVAST Software) C:\Users\Dad\Desktop\aswMBR.exe
2017-10-03 16:13 - 2017-10-03 20:55 - 001639029 _____ C:\Users\Dad\Desktop\Shed-Store.dwg
2017-09-24 17:41 - 2017-09-24 17:55 - 000000000 ___HD C:\Users\Dad\Desktop\Corel Auto-Preserve
2017-09-21 10:11 - 2017-09-21 10:11 - 000221632 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\081F680A.sys
2017-09-21 09:40 - 2017-09-29 06:20 - 000059904 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-09-21 09:40 - 2017-09-21 09:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-21 09:40 - 2017-09-21 09:40 - 000000000 ____D C:\ProgramData\MB2Migration
2017-09-21 09:40 - 2017-09-21 09:40 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-20 21:18 - 2017-09-20 21:20 - 000000000 ____D C:\Program Files\Tetris Unlimited
2017-09-16 11:29 - 2017-09-16 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-09-16 11:27 - 2017-09-16 11:29 - 000000000 ____D C:\Program Files\iTunes
2017-09-16 11:14 - 2017-09-16 11:14 - 000000000 ____D C:\Program Files\Apple Software Update
2017-09-15 22:14 - 2017-09-15 22:14 - 000000000 ____D C:\Users\Dad\AppData\LocalLow\NoBrakesGames
2017-09-15 21:38 - 2017-09-15 21:38 - 000000000 ____D C:\Users\Dad\AppData\Local\Steam
2017-09-15 21:29 - 2017-10-03 19:19 - 000000000 ____D C:\Program Files\Steam
2017-09-15 21:29 - 2017-09-21 11:02 - 000000000 ____D C:\Program Files\Common Files\Steam
2017-09-15 21:29 - 2017-09-15 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-09-15 00:00 - 2017-09-15 00:00 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Kodi
2017-09-14 23:59 - 2017-09-14 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2017-09-14 23:58 - 2017-09-14 23:59 - 000000000 ____D C:\Program Files\Kodi
2017-09-08 20:42 - 2017-09-08 20:51 - 000000000 ____D C:\Users\Dad\Desktop\The Emoji Movie 2017 XViD NOGrp
2017-09-07 09:57 - 2017-09-07 09:57 - 000000198 ____H C:\Users\Dad\Documents\Drawing1.dwl2
2017-09-07 09:57 - 2017-09-07 09:57 - 000000048 ____H C:\Users\Dad\Documents\Drawing1.dwl
2017-09-04 19:54 - 2017-09-04 19:53 - 000305936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-09-04 10:20 - 2017-09-04 10:20 - 000000000 ____D C:\Users\Default\AppData\Local\AVG
2017-09-04 10:20 - 2017-09-04 10:20 - 000000000 ____D C:\Users\Default User\AppData\Local\AVG

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-03 19:15 - 2016-09-25 20:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-03 19:14 - 2016-07-16 03:22 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-10-03 19:08 - 2017-08-02 21:58 - 000000000 ____D C:\Users\Dad\Desktop\Movies to Merge
2017-10-03 13:50 - 2015-12-10 07:09 - 000000000 ____D C:\Users\Dad\AppData\Roaming\BitComet
2017-10-02 21:00 - 2016-09-25 19:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-01 20:50 - 2015-12-09 03:41 - 000000000 ____D C:\Users\Dad\AppData\Local\ElevatedDiagnostics
2017-09-30 16:36 - 2015-12-10 10:24 - 000000000 ____D C:\Users\Dad\AppData\Local\CrashDumps
2017-09-26 19:05 - 2016-09-28 20:38 - 000000000 ____D C:\AdwCleaner
2017-09-26 17:21 - 2016-11-05 18:05 - 000000000 ___RD C:\Users\Dad\Desktop\Murdo Jr
2017-09-25 19:56 - 2017-04-01 13:10 - 000290264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgvmm.sys
2017-09-24 05:28 - 2016-07-16 09:29 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-24 05:27 - 2016-07-16 09:29 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-24 05:27 - 2015-12-10 11:05 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-24 05:23 - 2015-12-10 10:45 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-24 02:28 - 2015-12-09 03:06 - 000000000 ___RD C:\Users\Dad\Desktop\Murdo
2017-09-22 13:23 - 2016-07-16 09:29 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-22 00:10 - 2016-07-16 09:28 - 000000000 ____D C:\WINDOWS\INF
2017-09-21 19:37 - 2017-02-23 20:45 - 000000000 ____D C:\Users\Dad\AppData\Roaming\vlc
2017-09-21 19:33 - 2016-01-16 21:15 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Anvsoft
2017-09-21 11:00 - 2016-09-25 19:55 - 000000000 ____D C:\Users\Dad
2017-09-21 09:40 - 2016-09-28 09:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-19 14:01 - 2015-12-10 01:32 - 000001254 _____ C:\Users\Dad\Desktop\To Do.txt
2017-09-19 13:31 - 2015-12-09 04:09 - 000000000 ___RD C:\Users\Dad\Desktop\Macleod Bros
2017-09-18 19:56 - 2017-04-01 13:10 - 000140648 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgstm.sys
2017-09-16 11:29 - 2016-12-04 17:09 - 000000000 ____D C:\Program Files\iPod
2017-09-16 11:14 - 2016-01-02 18:40 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-09-15 22:11 - 2016-07-16 09:29 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2017-09-15 13:32 - 2015-12-09 02:16 - 000002361 _____ C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-15 13:32 - 2015-12-09 02:16 - 000000000 ___RD C:\Users\Dad\OneDrive
2017-09-14 08:56 - 2015-12-09 02:09 - 000000000 ____D C:\Users\Dad\AppData\Local\Packages
2017-09-08 16:54 - 2016-07-16 11:18 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2017-09-07 21:43 - 2016-04-26 19:30 - 000000566 _____ C:\WINDOWS\system32\LexFiles.ulf
2017-09-07 21:41 - 2016-09-28 20:37 - 000000000 ____D C:\Users\Dad\AppData\Roaming\AVAST Software
2017-09-07 21:41 - 2015-12-09 03:27 - 000000000 ____D C:\Users\Dad\AppData\Local\AvgSetupLog
2017-09-07 21:30 - 2015-12-10 22:06 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2017-09-05 23:30 - 2017-06-02 18:40 - 000000000 ____D C:\Users\Dad\Desktop\Photos to Merge
2017-09-04 19:57 - 2017-03-07 18:32 - 000000000 ____D C:\ProgramData\KMSAuto
2017-09-04 19:54 - 2017-04-01 13:10 - 000492552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-09-04 19:54 - 2017-04-01 13:10 - 000117368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2017-09-04 19:54 - 2017-04-01 13:10 - 000091976 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2017-09-04 19:54 - 2017-04-01 13:10 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-09-04 19:54 - 2017-04-01 13:10 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-09-04 19:53 - 2017-04-01 13:10 - 000766216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblogx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000261128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriverx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidshx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiskx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbunivx.sys
2017-09-04 19:49 - 2017-03-07 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-09-04 19:49 - 2017-03-07 19:02 - 000000000 ____D C:\Program Files\KMSpico
2017-09-04 10:22 - 2017-04-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

==================== Files in the root of some directories =======

2016-09-20 14:30 - 2016-09-20 14:30 - 000000000 _____ () C:\Users\Dad\AppData\Roaming\1.txt
2016-06-17 07:54 - 2016-06-17 07:54 - 000004436 _____ () C:\Users\Dad\AppData\Roaming\90msp-RKSJ-V
2016-10-10 08:33 - 2016-10-10 08:33 - 000000677 _____ () C:\Users\Dad\AppData\Roaming\adventives.zkh
2016-06-17 07:53 - 2016-06-17 07:53 - 000001196 _____ () C:\Users\Dad\AppData\Roaming\Athens
2016-10-10 08:33 - 2016-10-10 08:33 - 000060457 _____ () C:\Users\Dad\AppData\Roaming\bookmaking.rgj
2016-10-15 14:08 - 2016-10-15 14:33 - 000061134 _____ () C:\Users\Dad\AppData\Roaming\Carney.DLB
2016-06-17 07:53 - 2016-06-17 07:53 - 000001930 _____ () C:\Users\Dad\AppData\Roaming\compare-with-callbacks.js
2015-12-28 20:42 - 2017-02-23 20:35 - 000001043 _____ () C:\Users\Dad\AppData\Roaming\coreavc.ini
2016-06-17 07:53 - 2016-06-17 07:53 - 000003119 _____ () C:\Users\Dad\AppData\Roaming\frnphon.env
2015-12-10 22:45 - 2015-12-10 22:45 - 000000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-11-10 13:36 - 2016-11-10 13:36 - 000000016 _____ () C:\ProgramData\mntemp
2016-11-10 13:36 - 2016-11-10 13:36 - 000004965 _____ () C:\ProgramData\mudtcpaz.vzs

Some files in TEMP:
====================
2016-09-28 00:55 - 2015-01-26 09:09 - 000060296 _____ (Autodesk, Inc.) C:\Users\Dad\AppData\Local\Temp\AcDeltree.exe
2017-09-03 18:55 - 2017-09-03 18:55 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit1224.tmp.exe
2017-09-18 20:15 - 2017-09-18 20:15 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit2F94.tmp.exe
2016-09-27 09:26 - 2016-09-27 09:26 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9653.tmp.exe
2017-08-08 22:00 - 2017-08-08 22:00 - 016742904 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9DE7.tmp.exe
2016-12-04 14:53 - 2016-12-04 14:53 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\BitDE07.tmp.exe
2017-08-20 17:39 - 2016-07-16 09:25 - 000628440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\kernel32.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dad\AppData\Local\Temp\libeay32.dll
2017-07-02 22:14 - 2017-07-02 22:15 - 120455440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\mpam-6b3b5ec6.exe
2016-12-15 07:06 - 2016-12-15 07:06 - 000970912 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\msvcr120.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 000772672 _____ () C:\Users\Dad\AppData\Local\Temp\sqlite3.dll
2016-10-09 15:02 - 2016-10-09 15:02 - 000012288 _____ () C:\Users\Dad\AppData\Local\Temp\TWcKOuHOnezxmjSkVTaA.DLL

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-01 20:49

==================== End of FRST.txt ============================

Run Windows repair all in one as stated

Log

Log:
Tweaking.com - Windows Repair 2018 (v4.0.7)
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 10 Pro
OS Architecture: 32-bit
OS Version: 10.0.14393.187
OS Service Pack:
Computer Name: DESKTOP-2FD7588
Windows Drive: C:\
Windows Path: C:\WINDOWS
Program Files: C:\Program Files
Current Profile: C:\Users\Dad
Current Profile SID: S-1-5-21-1307612883-4072204045-1798725994-1002
Current Profile Classes: S-1-5-21-1307612883-4072204045-1798725994-1002_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\WINDOWS\ServiceProfiles
Local Settings AppData: C:\Users\Dad\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 01 Day 00:25:31

Process Count: 72
Commit Total: 2.38 GB
Commit Limit: 4.26 GB
Commit Peak: 3.61 GB
Handle Count: 39703
Kernel Total: 652.34 MB
Kernel Paged: 429.92 MB
Kernel Non Paged: 222.42 MB
System Cache: 1.20 GB
Thread Count: 1120
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.00 GB
Memory Used: 1.81 GB(60.4209%)
Memory Avail.: 1.19 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.00 GB
Memory Used: 1.51 GB(50.2522%)
Memory Avail.: 1.49 GB
--------------------------------------------------------------------------------

Starting Repairs...
Started at (4/10/17 19:40:52)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 75

01 - Reset Registry Permissions
Restore Windows 7/8/10 Default Registry Permissions
Start (4/10/17 19:40:56)


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\hku.7z
Done, 0.53 seconds.


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\hklm.7z
Done, 24.59 seconds.

Running Repair Under System Account
Done (4/10/17 19:42:41)

03 - Reset Service Permissions
Start (4/10/17 19:42:41)

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:43:03)

04 - Register System Files
Start (4/10/17 19:43:03)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:43:53)

05 - Repair WMI
Start (4/10/17 19:43:53)

Starting Security Center So We Can Export The Security Info.

Exporting Antivirus Info...
Windows Defender Exported.
Malwarebytes Exported.
AVG Antivirus Exported.

Exporting AntiSpyware Info...
Malwarebytes Exported.
Windows Defender Exported.
AVG Antivirus Exported.

Exporting 3rd Party Firewall Info...
No Firewall Products Reported.

Running Repair Under Current User Account
Done (4/10/17 19:52:00)

06 - Repair Windows Firewall
Start (4/10/17 19:52:00)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.2 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:52:50)

07 - Repair Internet Explorer
Start (4/10/17 19:52:50)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:53:49)

10 - Remove Policies Set By Infections
Start (4/10/17 19:53:49)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:53:55)

16 - Repair Windows Updates
Start (4/10/17 19:53:55)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.3 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
Done (4/10/17 19:55:03)

18 - Repair Volume Shadow Copy Service
Start (4/10/17 19:55:03)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.19 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:55:43)

20 - Repair MSI (Windows Installer)
Start (4/10/17 19:55:43)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.48 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:56:01)

25 - Restore Important Windows Services
Start (4/10/17 19:56:01)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.19 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:56:21)

26 - Set Windows Services To Default Startup
Start (4/10/17 19:56:21)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:56:45)

(Disabled Malwarebytes and AVG
When you did this, did you see any difference?

Also, after you ran/used Tweaking.com - Windows Repair. has anything improved?

When Farbar Recovery Scan Tool (FRST) Scan was first used it should had created Addition.txt
Can you locate this and post it in your next reply.

Internet explorer definitely has improved. But even while typing this the word improved just hung at "impro " and then suddenly the rest of the text will just appear.

I'm away until Saturday evening at a family wedding but will respond to further messages on my return - Many Thanks for your help



Here is the Addition.txt file

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2017 01
Ran by Dad (04-10-2017 18:58:50)
Running from C:\Users\Dad\Desktop
Microsoft Windows 10 Pro Version 1607 (X86) (2016-09-25 19:43:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1307612883-4072204045-1798725994-500 - Administrator - Disabled)
Dad (S-1-5-21-1307612883-4072204045-1798725994-1002 - Administrator - Enabled) => C:\Users\Dad
DefaultAccount (S-1-5-21-1307612883-4072204045-1798725994-503 - Limited - Disabled)
Guest (S-1-5-21-1307612883-4072204045-1798725994-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

5KPlayer 4.2 (HKLM\...\5KPlayer_is1) (Version: - DearMob, Inc.)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5002-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.22) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.22 - Adobe Systems Incorporated)
Airfoil (HKLM\...\Airfoil) (Version: 5.1.7 - Rogue Amoeba)
Any Video Converter 5.8.8 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA476373-DAE7-4E51-957A-F43F01D9FACD}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Athentech Perfectly Clear (HKLM\...\_{6CB22877-5117-4C04-84D4-78072AB836FC}) (Version: 1.0.0.122 - Corel Corporation)
Athentech Perfectly Clear (HKLM\...\{6CB22877-5117-4C04-84D4-78072AB836FC}) (Version: 1.0.0.122 - Corel Corporation) Hidden
AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk App Manager 2016 (HKLM\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 32 bit (HKLM\...\{67EA06D3-1863-4E37-A19B-DB56175EAD15}) (Version: 4.35.1742 - Autodesk)
Autodesk Featured Apps 2016 (HKLM\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
AVG (HKLM\...\{1D382E7D-7E8B-4C85-9233-287017A66599}) (Version: 1.211.2 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.6.3029 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.5.160 - AVG Technologies)
BitComet 1.45 (HKLM\...\BitComet) (Version: 1.45 - CometNetwork)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon iP4900 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series) (Version: - Canon Inc.)
Canon iP7200 series On-screen Manual (HKLM\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon iP7200 series User Registration (HKLM\...\Canon iP7200 series User Registration) (Version: - Canon Inc.‎)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CompuApps SwissKnife V3 (HKLM\...\CompuApps SwissKnife V3) (Version: - )
CoreAVC Professional Edition (remove only) (HKLM\...\CoreAVC Professional Edition) (Version: - )
Corel PaintShop Pro X8 (HKLM\...\_{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.2.0.61 - Corel Corporation)
Corel PaintShop Pro X8 (HKLM\...\{8239357B-E792-4EEB-9F8B-F2535730A315}) (Version: 18.0.0.124 - Corel Corporation) Hidden
Creative Audio Control Panel (HKLM\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Sound Blaster Properties (HKLM\...\Creative Sound Blaster Properties) (Version: 1.03 - Creative Technology Limited)
Dolby Digital Live Pack (HKLM\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
DTS Connect Pack (HKLM\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master 12.0 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Fax Solutions (HKLM\...\Dell Fax Solutions) (Version: - Dell, Inc.)
FileZilla Client 3.27.0.1 (HKLM\...\FileZilla Client) (Version: 3.27.0.1 - Tim Kosse)
Findwide Toolbar (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\{D9E0E111-6FB8-48F0-BC95-CF78A7835A84}) (Version: - Freshy) <==== ATTENTION
FMW 1 (HKLM\...\{E2258604-A4CB-4F29-BB9F-58081E193EAA}) (Version: 1.224.4 - AVG Technologies) Hidden
Foxit Advanced PDF Editor 3 (HKLM\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Free FLV to MP4 Converter 1.0.28 (HKLM\...\{B00D1F02-C556-48eb-9DC2-32C778B71CE2}_is1) (Version: 1.0.28 - free-videoconverter)
Google Earth Pro (HKLM\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
HDD Regenerator (HKLM\...\{CC5DA723-D428-40D1-B82B-21EB64B1273C}) (Version: 20.11.0011 - Abstradrome)
Human: Fall Flat (HKLM\...\Steam App 477160) (Version: - No Brakes Games)
ICA (HKLM\...\{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.0.0.124 - Corel Corporation) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IPM_PSP_COM (HKLM\...\{80A28CA4-189A-4EB2-9F76-7845A0A83D2A}) (Version: 18.0.0.124 - Corel Corporation) Hidden
iTunes (HKLM\...\{5D7E7C4A-FA18-4A83-8FBC-D31B115306B2}) (Version: 12.7.0.166 - Apple Inc.)
Keyboard Express 3 (HKLM\...\Keyboard Express 3) (Version: 3.4 - Insight Software Solutions, Inc.)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Kodi (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Kodi) (Version: - XBMC-Foundation)
LeapFrog Connect (HKLM\...\{97CD1D2B-20BD-40E8-825E-B4BDA5071B73}) (Version: 7.0.7.20035 - LeapFrog) Hidden
LeapFrog Connect (HKLM\...\UPCShell) (Version: 7.0.7.20035 - LeapFrog)
LeapFrog Tag Plugin (HKLM\...\{6A04826B-5056-4B0F-BD5B-1F88DCFFD9B5}) (Version: 7.0.6.19846 - LeapFrog) Hidden
Logitech QuickCam Software (HKLM\...\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}) (Version: 8.47.0000 - Logitech, Inc.)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Expression Web (HKLM\...\WebDesigner) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8431.2079 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Movavi Video Converter 17 (HKLM\...\Movavi Video Converter 17) (Version: 17.0.3 - Movavi)
Mozilla Firefox 51.0 (x86 en-GB) (HKLM\...\Mozilla Firefox 51.0 (x86 en-GB)) (Version: 51.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0 - Mozilla)
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
Music Recorder (HKLM\...\{94A4AE85-9F1D-4687-953F-38371C9D1A4F}) (Version: 18.009.0 - Nero AG) Hidden
Nero 2017 (HKLM\...\{6B81BDC4-3368-4898-8F16-48962F789221}) (Version: 18.0.06100 - Nero AG)
Nero BurningROM 2016 (HKLM\...\{FF4B0F4C-80E2-45E4-B7FA-AD6D32B2542A}) (Version: 17.0.00700 - Nero AG)
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0010 - Nero AG)
Octodad - Dadliest Catch (HKLM\...\Octodad - Dadliest Catch_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version: - )
Prerequisite installer (HKLM\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Prerequisite installer (HKLM\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
PSPPContent (HKLM\...\{89E018D8-558F-4051-BB26-64DD9B90DF68}) (Version: 18.0.0.124 - Corel Corporation) Hidden
PSPPHelp (HKLM\...\{88340123-2A5C-48D4-98C1-58C18D12F09C}) (Version: 18.0.0.124 - Corel Corporation) Hidden
Setup (HKLM\...\{8BFA76B5-47DD-4C88-9C9B-7407019F0E13}) (Version: 18.0.0.124 - Corel Corporation) Hidden
Shairport4w (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Shairport4w) (Version: 1.0.8.8 - Frank Friemel)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sugarbox version 0.27 (HKLM\...\{C109A1CE-96CA-4E6A-B43E-018DD4B73BA3}_is1) (Version: 0.27 - Sugarbox)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM\...\TagPlugin) (Version: 7.0.6.19846 - LeapFrog)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Who's You Daddy Alpha version V0.2.0 (HKLM\...\{94FDA70B-B651-40E2-8703-308F448A6A0D}_is1) (Version: V0.2.0 - Joe Williams)
Windows Driver Package - Bose Corporation (usbser) Ports (08/03/2012 1.2.0.0) (HKLM\...\7AFADC17CE5D176C218EB94F26AE53271142A857) (Version: 08/03/2012 1.2.0.0 - Bose Corporation)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.9.8 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-04] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => C:\Windows\System32\WSCM32.dll -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-04] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C6E1A1-CC37-4D97-A93E-A37032689AAA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {077F4C37-C322-4D50-8E94-E2CD3408E2D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-07-31] (Google Inc.)
Task: {0C223F1A-298C-40AA-B3BB-CB6965050067} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-24] ()
Task: {0C23455F-94DE-4964-80A9-A7603EDBB2C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-24] (Microsoft Corporation)
Task: {3A05131B-DD71-4A52-8D85-EDB6650864D0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-24] ()
Task: {3A2A3E98-08E4-4D89-BD96-0ECA42046A3D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {3C8DA9AD-B38F-4E84-A66B-888F411E8D19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-24] (Microsoft Corporation)
Task: {498821DE-0215-404C-ACFB-6BDF64A17EA4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {582C4225-C25A-4072-82E4-544BDF1DD1D9} - System32\Tasks\{7C3C99D2-C6D1-4315-97CD-EA1F44AE6558} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Dad\Desktop\R174616.exe -d C:\Users\Dad\Desktop
Task: {5FD4DA14-8FE7-4F8E-A4CA-F48C145971BF} - System32\Tasks\1215tbUpdateInfo => C:\ProgramData\Avg_Update_1215tb\1215tb_{37D935FE-CFD2-4E91-BA42-3CCDD693D97E}.exe
Task: {7ED68182-568A-4CB4-80FA-EC39C3A1DB67} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {8FD532F9-8588-443A-885D-4DC1FBDACAD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {9564836E-54AE-4FE1-A47F-AA4B0581ED8C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {991558FC-EC88-44A0-B5EB-4F348A73361E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {A6B94F68-5F1D-475F-8090-44C2086F61B4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-22] (@ByELDI)
Task: {C708F0F5-7301-4120-AC9B-F8E61460F878} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {D3B1B61C-929E-4ED1-BC29-FA5EE367DADD} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {E470C9C2-C3B7-441C-B22E-E7607F85025A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-09-04] (AVG Technologies CZ, s.r.o.)
Task: {E8939421-C7E5-42C1-897F-16BE1AEF9BBC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-07-31] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 09:25 - 2016-07-16 09:25 - 000190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 002048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-26 19:31 - 2006-10-06 07:06 - 000045056 _____ () C:\WINDOWS\System32\DLPRMON.DLL
2016-10-05 19:18 - 2016-10-05 19:18 - 000080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-08 14:17 - 2013-05-08 14:17 - 000082144 _____ () C:\Program Files\HDD Regenerator\hrsrv.exe
2015-12-10 22:06 - 2014-05-13 13:04 - 000109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-10 22:06 - 2014-05-13 13:04 - 000167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-10 22:06 - 2014-05-13 13:04 - 000416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-10 22:06 - 2012-08-23 11:38 - 000574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-10 22:06 - 2012-04-03 18:06 - 000565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-08-22 06:05 - 2017-09-24 05:16 - 008928968 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 000109056 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2017-09-04 19:53 - 2017-09-04 19:53 - 000060160 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 000108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 000321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 006726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 001149440 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 000526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 000779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 001741824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 003158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-28 12:49 - 2016-11-28 12:49 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
2016-02-05 02:50 - 2015-09-18 12:28 - 000081640 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\AppService.exe
2016-02-05 02:50 - 2015-09-17 09:55 - 000872448 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\Framework.dll
2016-02-05 02:50 - 2014-09-12 04:11 - 000013824 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\Utility.dll
2016-02-05 02:50 - 2015-06-24 06:53 - 002825216 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\IosDevice.dll
2016-02-05 02:50 - 2011-03-24 09:42 - 000334848 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtXml4.dll
2016-02-05 02:50 - 2011-03-24 09:56 - 007981056 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtGui4.dll
2016-02-05 02:50 - 2011-03-24 09:43 - 000934912 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtNetwork4.dll
2016-02-05 02:50 - 2011-03-24 09:42 - 002145792 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtCore4.dll
2016-02-05 02:50 - 2011-03-24 11:25 - 009843200 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtWebKit4.dll
2016-02-05 02:50 - 2014-09-15 02:51 - 000987136 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\libxml2.dll
2016-02-05 02:50 - 2011-03-24 10:06 - 000232960 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\phonon4.dll
2016-02-05 02:50 - 2011-03-24 10:06 - 002530816 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtXmlPatterns4.dll
2016-02-05 02:50 - 2014-09-15 02:51 - 000077824 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\zlib1.dll
2016-02-05 02:50 - 2014-09-12 04:11 - 000562072 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\SQLite3.dll
2017-07-02 19:48 - 2014-11-18 14:44 - 000255072 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
2017-07-02 19:48 - 2014-02-13 15:27 - 000222792 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\traynet.dll
2017-07-02 19:48 - 2014-02-13 15:27 - 000275528 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\libcurl.dll
2017-07-02 19:48 - 2014-02-13 15:27 - 000113166 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\zlib1.dll
2017-07-02 19:48 - 2014-02-13 15:27 - 000249928 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\uexper.dll
2017-09-04 19:53 - 2017-09-04 19:53 - 000168216 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
2017-07-24 17:43 - 2017-07-24 17:43 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2017-09-04 19:53 - 2017-09-04 19:53 - 000213024 _____ () C:\Program Files\AVG\Antivirus\event_routing_rpc.dll
2017-09-04 19:53 - 2017-09-04 19:53 - 000243080 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
2017-09-27 19:56 - 2017-09-27 19:56 - 000693528 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
2016-08-16 08:36 - 2016-08-16 08:37 - 000017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 08:36 - 2016-08-16 08:37 - 011393536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-16 08:36 - 2016-08-16 08:37 - 000541696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-04 06:37 - 2016-03-04 06:38 - 000180224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-09-28 18:52 - 2016-09-28 18:52 - 002928640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x86__8wekyb3d8bbwe\Calculator.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [314]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7914 more sites.

IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\123simsen.com -> www.123simsen.com

There are 7914 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 09:28 - 2017-08-20 17:31 - 000453327 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15560 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Dad\Desktop\Murdo\Settings\66.jpg
DNS Servers: 62.6.40.178 - 62.6.40.162
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "CTxfiHlp"
HKLM\...\StartupApproved\Run: => "ADSKAppManager"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => " QQPCTray"
HKLM\...\StartupApproved\Run: => "Monitor"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\StartupApproved\StartupFolder: => "produpd.lnk"
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\StartupApproved\Run: => "Akworks"
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\StartupApproved\Run: => "K061WSFDFT"
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\StartupApproved\Run: => "LC3RCYU6XX"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E866ECD1-69DC-4FFD-B2BE-87413CD32304}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{384CF852-664C-4626-9491-FE3B99633E4F}] => (Allow) 㩃啜敳獲䑜摡䅜灰慄慴剜慯業杮獜湳獜癡略⹰硥e
FirewallRules: [{298D0BF0-B2A8-4479-B1FA-DA4029FFB5C9}] => (Allow) 㩃啜敳獲䑜摡䅜灰慄慴剜慯業杮獜湳獜湳攮數
FirewallRules: [{B26A5B77-5993-438D-9DCB-12AF213BA2F8}] => (Allow) C:\Program Files\Dell Photo AIO Printer 922\DLBTaiox.exe
FirewallRules: [{1559CA9B-A7B7-4D0C-9CEC-C19E58EDE5F1}] => (Allow) C:\Program Files\Dell Photo AIO Printer 922\DLBTaiox.exe
FirewallRules: [{71F24588-3D73-45BE-BFE7-727641DE6B79}] => (Allow) C:\Program Files\Dell Photo AIO Printer 922\DLBTmon.exe
FirewallRules: [{90EB0001-7981-43DF-A250-82CE11054C93}] => (Allow) C:\Program Files\Dell Photo AIO Printer 922\DLBTmon.exe
FirewallRules: [{98F5814D-6AF3-4B31-9C41-BF4F50A78DFD}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\dlbtpswx.exe
FirewallRules: [{DDDA3E80-90A6-44BC-B1F9-35D3933B5D23}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\dlbtpswx.exe
FirewallRules: [{70EC6685-EEFF-4E1F-B561-F74DFDC4CA37}] => (Allow) C:\Windows\System32\dlbtcoms.exe
FirewallRules: [{34D4C229-7EF6-4BAD-9282-793DC7C31284}] => (Allow) C:\Windows\System32\dlbtcoms.exe
FirewallRules: [UDP Query User{D444CC20-6351-4AC5-AA0D-365344F482DE}C:\program files\shairport4w\shairport4w.exe] => (Block) C:\program files\shairport4w\shairport4w.exe
FirewallRules: [TCP Query User{6345A0DD-0EF9-4539-BAFE-92F9C8D5ED1C}C:\program files\shairport4w\shairport4w.exe] => (Block) C:\program files\shairport4w\shairport4w.exe
FirewallRules: [{3BA6BB1A-E109-408C-878B-332497B282F8}] => (Allow) C:\Program Files\Shairport4w\Shairport4w.exe
FirewallRules: [{E8B208F2-7F39-4CBA-9619-F83991582257}] => (Allow) C:\Program Files\Shairport4w\Shairport4w.exe
FirewallRules: [UDP Query User{37BF7344-404B-4C0B-930C-A7254FF4868D}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
FirewallRules: [TCP Query User{259C43B6-BB7F-476A-8FF0-085010745D26}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
FirewallRules: [UDP Query User{C4864A50-D644-4B0D-89D9-DB857CDD3539}C:\program files\airfoil\airfoilspeakers.exe] => (Allow) C:\program files\airfoil\airfoilspeakers.exe
FirewallRules: [TCP Query User{E6AD8DD2-0F33-44E0-9859-6ED3D75D76B6}C:\program files\airfoil\airfoilspeakers.exe] => (Allow) C:\program files\airfoil\airfoilspeakers.exe
FirewallRules: [UDP Query User{3F2E22D7-453E-4B58-9389-4F6B2395A194}C:\program files\airfoil\airfoil.exe] => (Allow) C:\program files\airfoil\airfoil.exe
FirewallRules: [TCP Query User{A817DE3B-212E-45F3-A54E-6B84D511966D}C:\program files\airfoil\airfoil.exe] => (Allow) C:\program files\airfoil\airfoil.exe
FirewallRules: [{7A0BD688-D3FF-4DC0-8939-33AFF9F9D2AA}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{5F419906-1DEA-4A6E-AED3-2FA218EA4E64}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{512E1FEF-1DE0-45B7-AC24-11B83ADB1BE2}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{EC220345-D38A-4AAA-9AE7-7216F08BB878}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{4FD8E92A-1EAB-4B3F-9AA0-4641E987D1B7}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{057C92DB-7B3B-4271-9990-92B796A66F60}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{6F93EEA4-C743-420B-A19F-0ECAD9A407F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2350A2A4-BC1F-430F-B8C0-DBEE9F42AB4F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97636684-B561-4880-8D8C-36A8729AFA51}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B464C2BD-C96A-49D6-8BF3-B701E19AF761}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{16EB2B04-0FF9-49BC-8124-D2BF87749A83}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{B0A7B3C4-1268-47A2-B240-70661A64F87B}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{8DD7AEBA-C5E9-45DB-8255-572191793578}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{28CC1F95-D1C5-4B0D-B13F-8207EFB18774}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{317EA138-92F4-40C0-81CF-D295363A6BC4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B226070D-4139-4DF8-9FC2-E2DE3C32BB43}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A934403B-6D6E-4B70-BF91-939B2161138A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A6311737-78A2-4063-A39B-C149FB7143AB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D3187473-A83D-4998-BB21-96593B02DF8D}C:\program files\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files\dearmob\5kplayer\5kplayer.exe
FirewallRules: [UDP Query User{FA948DEC-5361-45E3-86D5-FD8572A7855C}C:\program files\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files\dearmob\5kplayer\5kplayer.exe
FirewallRules: [{8C774F6C-821B-41AD-A212-1D9A03D19A0B}] => (Allow) C:\Program Files\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [{353736F0-2029-4E21-B3BC-B91A73C2A497}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{2075EC3F-4E87-4E5C-8518-316102D6AD4B}] => (Allow) C:\Program Files\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{663ADB34-7BB7-44FB-8C78-F732F5AF087B}] => (Allow) C:\Program Files\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe
FirewallRules: [{98918B9E-279C-47DD-8B88-70090A396749}] => (Allow) C:\Program Files\Nero\Nero 2017\Nero MediaHome\MediaHome.exe
FirewallRules: [{059C96C5-7EE7-4F87-A382-7D9D4323B3E3}] => (Allow) C:\Program Files\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [TCP Query User{E9CF9825-32DE-4E64-8B03-774EE22C2AD4}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{EBF9B98A-BA02-4DAE-8F68-FD771B275FC3}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [{E1F715F2-05DB-4E21-BEB9-9AAA93E35893}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{ABF08258-0271-40A0-85B1-F42845F97D45}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{55D4B5C3-7C2D-40B4-B596-461C5F9880D0}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{517DD9EE-B746-4F9D-85E8-4E373A50EDF9}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1EF6B511-E2BF-43B0-BF52-8F22F0BC88DD}] => (Allow) C:\Program Files\Steam\steamapps\common\Human Fall Flat\Human.exe
FirewallRules: [{D9C76DC8-5EDD-4E56-AED0-D60F390B45E9}] => (Allow) C:\Program Files\Steam\steamapps\common\Human Fall Flat\Human.exe
FirewallRules: [{52A3492C-7478-42A8-9E14-E44F4B9F56A3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C94859F9-4206-4DA6-A051-EB827CAF0438}] => (Allow) C:\Program Files\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{E6FC97E6-9AF1-4243-945D-9D04668C1185}] => (Allow) C:\Program Files\Nero\Nero 2016\Nero Burning ROM\nero.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

14-09-2017 22:08:29 Scheduled Checkpoint
23-09-2017 20:44:09 Scheduled Checkpoint
02-10-2017 20:42:46 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/04/2017 07:01:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Repair_Windows.exe, version: 4.0.0.7, time stamp: 0x59d3abef
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0014ff58
Faulting process id: 0x178
Faulting application start time: 0x01d33d3ac2407e4c
Faulting application path: C:\Program Files\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe
Faulting module path: unknown
Report Id: 5b6b1da8-3874-4305-8cd6-7465c1c43de2
Faulting package full name:
Faulting package-relative application ID:

Error: (10/03/2017 11:59:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoPico.exe, version: 14.0.1.0, time stamp: 0x55aef295
Faulting module name: KERNELBASE.dll, version: 10.0.14393.187, time stamp: 0x57cf9899
Exception code: 0xe0434352
Fault offset: 0x000c2062
Faulting process id: 0x2568
Faulting application start time: 0x01d33c9b3387beec
Faulting application path: C:\Program Files\KMSpico\AutoPico.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: a240fff8-46da-4e60-b4ca-b9a2f3e7f226
Faulting package full name:
Faulting package-relative application ID:

Error: (10/03/2017 11:59:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoPico.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
at System.Management.ManagementObject.InvokeMethod(System.String, System.Management.ManagementBaseObject, System.Management.InvokeMethodOptions)
at AutoPico.Activador.WMI.SoftwareLicensingProduct.Activate()
at ᜎ.ᜀ(AutoPico.Activador.Variables ByRef, System.Collections.Generic.List`1<AutoPico.Activador.WMI.SoftwareLicensingProduct> ByRef)
at AutoPico.Activador.Activador.ᜂ(AutoPico.Activador.Variables ByRef)
at AutoPico.Activador.Activador+ᜀ.ᜂ()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (10/03/2017 08:13:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\LeapFrog\LeapFrog Connect\TagUSBDrivers\DPInst64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/03/2017 08:13:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\LeapFrog\LeapFrog Connect\TagUSBDrivers\DPInst64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/03/2017 08:12:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\EaseUS\EaseUS Partition Master 12.0\BUILDPE\EaseUS-x64\epm\bin\Main.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/03/2017 08:12:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\EaseUS\EaseUS Partition Master 12.0\BUILDPE\EaseUS-x64\epm\bin\Main.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/03/2017 07:20:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 8e0

Start Time: 01d33c741451c600

Termination Time: 32

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 8a9e7353-a867-11e7-945d-001e4fdf241c

Faulting package full name:

Faulting package-relative application ID:

Error: (10/03/2017 07:16:02 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Details:
(HRESULT : 0x80040210) (0x80040210)

Error: (10/02/2017 08:42:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 08:23:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 08:23:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 08:23:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/03/2017 11:59:40 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. The error:
"2"
Happened while starting this command:
C:\WINDOWS\system32\SppExtComObj.exe -Embedding

Error: (10/03/2017 11:59:39 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {3C296D07-90AE-4FAC-86F9-65EAA8B82D22} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
Date: 2017-10-04 18:57:36.620
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-04 18:57:36.616
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-03 20:14:36.180
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-03 20:14:36.177
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:56:28.341
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:56:28.337
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:26:49.613
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:26:49.609
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:26:49.606
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:26:49.602
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 58%
Total physical RAM: 3069.61 MB
Available physical RAM: 1265.42 MB
Total Virtual: 4357.7 MB
Available Virtual: 1956.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.57 GB) (Free:917.64 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive j: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive k: (Music) (Fixed) (Total:224.51 GB) (Free:79.05 GB) NTFS
Drive l: (Old OS Windows 7) (Fixed) (Total:241.15 GB) (Free:112.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D3C687C8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=224.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=241.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: ED56A399)
Partition 1: (Active) - (Size=1862.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Please go to your add/remove programs list, look for and delete
Findwide Toolbar (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\{D9E0E111-6FB8-48F0-BC95-CF78A7835A84}) (Version: - Freshy) <==== ATTENTION
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
KMSpico, This is illegal activation tools for Microsoft Windows and Office products.

~~~~~~~~~~~~~~~~~~`
Start Farbar Recovery Scan Tool (Please double-click on FRST/FRST64) with Administrator privileges

Highlight the below information then hit the Ctrl + C keys at the same time
or Right click/highlight on the text below and select Copy.
beginning with Start:: and finishing with End::


Start::
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Policies\Explorer: []
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={AD1DB690-F951-4B2B-9C85-145BE2B61EF1}&mid=409ad691902747ccb062d15805c271ac-0c7233c5c59cc201da8a7ddd4985513d8e8381be&lang=en&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2015-12-09 02:58:28&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {EFE22B57-9F3C-4B9E-AB38-0368E469796D} URL =
FF Extension: (No Name) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ [not found]
C:\ProgramData\KMSAuto
2017-09-03 18:55 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit1224.tmp.exe
2017-09-18 20:15 - 2017-09-18 20:15 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit2F94.tmp.exe
2016-09-27 09:26 - 2016-09-27 09:26 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9653.tmp.exe
2017-08-08 22:00 - 2017-08-08 22:00 - 016742904 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9DE7.tmp.exe
2016-12-04 14:53 - 2016-12-04 14:53 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\BitDE07.tmp.exe
2017-08-20 17:39 - 2016-07-16 09:25 - 000628440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\kernel32.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dad\AppData\Local\Temp\libeay32.dll
2017-07-02 22:14 - 2017-07-02 22:15 - 120455440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\mpam-6b3b5ec6.exe
2016-12-15 07:06 - 2016-12-15 07:06 - 000970912 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\msvcr120.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 000772672 _____ () C:\Users\Dad\AppData\Local\Temp\sqlite3.dll
2016-10-09 15:02 - 2016-10-09 15:02 - 000012288 _____ () C:\Users\Dad\AppData\Local\Temp\TWcKOuHOnezxmjSkVTaA.DLL
2016-09-28 00:55 - 2015-01-26 09:09 - 000060296 _____ (Autodesk, Inc.) C:\Users\Dad\AppData\Local\Temp\AcDeltree.exe
ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
Task: {A6B94F68-5F1D-475F-8090-44C2086F61B4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-22] (@ByELDI)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [314]
Emptytemp:
End::


Press the Fix button.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
~~

Let's update Malwarebytes Anti-Malware and run a new scan

Open Malwarebytes Anti-Malware
click the Settings tab,at the top choose Protection and tick Scan for rootkits.
Click the Dashboard tab, choose Scan, Threat Scan is checked and click Start Scan.
If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
Upon completion of the scan (or after the reboot), click the Reports tab.
Double-click the Scan Log.
At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

You can access the logs by going in the "Reports" tab, clicking on the latest "Scan" entry (the one with detections), then clicking on the "Export" button in the bottom-left corner and select "Copy to clipboard". After that, all you have to do is paste it here
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

http://i.imgur.com/h3qKPnn.png Malwarebytes AdwCleaner

Please download Malwarebytes AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/dl/125/) and save the file to your Desktop
Right-click AdwCleaner.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Follow the prompts.
Click http://i.imgur.com/A49sxPr.png Scan.
Upon completion, click http://i.imgur.com/6cyn5v5.png Logfile. A log (AdwCleaner[S0].txt) will open. Briefly check the log for anything you know to be legitimate.
Return to AdwCleaner. Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab.
Click Clean.
Follow the prompts and allow your computer to reboot.
After the reboot, a log (AdwCleaner[C0].txt) will open. Copy the contents of the log and paste in your next reply.

[i]-- File, folder and registry backups are made for items removed using this programme. Should a legitimate file, folder or registry item be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[S0].txt.


Please post
Fixlog.txt
Malwarebytes log
AdwCleaner log

Hi There

Tried uninstalling findwide toolbar but get the message that the files cant be found ?

Regarding KMS Pico - Before Removing this - My computers going to be rendered pretty useless I guess if My Windows 10 and Office/Excel are not activated ? Is this program causing an issue ?


Regards

Hi There

Tried uninstalling findwide toolbar but get the message that the files cant be found ?

Regarding KMS Pico - Before Removing this - My computers going to be rendered pretty useless I guess if My Windows 10 and Office/Excel are not activated ? Is this program causing an issue ?


Regards

AutoKMS as all of the KMS activation tools is a cracking utility, this forum cannot support the use of the tool or any other software that is cracked/illegal.
I can help you with your computer now and tell you of our policies but, if you should return and need help again and it is found...
help will be denied.
Also, many sites where this can be downloaded are hacked with malicious code so that makes it risky to say the least.

If you can, just continue with the fix I created and we can look for remnants for findwide toolbar later.

uninstalled KMSPico

Run FRST as stated and here is Fixlog.txt

Fix result of Farbar Recovery Scan Tool (x86) Version: 06-10-2017
Ran by Dad (08-10-2017 12:32:38) Run:1
Running from C:\Users\Dad\Desktop
Loaded Profiles: Dad (Available Profiles: Dad)
Boot Mode: Normal

==============================================

fixlist content:
*****************

CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Policies\Explorer: []
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={AD1DB690-F951-4B2B-9C85-145BE2B61EF1}&mid=409ad691902747ccb062d15805c271ac-0c7233c5c59cc201da8a7ddd4985513d8e8381be&lang=en&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2015-12-09 02:58:28&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {EFE22B57-9F3C-4B9E-AB38-0368E469796D} URL =
FF Extension: (No Name) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ [not found]
C:\ProgramData\KMSAuto
2017-09-03 18:55 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit1224.tmp.exe
2017-09-18 20:15 - 2017-09-18 20:15 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit2F94.tmp.exe
2016-09-27 09:26 - 2016-09-27 09:26 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9653.tmp.exe
2017-08-08 22:00 - 2017-08-08 22:00 - 016742904 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9DE7.tmp.exe
2016-12-04 14:53 - 2016-12-04 14:53 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\BitDE07.tmp.exe
2017-08-20 17:39 - 2016-07-16 09:25 - 000628440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\kernel32.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dad\AppData\Local\Temp\libeay32.dll
2017-07-02 22:14 - 2017-07-02 22:15 - 120455440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\mpam-6b3b5ec6.exe
2016-12-15 07:06 - 2016-12-15 07:06 - 000970912 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\msvcr120.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 000772672 _____ () C:\Users\Dad\AppData\Local\Temp\sqlite3.dll
2016-10-09 15:02 - 2016-10-09 15:02 - 000012288 _____ () C:\Users\Dad\AppData\Local\Temp\TWcKOuHOnezxmjSkVTaA.DLL
2016-09-28 00:55 - 2015-01-26 09:09 - 000060296 _____ (Autodesk, Inc.) C:\Users\Dad\AppData\Local\Temp\AcDeltree.exe
ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
Task: {A6B94F68-5F1D-475F-8090-44C2086F61B4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-22] (@ByELDI)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [314]
Emptytemp:

*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} => key removed successfully.
HKLM\Software\Classes\CLSID\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} => key not found.
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully.
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully.
HKLM\Software\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EFE22B57-9F3C-4B9E-AB38-0368E469796D} => key removed successfully.
HKLM\Software\Classes\CLSID\{EFE22B57-9F3C-4B9E-AB38-0368E469796D} => key not found.
C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ => path removed successfully.
C:\ProgramData\KMSAuto => moved successfully
C:\Users\Dad\AppData\Local\Temp\Bit1224.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\Bit2F94.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\Bit9653.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\Bit9DE7.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\BitDE07.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\kernel32.dll => moved successfully
C:\Users\Dad\AppData\Local\Temp\libeay32.dll => moved successfully
C:\Users\Dad\AppData\Local\Temp\mpam-6b3b5ec6.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\msvcr120.dll => moved successfully
C:\Users\Dad\AppData\Local\Temp\sqlite3.dll => moved successfully
C:\Users\Dad\AppData\Local\Temp\TWcKOuHOnezxmjSkVTaA.DLL => moved successfully
C:\Users\Dad\AppData\Local\Temp\AcDeltree.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
MEGA (Pending) => key removed successfully.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
MEGA (Synced) => key removed successfully.
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
MEGA (Syncing) => key removed successfully.
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => key removed successfully.
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key removed successfully.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => key removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => key removed successfully.
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key not found.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => key removed successfully.
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6B94F68-5F1D-475F-8090-44C2086F61B4} => key not found.
C:\Windows\System32\Tasks\AutoPico Daily Restart => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => key not found.
C:\Windows => ":nlsPreferences" ADS removed successfully..
C:\ProgramData\TEMP => ":B755D674" ADS removed successfully..

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 366045809 B
Java, Flash, Steam htmlcache => 6773249 B
Windows/system/drivers => 12310584 B
Edge => 1768575 B
Chrome => 0 B
Firefox => 15494201 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 23642248 B
NetworkService => 368912110 B
Dad => 3909063805 B

RecycleBin => 0 B
EmptyTemp: => 4.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:49:37 ====


Rebooted system

when I try and open Malwarebytes I get the message "unable to connect the service"

So I uninstalled it - re-downloaded and installed - Still get the same message ??

Doing ADCleaner scan just now will post results after its restart.

# AdwCleaner 7.0.3.1 - Logfile created on Sun Oct 08 12:13:50 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Pro (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\combofix.en.softonic.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\en.softonic.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1215tbUpdateInfo


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [6612 B] - [2016/9/28 19:45:24]
C:/AdwCleaner/AdwCleaner[C10].txt - [2600 B] - [2017/3/7 20:13:30]
C:/AdwCleaner/AdwCleaner[C11].txt - [3207 B] - [2017/7/2 21:25:7]
C:/AdwCleaner/AdwCleaner[C2].txt - [1739 B] - [2016/9/29 17:26:6]
C:/AdwCleaner/AdwCleaner[C3].txt - [1581 B] - [2016/9/29 21:48:44]
C:/AdwCleaner/AdwCleaner[C4].txt - [2296 B] - [2016/10/15 13:21:3]
C:/AdwCleaner/AdwCleaner[C5].txt - [9858 B] - [2016/10/15 13:55:19]
C:/AdwCleaner/AdwCleaner[C6].txt - [2585 B] - [2016/10/15 14:5:6]
C:/AdwCleaner/AdwCleaner[C7].txt - [2147 B] - [2016/10/15 14:55:44]
C:/AdwCleaner/AdwCleaner[C8].txt - [2745 B] - [2016/11/3 17:30:28]
C:/AdwCleaner/AdwCleaner[C9].txt - [2535 B] - [2016/12/21 21:41:3]
C:/AdwCleaner/AdwCleaner[S0].txt - [6165 B] - [2016/9/28 19:42:26]
C:/AdwCleaner/AdwCleaner[S10].txt - [2835 B] - [2016/11/3 17:30:0]
C:/AdwCleaner/AdwCleaner[S11].txt - [2664 B] - [2016/12/21 21:40:28]
C:/AdwCleaner/AdwCleaner[S12].txt - [2735 B] - [2017/3/7 20:12:46]
C:/AdwCleaner/AdwCleaner[S13].txt - [2875 B] - [2017/4/29 11:6:20]
C:/AdwCleaner/AdwCleaner[S14].txt - [2949 B] - [2017/6/17 18:19:53]
C:/AdwCleaner/AdwCleaner[S15].txt - [3061 B] - [2017/7/2 21:21:16]
C:/AdwCleaner/AdwCleaner[S16].txt - [3048 B] - [2017/9/7 20:52:10]
C:/AdwCleaner/AdwCleaner[S17].txt - [2854 B] - [2017/9/26 18:5:5]
C:/AdwCleaner/AdwCleaner[S18].txt - [3379 B] - [2017/10/8 12:10:3]
C:/AdwCleaner/AdwCleaner[S1].txt - [1764 B] - [2016/9/29 17:22:54]
C:/AdwCleaner/AdwCleaner[S2].txt - [1690 B] - [2016/9/29 21:43:41]
C:/AdwCleaner/AdwCleaner[S3].txt - [1614 B] - [2016/9/30 15:43:24]
C:/AdwCleaner/AdwCleaner[S4].txt - [1687 B] - [2016/10/4 10:9:46]
C:/AdwCleaner/AdwCleaner[S5].txt - [2303 B] - [2016/10/15 13:20:28]
C:/AdwCleaner/AdwCleaner[S6].txt - [9689 B] - [2016/10/15 13:54:12]
C:/AdwCleaner/AdwCleaner[S7].txt - [2551 B] - [2016/10/15 14:3:29]
C:/AdwCleaner/AdwCleaner[S8].txt - [2255 B] - [2016/10/15 14:14:10]
C:/AdwCleaner/AdwCleaner[S9].txt - [2344 B] - [2016/10/16 15:50:13]


########## EOF - C:\AdwCleaner\AdwCleaner[C11].txt ##########

also - I am unable to turn on windows security

It's possible you'll need to run
Use the Malwarebytes Clean Uninstall Tool
https://support.malwarebytes.com/docs/DOC-1112

Windows Security Center service can’t be started
http://www.thewindowsclub.com/windows-security-center-service-cant-be-started

How's the computer acting now?

Hi There,

PC is acting much better thanks - download dialogue appears within 30 seconds or so and was ages before.

Still cant get Malware bytyes working - run that uninstall tool and it asked me to restart and it installed the latest version but still the same error when trying to start it.

I think it did a preliminary scan or something and generated a report behind the scenes upon initially installing.

heres the report mb-clean-results.txt

2017-10-08 14:42:10.583 mb-clean:3.1.0.1031 @ Malwarebytes. All rights reserved.
2017-10-08 14:42:11.927 Malwarebytes self-protection module is not installed.
2017-10-08 14:42:11.927 Launching process:"C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" /LOG /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\Dad\AppData\Local\Temp\Mbam3x.log"
2017-10-08 14:44:13.304 Timeout!!!! Kill uninstaller!!!!
2017-10-08 14:44:13.304 >>>>>> Starting 2nd phase cleanup for Malwarebytes version 3.2.2.2029 <<<<<<
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2017-10-08 14:44:13.304 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2017-10-08 14:44:14.570 Trying to delete path C:\ProgramData\Malwarebytes\
2017-10-08 14:44:14.570 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\
2017-10-08 14:44:14.570 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\AeDetections\
2017-10-08 14:44:14.695 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\AeDetections\
2017-10-08 14:44:14.695 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\ArwDetections\
2017-10-08 14:44:14.695 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ArwDetections\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\clean.mbdb
2017-10-08 14:44:14.820 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\config\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\config\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\dbmanifest.dat
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\dynconfig.dat
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\exclusions.txt
2017-10-08 14:44:14.820 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\logs\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\logs\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\mbdigsig.dat
2017-10-08 14:44:14.820 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\
2017-10-08 14:44:15.086 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\001a0d20-a674-11e7-b412-001e4fdf241c.json
2017-10-08 14:44:15.086 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\002606ca-a674-11e7-a7a9-001e4fdf241c.json
2017-10-08 14:44:15.086 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\00869006-a513-11e7-852f-001e4fdf241c.json
2017-10-08 14:44:15.086 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\00b858de-a513-11e7-9808-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\00d2b82c-9f1f-11e7-b9c8-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\00e07444-9f1f-11e7-b18a-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\01333906-a53f-11e7-ac81-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\015bc0f6-a53f-11e7-8d07-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0214e5d0-a50e-11e7-99ee-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0219aa8e-a50e-11e7-a3ac-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\027465b6-a4ee-11e7-a741-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02923cb4-a4a1-11e7-a832-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\029963cc-a4a1-11e7-9416-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\029963ce-a4a1-11e7-85a4-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\029ecb12-a49e-11e7-8fe4-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02ac6fc6-a4a1-11e7-94b3-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02bff816-a4a1-11e7-9d9b-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02d6c468-a49e-11e7-9b6d-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02e9eedc-a4a1-11e7-9fd0-001e4fdf241c.json
2017-10-08 14:44:15.117 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\037dca3a-9f1f-11e7-9a78-001e4fdf241c.json
2017-10-08 14:44:15.117 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0393c3f8-9f1f-11e7-b327-001e4fdf241c.json
2017-10-08 14:44:15.117 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\03f74aa0-a50e-11e7-b307-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\042fe65c-a109-11e7-a222-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\043248b6-a109-11e7-b4c1-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\045150f4-a4ff-11e7-80e9-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\045615b2-a4ff-11e7-b131-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\045d1c36-a4ff-11e7-8f12-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\04aa0bf4-a50e-11e7-96b5-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\04bef3ca-a50e-11e7-a36e-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\04c0b6fc-a53f-11e7-b107-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\05152b64-a50e-11e7-9aec-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0516bc8c-a53f-11e7-8858-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0540915e-a4a1-11e7-9cba-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\055ad064-a4a1-11e7-b31d-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\056e0a8a-a4a1-11e7-8d97-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\05fa7bfe-a4d4-11e7-bdb7-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\060ed61c-a4d4-11e7-aee0-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\061c92d6-a4ff-11e7-8728-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0661b712-a4ff-11e7-b678-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0728742a-a670-11e7-b6a7-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0728742c-a670-11e7-9976-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0791f7b4-a50e-11e7-9153-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\07fa384c-a50e-11e7-be9b-001e4fdf241c.json
2017-10-08 14:44:15.180 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\080a4dbc-a4a1-11e7-b312-001e4fdf241c.json
2017-10-08 14:44:15.180 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0812cfb4-a4a1-11e7-9540-001e4fdf241c.json
2017-10-08 14:44:15.195 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\081a70fc-a4a1-11e7-bda2-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0858b362-a4a1-11e7-87da-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\08b6f58a-a4a1-11e7-8a2a-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\090f2ca0-a4a1-11e7-82ea-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09b2323e-a4ff-11e7-bb3a-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09bee6ca-9ea9-11e7-83bd-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09c2de88-9ea9-11e7-9957-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09c9cc00-a50e-11e7-8921-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09d68e42-9ea9-11e7-ad6c-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a070552-a4ff-11e7-a960-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a855dda-a50e-11e7-9278-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a8ee738-a50e-11e7-b7c8-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a93b2e2-a4ee-11e7-beef-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a961546-a4ee-11e7-8ae5-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0adaea74-a4a1-11e7-8abf-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0ae3e048-9f1f-11e7-8518-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0ae7b0f6-9f1f-11e7-92ce-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0aed1bae-a4a1-11e7-89d9-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0aef2e00-a4f9-11e7-9374-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0af77498-a4f9-11e7-b573-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0af8ad0e-a4f9-11e7-827b-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0bc6cacc-a503-11e7-83b1-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0bcb8f80-a503-11e7-b671-001e4fdf241c.json
2017-10-08 14:44:15.242 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c131a9a-a4e4-11e7-b53d-001e4fdf241c.json
2017-10-08 14:44:15.242 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c131a9c-a4e4-11e7-9869-001e4fdf241c.json
2017-10-08 14:44:15.242 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c157cfe-a4e4-11e7-9bec-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c576536-a50e-11e7-9dda-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c5a7280-a50e-11e7-a649-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c7343d4-a4ee-11e7-af1a-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0ca440ee-a4e7-11e7-901e-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cad1052-a4e7-11e7-b37f-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cb12f16-a4e7-11e7-b679-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cc54b88-a4f9-11e7-869b-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cf4fa90-a4f9-11e7-802f-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cf82172-a4fc-11e7-9f67-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cfa83e0-a4fc-11e7-ad55-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cfce63a-a4fc-11e7-ad35-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0d77aa3e-a50e-11e7-9132-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0dd602fc-a4e4-11e7-b778-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0e0a76ae-a4e4-11e7-a51a-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0e5b3fe6-a4e7-11e7-92d9-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0e9e01d2-a4e7-11e7-8675-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0ecbf3f2-a4fc-11e7-b305-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0f0e1318-a4fc-11e7-b62e-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0fe5829e-a5b0-11e7-a3f4-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0fea475c-a5b0-11e7-871f-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\100b4eb0-a4ee-11e7-8e8d-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\10406d10-a4f9-11e7-9110-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\108d31f4-a4f9-11e7-92c1-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1135a77a-a0c7-11e7-be6e-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\113a9bd8-a49e-11e7-b2b1-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\114d5f52-a49e-11e7-9ff9-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1157085c-a0c7-11e7-a11c-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\116358ac-a49e-11e7-922b-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\117ef97c-a4e4-11e7-9f36-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\118252ca-a49e-11e7-bace-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\118f24ee-a0c7-11e7-abc8-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\119f2a08-a49e-11e7-a932-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\119f7544-a4e4-11e7-ba30-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\11b2642e-a49e-11e7-8cf1-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\120aa474-a4e7-11e7-b316-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1217c448-a0c7-11e7-80bb-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\121eeb56-a0c7-11e7-a958-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\122ad72c-a0c7-11e7-b6bc-001e4fdf241c.json
2017-10-08 14:44:15.320 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1244dbd0-a4e7-11e7-b3e4-001e4fdf241c.json
2017-10-08 14:44:15.320 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1263e3da-a4fc-11e7-b232-001e4fdf241c.json
2017-10-08 14:44:15.320 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1282ffec-a0c7-11e7-9b2e-001e4fdf241c.json
2017-10-08 14:44:15.320 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\12987516-a0c7-11e7-9d23-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\12a1fe88-a0c7-11e7-9851-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\12ae913c-a4fc-11e7-85a2-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1301344e-a4b8-11e7-8ab3-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\13013450-a4b8-11e7-a1d5-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\130396a8-a4b8-11e7-98f2-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\134e90a4-a607-11e7-9b05-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\13557720-a607-11e7-8da2-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1392f3be-a4f6-11e7-a4ac-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1395560e-a4f6-11e7-8622-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\13955610-a4f6-11e7-88ef-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\13ab307e-a50e-11e7-a3f1-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\147dd706-a49e-11e7-84aa-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\148af27e-a49e-11e7-9131-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\14a49562-a49e-11e7-aeda-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\14b42486-a4b8-11e7-827f-001e4fdf241c.json
2017-10-08 14:44:15.367 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\14c452da-a49e-11e7-bad1-001e4fdf241c.json
2017-10-08 14:44:15.414 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\
2017-10-08 14:44:15.430 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\prot.mbdb
2017-10-08 14:44:15.430 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\Quarantine\
2017-10-08 14:44:15.805 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\2576cfd2-a245-11e7-af1f-001e4fdf241c.data
2017-10-08 14:44:15.805 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\2576cfd2-a245-11e7-af1f-001e4fdf241c.quar
2017-10-08 14:44:15.805 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\25a5f09e-a6fc-11e7-bf2e-001e4fdf241c.data
2017-10-08 14:44:15.805 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\25a5f09e-a6fc-11e7-bf2e-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4b080705-a7c5-11e7-bb85-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4b080705-a7c5-11e7-bb85-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bc05ad7-a30e-11e7-bc89-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bc05ad7-a30e-11e7-bc89-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\76519f49-a3d7-11e7-a420-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\76519f49-a3d7-11e7-a420-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\771a4343-a88e-11e7-81bc-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\771a4343-a88e-11e7-81bc-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\7c889397-9f20-11e7-82f3-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\7c889397-9f20-11e7-82f3-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\a7ae68e3-9fe9-11e7-ac72-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\a7ae68e3-9fe9-11e7-ac72-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\b58be137-a4a0-11e7-994b-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\b58be137-a4a0-11e7-994b-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\cf9d9c63-a569-11e7-8cdc-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\cf9d9c63-a569-11e7-8cdc-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\cfa141a3-a0b2-11e7-8f8d-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\cfa141a3-a0b2-11e7-8f8d-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\f5704b3d-a632-11e7-a7ed-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\f5704b3d-a632-11e7-a7ed-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\fa0ab7ed-a17b-11e7-8541-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\fa0ab7ed-a17b-11e7-8541-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\rdefs.mbdb
2017-10-08 14:44:15.836 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\25746d78-a245-11e7-96b1-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\25a2bc4e-a6fc-11e7-ac76-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4b080704-a7c5-11e7-8b45-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bc05ad6-a30e-11e7-a4fc-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\76519f48-a3d7-11e7-a1af-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\771a4342-a88e-11e7-9e3a-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\7c889396-9f20-11e7-8ff8-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\a7ae68e2-9fe9-11e7-bb00-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\b58be136-a4a0-11e7-801b-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\cf9d9c62-a569-11e7-aa98-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\cfa141a2-a0b2-11e7-a70d-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\f5704b3c-a632-11e7-a5e6-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\fa0ab7ec-a17b-11e7-8c1b-001e4fdf241c.json
2017-10-08 14:44:15.961 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\
2017-10-08 14:44:15.961 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\rules.mbdb
2017-10-08 14:44:15.961 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\scan.mbdb
2017-10-08 14:44:15.961 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\ScanResults\
2017-10-08 14:44:15.992 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\1e74acf1-a8a7-11e7-aa91-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\22d4db0a-a3f0-11e7-8788-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\24a36deb-9f39-11e7-8a92-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\4d42e110-a4b9-11e7-b73e-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\4ec3c7cc-a002-11e7-8f48-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\74b5aedf-a582-11e7-a797-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\76368474-a0cb-11e7-badf-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\9f1ad48c-a64b-11e7-b99f-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\a0aa967c-a194-11e7-a440-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\c9ed175a-a714-11e7-a86d-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\cb43f3a1-a25d-11e7-990b-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\f23d0a22-9ea8-11e7-b861-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\f3edcd82-a7dd-11e7-82b3-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\f5713498-a326-11e7-9473-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\tids.mbdb
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\wprot.mbdb
2017-10-08 14:44:16.023 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\
2017-10-08 14:44:16.023 Trying to delete file or folder: C:\ProgramData\Malwarebytes\
2017-10-08 14:44:16.023 Trying to delete file or folder: C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-08 14:44:16.023 Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2017-10-08 14:44:16.023 Trying to delete file or folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk
2017-10-08 14:44:16.086 Trying to delete file or folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk
2017-10-08 14:44:16.086 Trying to delete file or folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2017-10-08 14:44:16.102 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\7z.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Actions.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ActionsShim.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\AEControllerImpl.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\AeShim.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ArwControllerImpl.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\arwlib.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ArwSdkShim.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\changes.txt
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll
2017-10-08 14:44:16.133 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\iconengines\
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\iconengines\
2017-10-08 14:44:16.133 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\imageformats\
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qdds.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qgif.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qicns.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qjpeg.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtga.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtiff.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwbmp.dll
2017-10-08 14:44:16.148 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwebp.dll
2017-10-08 14:44:16.148 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\
2017-10-08 14:44:16.148 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Languages\
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_bg.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_cs.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_da.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_de.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_en_GB.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_en_US.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_es.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_fi.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_fr.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_hr.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_hu.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_it.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ja.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ko.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_nl.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_no.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pl.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pt_BR.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pt_PT.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ro.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ru.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sk.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sl.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sv.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_zh_TW.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\libeay32.dll
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbae-api-na.dll
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbae.dll
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MBAMCore.dll
2017-10-08 14:44:16.227 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe
2017-10-08 14:44:16.227 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MBAMShim.dll
2017-10-08 14:44:16.227 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2017-10-08 14:44:16.227 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
2017-10-08 14:44:16.227 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe, reason:(Access is denied.(error=5))
2017-10-08 14:44:16.227 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe on reboot
2017-10-08 14:44:16.242 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\msvcp120.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\msvcr120.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MWACControllerImpl.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MwacLib.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MwacSdkShim.dll
2017-10-08 14:44:16.258 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\platforms\
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\platforms\
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
2017-10-08 14:44:16.258 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\
2017-10-08 14:44:16.258 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\
2017-10-08 14:44:16.258 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\
2017-10-08 14:44:16.274 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\plugins.qmltypes
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmldir
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\
2017-10-08 14:44:16.305 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\plugins.qmltypes
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmldir
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2017-10-08 14:44:16.430 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2017-10-08 14:44:16.430 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQml\
2017-10-08 14:44:16.445 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\plugins.qmltypes
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\qmldir
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\
2017-10-08 14:44:16.445 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2017-10-08 14:44:16.445 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\plugins.qmltypes
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qmldir
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-10-08 14:44:16.461 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2017-10-08 14:44:16.461 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\qmldir
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dll
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\qmldir
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2017-10-08 14:44:16.461 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\plugins.qmltypes
2017-10-08 14:44:16.461 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\plugins.qmltypes
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\qmldir
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qmldir
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2017-10-08 14:44:16.477 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\plugins.qmltypes
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\qmldir
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\qtquickextrasplugin.dll
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\
2017-10-08 14:44:16.477 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\plugins.qmltypes
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qmldir
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\
2017-10-08 14:44:16.477 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\
2017-10-08 14:44:16.570 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\plugins.qmltypes
2017-10-08 14:44:16.570 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\qmldir
2017-10-08 14:44:16.570 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2017-10-08 14:44:16.570 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\
2017-10-08 14:44:16.570 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\
2017-10-08 14:44:16.586 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\plugins.qmltypes
2017-10-08 14:44:16.586 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\qmldir
2017-10-08 14:44:16.586 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2017-10-08 14:44:16.602 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\plugins.qmltypes
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qmldir
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\
2017-10-08 14:44:16.602 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\
2017-10-08 14:44:16.883 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\JumpListDestination.qml
2017-10-08 14:44:17.070 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\JumpListLink.qml
2017-10-08 14:44:17.086 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\JumpListSeparator.qml
2017-10-08 14:44:17.086 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\plugins.qmltypes
2017-10-08 14:44:17.086 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qmldir
2017-10-08 14:44:17.086 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\rtp.dll
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\RTPControllerImpl.dll
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\RtpShim.dll
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll
2017-10-08 14:44:17.102 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\
2017-10-08 14:44:17.117 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\softwarecontext.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionSdk.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionShim.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\serviceconfig.json
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\SPControllerImpl.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ssleay32.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\suhlpr.dll
2017-10-08 14:44:17.133 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\suhlpr.dll, reason:(Access is denied.(error=5))
2017-10-08 14:44:17.133 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\suhlpr.dll on reboot
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Swissarmy.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\SwissarmyShim.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat
2017-10-08 14:44:17.133 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat, reason:(The process cannot access the file because it is being used by another process.(error=32))
2017-10-08 14:44:17.133 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat on reboot
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\unins000.msg
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\zlib.dll
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2017-10-08 14:44:17.149 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:(The process cannot access the file because it is being used by another process.(error=32))
2017-10-08 14:44:17.149 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2017-10-08 14:44:17.149 Trying to delete REG key: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1
2017-10-08 14:44:17.149 Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService
2017-10-08 14:44:17.149 Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService
2017-10-08 14:44:17.149 --------BEGINNING OF THE UNINSTALLER LOG FILE ----------
2017-10-08 14:42:14.756 Log opened. (Time zone: UTC+01:00)
2017-10-08 14:42:14.756 Setup version: Inno Setup version 5.5.8 (u)
2017-10-08 14:42:14.756 Original Uninstall EXE: C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe
2017-10-08 14:42:14.756 Uninstall DAT: C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat
2017-10-08 14:42:14.756 Uninstall command line: /SECONDPHASE="C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" /FIRSTPHASEWND=$505A2 /LOG /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\Dad\AppData\Local\Temp\Mbam3x.log"
2017-10-08 14:42:14.756 Windows version: 10.0.14393 (NT platform: Yes)
2017-10-08 14:42:14.756 64-bit Windows: No
2017-10-08 14:42:14.756 Processor architecture: x86
2017-10-08 14:42:14.756 User privileges: Administrative
2017-10-08 14:42:14.896 64-bit install mode: No
2017-10-08 14:42:14.943 Created temporary directory: C:\Users\Dad\AppData\Local\Temp\is-43OC4.tmp
2017-10-08 14:42:15.021 Uninstalling service
2017-10-08 14:42:19.715 Installed service, result 0
2017-10-08 14:42:19.715 Uninstall service complete
2017-10-08 14:44:25.602 --------END OF LOG FILE ----------
2017-10-08 14:49:17.858 >>>>>Starting post reboot phase cleanup for Malwarebytes version 3.2.2.2029 <<<<<<<<.
2017-10-08 14:49:28.548 Trying to delete REG key: HKCU\SOFTWARE\Malwarebytes
2017-10-08 14:49:33.063 HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2017-10-08 14:49:36.548 HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2017-10-08 14:49:40.240 HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2017-10-08 14:49:44.552 HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2017-10-08 14:49:45.209 HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2017-10-08 14:49:50.693 HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2017-10-08 14:49:55.232 HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2017-10-08 14:49:56.685 Trying to delete path C:\ProgramData\Malwarebytes\
2017-10-08 14:49:56.685 Cannot delete path C:\ProgramData\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2017-10-08 14:49:56.685 Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2017-10-08 14:49:56.685 Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2017-10-08 14:49:56.685 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2017-10-08 14:49:56.685 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2017-10-08 14:49:56.685 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:(The directory is not empty.(error=145))
2017-10-08 14:49:56.685 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2017-10-08 14:56:41.146 Malwarebytes v3.x was installed successfully.
2017-10-08 14:56:41.146 Launching process:"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
2017-10-08 14:56:55.957 --------END OF LOG FILE ----------

Omg!

My PC is in a restart cycle with the blue screen of death - your PC ran into problems and hazy I restart and it tries automatic repair which fails and now I can't even get Windows to load - offers me a system restore which is no use as mine are way out of date.
Is offering me advanced options but not sure what to do - pressed the f1 debugging option but it failed to work and fell into the cycle again.

Please help

I'm using my phone now to post replies

When I try and boot into safe mode with networking it restarts and a grey screen appears saying we couldn't complete the updates
undoing changes
Don't turn off your PC

Takes ages restarts
Blue screen again
Tried twice

Sounds like Windows has tried to install an update that's messed itself up ???

If your Windows 10/8 fails to boot, it will launch Automatic Repair, in order to attempt to repair Windows. If Automatic Repair also fails, you will want to use the Refresh your PC or Reset your PC option. To do so, you will select Advanced options > Troubleshoot > Reset or Refresh.

http://www.thewindowsclub.com/windows-8-fails-to-boot-automatic-repair-refresh-reset-pc-fail


PC is acting much better thanks - download dialogue appears within 30 seconds or so and was ages before.
what happened between there and now?

also
Restarting or Continuously Reboots
https://www.easeus.com/computer-instruction/windows-10-continuously-reboots.html

When I try and boot into safe mode with networking it restarts and a grey screen appears saying we couldn't complete the updates
undoing changes
Don't turn off your PC

Takes ages restarts
Blue screen again
Tried twice

Sounds like Windows has tried to install an update that's messed itself up ???

yes
it appears it was running in the background...
let's see if it can finish

try safe mode with networking again
anything trying to work?

Open task manager and see if there is any CPU being used.

What brand name computer is this?
I'll try searching for links to use the reset options.

3rd time lucky
I'm now in - via safe mode with networking - what should I do first?

I hadn't done anything other than try and remove malwarebytes a couple more times and reinstall it as before.
PC had been sitting idle when I went to check my emails an hour later it was in a restart cycle and I had left it on ??

Looking at recently installed programs it seems Windows installed a
Windows 10 update and privacy settings update 1.81mb on the 5th (3 days ago). That might be something because I guess when I had insouciant installed it had stopped updates affecting my PC

Can't seem to uninstall this update though as it says "the Windows installer service could not be accessed .... Blah blah

Are there any startup logs from previous failed attempts I can post that might tell us what happened ?

omg, scary

afraid to ask what happens when you try to boot into normal mode.

Was all going well until the attempts with MBAM?

those error messages were from Microsoft.

Is there anything I should try and do while in safe mode in case I never get in again 😭

Hi - sorry - yes all seemed well.

Nothing to report otherwise

Can I run anything that will help - diagnose ??

OK
Let's pretend your system is working now(I sent a prayer along with that comment)
I'm going to have to send you to MalwareBytes forum to see if they can figure out those error messages.
They deal with that much more then I do.

You'll need to register there, create a new topic
Topic title; MalwareBytes will not function, or something similar
https://forums.malwarebytes.com/forum/41-malwarebytes-3/

If you can post the MBAM log you did here that shows all the error messages I think it would help also, they may ask you zip and upload the files to be examined.

You can post the link to this topic too if you like.

Ok managed to start Windiws installer service in safe mode with a registry adjustment typed into command prompt - now uninstalling that Windows update which I didn't want anyway.


It's gone but not sure that was even the thing ?

Have you tried to boot into normal mode again?

As far as being malware related, I don't think so.
What I would had suggested next would likely had been an online scanner
As far as trying to diagnose what happened to windows,

also - I am unable to turn on windows security
we had enabled windows security, and it picked the worse time in the world to start downloading updates.

It's gone but not sure that was even the thing ?
I have no idea, my fingers are crossed that if more updates come in it don't do that again!

Ok thanks anyway

Have posted on malwarebytes


https://forums.malwarebytes.com/topic/212300-malwarebytes-wont-run-and-might-have-caused-pc-failure/

A restart ends up the same / blue screen cycle 😭

Is it worth restoring the registry with tweaking thing I did in very first post ???

Is it worth restoring the registry with tweaking thing I did in very first post ???

Let's wait and see what the tech guys at MBAM forums suggest first.

Ok

Can I ask - when I used to use these forums several years ago a lot of solutions used to involve the use of soy it S&D but don't see it mentioned much now but malwarebytes seems to be preferred - why is that ?

Spybot I mean

No sign of life from malwarebytes team

I've got back in via safe mode with networking

Located window/ mini dump folder
And see some crashes that have happened over the last few days while I was away at the weekend - wife told me she found the PC in startup star a few times

More crucially maybe in particular is the crash dump file from 6:17pm tonight when the first BSOD issue started

I can't read these files though .dmp - can you ?

Will they help ?

No sign of life from malwarebytes team

I've got back in via safe mode with networking

Located window/ mini dump folder
And see some crashes that have happened over the last few days while I was away at the weekend - wife told me she found the PC in startup star a few times

More crucially maybe in particular is the crash dump file from 6:17pm tonight when the first BSOD issue started

I can't read these files though .dmp - can you ?

Will they help ?
You can post it and I can try to research what it says.

The forums can be a little slow on the weekends, maybe pick back up during the week,

I often refer people here
https://forums.whatthetech.com/index.php?showforum=119

The above is also another forum where I am a member, the tech guys there might be able to assist more then me with the BSOD

The dmp files are gobbeltygook (coded) I believe a debugging software is required to interpret them

Hi Juliet

I bit the bullet and while in safe mode I used tweaking to restore the registry to my initial backup from the 4th

Hey - Presto PC Started without BSOD in normal mode.

So now that I'm in - I imagine there might now be some issues with my machine after restoring the registry to a point before we have made other changes following that time.

Are you still willing to help me out ? :red: (Pretty Please )

Cheers

Murdo

The dmp files are gobbeltygook
LOL!!


I bit the bullet and while in safe mode I used tweaking to restore the registry to my initial backup from the 4th

Hey - Presto PC Started without BSOD in normal mode.

So now that I'm in - I imagine there might now be some issues with my machine after restoring the registry to a point before we have made other changes following that time.

Are you still willing to help me out ? (Pretty Please )
of course.
Looking back over the original FRST logs it indicated that Tweaking had a few problems so.....you are very lucky, and I also think very smart!

Error: (10/04/2017 07:01:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Repair_Windows.exe, version: 4.0.0.7, time stamp: 0x59d3abef
Faulting application path: C:\Program Files\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe

I think, and I have nothing to back me on this, it ran and was able to do a little something that has enabled you to get to where you are now.

Let's see if we can get an online scan.

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit (http://dl.emsisoft.com/EmsisoftEmergencyKit.exe) and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).

After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.
When the scan is completed click Quarantine selected objects. Note, this option is only available if malicious objects were detected during the scan.
When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
Please save the log in Notepad on your desktop and post the contents in your next reply.
When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.

Aww Shucks - Thanks. Also think your way cleverer though :red:

Malwarebytes now installed ok and works

Run a scan - Log Below. Only one thing found relating to the KMSPico thing I had

Running Emisoft scanner just now will update you when its done

Date Time Tick Count Process ID Thread ID Log Level Context Tag Function Name File Name Line Number Message
10/09/17 " 00:47:03.203" 679015 1c18 1c2c INFO LogController CLogController::Start "LogController.cpp" 86 "Started logging"
10/09/17 " 00:47:03.203" 679015 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 284 "Service Controller starting controller initialization"
10/09/17 " 00:47:03.203" 679015 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 285 "Product code MBAM-C"
10/09/17 " 00:47:03.203" 679015 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 286 "Product version 3.2.2.2029"
10/09/17 " 00:47:03.203" 679015 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 287 "Product build consumer"
10/09/17 " 00:47:03.219" 679031 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 288 "OS Version Windows 10 (Build 14393.187)"
10/09/17 " 00:47:03.297" 679109 1c18 1c2c WARNING PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::LoadConfig "PoliciesConfigHandler.cpp" 414 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\PoliciesConfig.json. Using default values."
10/09/17 " 00:47:03.980" 679796 1c18 1c2c INFO PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::ShellExtensionControl "PoliciesConfigHandler.cpp" 1177 "Shell extension registered."
10/09/17 " 00:47:03.980" 679796 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "ServiceControllerImplementation.cpp" 1870 "Policies Controller Started"
10/09/17 " 00:47:03.980" 679796 1c18 1c2c INFO LicenseControllerCOM CLicenseController::Start "LicenseController.cpp" 98 "CLicenseController::Start"
10/09/17 " 00:47:04.808" 680625 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "ServiceControllerImplementation.cpp" 1899 "License Controller Started"
10/09/17 " 00:47:04.964" 680781 1c18 1c2c ERROR UpdateControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json"
10/09/17 " 00:47:04.964" 680781 1c18 1c2c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ReadConfig "UpdateControllerImplHelper.cpp" 328 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json not found; using default values"
10/09/17 " 00:47:05.043" 680859 1c18 1c2c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "UpdateControllerImplHelper.cpp" 260 "COMPONENT PACKAGE VERSION: 1.0.0, DB PACKAGE VERSION: 1.0.0"
10/09/17 " 00:47:05.058" 680875 1c18 1c2c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4102 "Signature successfully validated"
10/09/17 " 00:47:05.652" 681468 1c18 1c2c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4106 "DB manifest successfully validated"
10/09/17 " 00:47:05.652" 681468 1c18 1c2c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4371 "Validated DB manifest - success"
10/09/17 " 00:47:06.152" 681968 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "ServiceControllerImplementation.cpp" 1928 "Update Controller Started"
10/09/17 " 00:47:06.152" 681968 1c18 1c2c INFO CloudController CCloudController::Start "CloudController.cpp" 101 "CCloudController::Initialize"
10/09/17 " 00:47:06.246" 682062 1c18 1c2c INFO CloudCtrlImpl Initialize "CloudControllerImpl.cpp" 58 "CC Initialize called"
10/09/17 " 00:47:06.246" 682062 1c18 1c2c ERROR CloudCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json"
10/09/17 " 00:47:06.246" 682062 1c18 1c2c INFO CloudCtrlImpl CloudControllerImplHelper::ReadConfig "CloudControllerImplHelper.cpp" 2183 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json not found; using default values"
10/09/17 " 00:47:06.527" 682343 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "ServiceControllerImplementation.cpp" 1958 "Cloud Controller Started"
10/09/17 " 00:47:06.558" 682375 1c18 1c2c INFO TelemController CTelemetryController::Start_impl "TelemetryController.cpp" 116 "::Initialize"
10/09/17 " 00:47:06.918" 682734 1c18 1c2c ERROR TelemCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\TelemCtrlConfig.json"
10/09/17 " 00:47:06.918" 682734 1c18 1c2c INFO TelemCtrlImpl TelemetryControllerImpl::ReadConfig "TelemetryControllerImplHelper.cpp" 375 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\TelemCtrlConfig.json not found; using default values"
10/09/17 " 00:47:06.918" 682734 1c18 1c2c ERROR TelemCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\telemetry.json"
10/09/17 " 00:47:07.043" 682859 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartTelemetryController "ServiceControllerImplementation.cpp" 2017 "Telemetry Controller Started"
10/09/17 " 00:47:07.074" 682890 1c18 1c2c INFO CleanController CCleanController::Start "CleanController.cpp" 150 "Initializing CleanController"
10/09/17 " 00:47:07.371" 683187 1c18 1c2c INFO CleanControllerImpl CleanControllerImpl::Start "CleanControllerImpl.cpp" 88 "Starting Clean Controller Impl"
10/09/17 " 00:47:07.371" 683187 1c18 1c2c ERROR CleanControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CleanControllerConfig.json"
10/09/17 " 00:47:07.371" 683187 1c18 1c2c WARNING CleanControllerImpl CleanControllerImpl::ReadConfig "CleanControllerImpl.cpp" 277 "Failed to read config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CleanControllerConfig.json"
10/09/17 " 00:47:07.371" 683187 1c18 1354 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 802 "Initializing system paths and resolving DOR status"
10/09/17 " 00:47:07.418" 683234 1c18 1354 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 823 "Processing pending actions"
10/09/17 " 00:47:07.418" 683234 1c18 1c2c INFO CleanController CCleanController::Start::<lambda_d1e329198e4626befe0c34caccf0da2d>::operator () "CleanController.cpp" 151 "CleanController initialization complete"
10/09/17 " 00:47:07.418" 683234 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartCleanController "ServiceControllerImplementation.cpp" 2078 "Clean Controller Started"
10/09/17 " 00:47:09.028" 684843 1c18 1c2c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanConfigHandler::LoadConfig "ScanConfigHandler.cpp" 83 "Could not load config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ScanConfig.json. Using default values."
10/09/17 " 00:47:09.231" 685046 1c18 1354 INFO Actions ActionsManager::ProcessPendingActionsAfterReboot "ActionsManager.cpp" 962 "Executing pending post cleanup actions"
10/09/17 " 00:47:09.231" 685046 1c18 1354 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 927 "Initializing CLS Engine"
10/09/17 " 00:47:09.231" 685046 1c18 1354 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 962 "Initializing swiss army SDK"
10/09/17 " 00:47:14.809" 690625 1c18 189c INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::GetInstallationToken "KeystoneImpl.cpp" 1070 "Unable to retreive the installation token data. Performing a register to receive a token from Keystone."
10/09/17 " 00:47:14.809" 690625 1c18 189c INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::GetInstallationToken "KeystoneImpl.cpp" 1084 "GetInstallationToken machineId is empty, calulating the machineId."
10/09/17 " 00:47:15.794" 691609 1c18 1354 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
10/09/17 " 00:47:15.794" 691609 1c18 1354 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2974 "Successfully parsed 91 records."
10/09/17 " 00:47:15.794" 691609 1c18 1354 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 990 "Loading Hubble cache"
10/09/17 " 00:47:15.919" 691734 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartScanController "ServiceControllerImplementation.cpp" 2107 "Scan Controller Started"
10/09/17 " 00:47:16.044" 691859 1c18 1c2c WARNING RTPControllerImpl mb::rtpcontrollerimpl::RTPConfigHandler::LoadConfig "RTPConfigHandler.cpp" 137 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\RtpConfig.json. Using default values."
10/09/17 " 00:47:16.044" 691859 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartRtpController "ServiceControllerImplementation.cpp" 2136 "RTP Controller Started"
10/09/17 " 00:47:16.044" 691859 1c18 1c2c INFO MWACControllerCOM CMWACController::StartV2 "MWACController.cpp" 231 "Initializing MWAC Controller"
10/09/17 " 00:47:16.278" 692093 1c18 1c2c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacConfigHandler::CreateMwacConfigFile "MwacConfigHandler.cpp" 374 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\MwacControllerConfig.json. Using default values."
10/09/17 " 00:47:16.294" 692109 1c18 1c2c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::IsLicenseStateValid "MWACControllerImplHelper.cpp" 479 "license state is: Unknown"
10/09/17 " 00:47:16.294" 692109 1c18 1c2c INFO MWACControllerCOM CMWACController::StartV2::<lambda_eb1667078bf4f26957e1d2f7234fe9e0>::operator () "MWACController.cpp" 232 "MWAC Controller initialization complete"
10/09/17 " 00:47:16.294" 692109 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartMWACController "ServiceControllerImplementation.cpp" 2166 "MWAC Controller Started"
10/09/17 " 00:47:16.372" 692187 1c18 1c2c INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwConfigHandler::LoadConfig "ArwConfigHandler.cpp" 67 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwControllerConfig.json. Using default values."
10/09/17 " 00:47:16.481" 692296 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartArwController "ServiceControllerImplementation.cpp" 2198 "ARW Controller Started"
10/09/17 " 00:47:16.653" 692468 1c18 18e4 INFO ScanControllerImpl mb::scancontrollerimpl::ScanScheduler::UpdateScheduledScans "ScanScheduler.cpp" 1119 "License state changed from Unknown to Trial. Removing existing scheduled scans and adding a default daily scan."
10/09/17 " 00:47:17.153" 692968 1c18 1354 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1017 "Starting white list manager"
10/09/17 " 00:47:17.153" 692968 1c18 1354 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1029 "Starting restore engine"
10/09/17 " 00:47:17.153" 692968 1c18 1354 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1044 "Entering into main loop"
10/09/17 " 00:47:17.200" 693015 1c18 1c2c WARNING AEControllerImpl mb::aecontrollerimpl::AEConfigHandler::LoadConfig "AeConfigHandler.cpp" 118 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\AeConfig.json. Using default values."
10/09/17 " 00:47:17.231" 693046 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartAEController "ServiceControllerImplementation.cpp" 2227 "Anti-Exploit Controller Started"
10/09/17 " 00:47:17.247" 693062 1c18 0a3c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::LoadAeSdk "AEControllerImplHelper.cpp" 270 "Load and initialize the MbaeSdk"
10/09/17 " 00:47:17.466" 693281 1c18 18e4 INFO RtpShim RtpShimImpl::Install "RtpShimImpl.cpp" 139 "rtp.dll was successfully loaded. rtpPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\rtp.dll>."
10/09/17 " 00:47:17.544" 693359 1c18 18e4 WARNING DriverPackage mb::common::driver::DriverPackage::RemovePackage "DriverPackage.cpp" 360 "Could not delete driver .sys file [mbam]"
10/09/17 " 00:47:17.544" 693359 1c18 18e4 WARNING DriverPackage mb::common::driver::DriverPackage::RemovePackage "DriverPackage.cpp" 364 "Could not delete driver .cat file [mbam]"
10/09/17 " 00:47:17.544" 693359 1c18 18e4 WARNING DriverPackage mb::common::driver::DriverPackage::RemovePackage "DriverPackage.cpp" 368 "Could not delete driver .inf file [mbam]"
10/09/17 " 00:47:17.784" 693593 1c18 0a3c INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 205 "mbae-api-na.dll was successfully loaded. aePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbae-api-na.dll>."
10/09/17 " 00:47:17.816" 693625 1c18 1c2c WARNING SPControllerImpl mb::spcontrollerimpl::SpConfigHandler::LoadConfig "SpConfigHandler.cpp" 204 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\Config\SpConfigFile.json. Using default values."
10/09/17 " 00:47:17.831" 693640 1c18 1c2c INFO SPControllerImpl mb::spcontrollerimpl::SpConfigHandler::LoadConfig "SpConfigHandler.cpp" 269 "Protecting MBAM Install path - C:\Program Files\Malwarebytes\Anti-Malware"
10/09/17 " 00:47:17.831" 693640 1c18 1c2c INFO SPControllerImpl mb::spcontrollerimpl::SPShimModuleLoader::SPShimSetVerificationMode "SPShimModuleLoader.cpp" 445 "verification mode = 0 ."
10/09/17 " 00:47:17.831" 693640 1c18 1c2c INFO SPSDK SetVerificationMode "SelfProtectionUser.cpp" 52 "Setting Verification mode to 0."
10/09/17 " 00:47:17.831" 693640 1c18 1c2c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 141 "Successfully initialized the SPControllerImpl, spFolderPath=[C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE]."
10/09/17 " 00:47:17.831" 693640 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 1987 "Self-Protection Controller Started"
10/09/17 " 00:47:17.831" 693640 1c18 1c2c INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 1989 "Start Service Controller complete"
10/09/17 " 00:47:17.847" 693656 1c18 21f0 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 68 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x1"
10/09/17 " 00:47:17.847" 693656 0000 2754 INFO MBAMInstaller IService.cpp "MbamService::Initialize" 197 "Starting post install process."
10/09/17 " 00:47:17.894" 693703 1c18 0a3c INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 220 "Successfully Initialized MBAE"
10/09/17 " 00:47:17.909" 693718 1c18 0a3c ERROR AeShimImpl AeShimImpl::MbaeSetExclusions "AeShimImpl.cpp" 348 "MbaeSetExclusions failed. status(8)"
10/09/17 " 00:47:17.909" 693718 1c18 0a3c ERROR AEControllerImpl mb::aecontrollerimpl::AeExclusionsHandler::InitializeExclusions "ExclusionsHandler.cpp" 73 "Could not configure exclusions in MbaeSdk (8)"
10/09/17 " 00:47:18.019" 693828 1c18 18e4 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
10/09/17 " 00:47:18.347" 694156 1c18 0a3c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::InitializeV2::<lambda_20333c7e7a4ed5da23d2d64c4e55433a>::operator () "AEControllerImplHelper.cpp" 236 "Start with Anti-Exploit enabled."
10/09/17 " 00:47:18.347" 694156 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeSetConfig "AeShimImpl.cpp" 249 "Successfully configured MBAE."
10/09/17 " 00:47:18.472" 694281 0000 2754 INFO MBAMInstaller Mbam2xLicense.cpp "Mbam2xLicense::Save" 109 "Key is empty, don't need to Activate."
10/09/17 " 00:47:18.503" 694312 1c18 1c14 WARNING RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::Enable "RTPControllerImplHelper.cpp" 613 "RTP has not been started, current state = [4]. cannot enable it."
10/09/17 " 00:47:18.503" 694312 1c18 1c14 ERROR RTPControllerCOM CRTPController::EnableProtection "RTPController.cpp" 550 "Failed to enable the RTP module!"
10/09/17 " 00:47:18.503" 694312 0000 2754 INFO MBAMInstaller Mbam2xSettings.cpp "Mbam2xSettings::SaveRtpSettings" 205 "Enable/DisableProtection (rtp) failed."
10/09/17 " 00:47:18.503" 694312 1c18 1c0c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartInitializationThread "MWACControllerImplHelper.cpp" 918 "Web Access Controller is currently initializing"
10/09/17 " 00:47:18.503" 694312 1c18 1c0c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..."
10/09/17 " 00:47:18.503" 694312 0000 2754 INFO MBAMInstaller suhlpr.cpp "EP2" 618 "Migrated settings from MBAM 2.x"
10/09/17 " 00:47:18.597" 694406 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeSetExclusions "AeShimImpl.cpp" 337 "Successfully set exclusion list"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winrar.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzip.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7z.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zFM.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zG.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (S7Z.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zextractor.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip32.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip64.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wzdisktools.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzipss.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cmd.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mshta.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winhlp32.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wscript.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (quicktimeplayer.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winamp.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (vlc.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mplayer2.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wmplayer.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (powerpnt.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excel.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excelc.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winword.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winwordc.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mspub.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (soffice.bin)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxitreader.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxit reader.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Foxit PhantomPDF.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FoxitPhantomPDF.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrord32.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrobat.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (java.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaw.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaws.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (dragon.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (waterfox.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tor.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tbb-firefox.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (palemoon.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cyberfox.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (icedragon.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (seamonkey.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (maxthon.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mxapploader.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_plugin_wrapper.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_wrapper_32.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (iexplore.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdge.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdgeCP.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (chrome.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (old_chrome.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (firefox.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (plugin-container.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FlashPlayerPlugin*.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (helpctr.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (fltldr.exe)"
10/09/17 " 00:47:18.612" 694421 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mbae-test.exe)"
10/09/17 " 00:47:18.644" 694453 0000 2754 INFO MBAMInstaller suhlpr.cpp "EP2" 667 "Starting Trial"
10/09/17 " 00:47:19.128" 694937 1c18 0a3c INFO AeShimImpl AeShimImpl::MbaeStart "AeShimImpl.cpp" 358 "MBAE started."
10/09/17 " 00:47:19.128" 694937 1c18 0a3c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::StartProtectionImpl "AEControllerImplHelper.cpp" 527 "Protection Started"
10/09/17 " 00:47:19.144" 694953 1c18 1c14 ERROR LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::SendKeystoneRequest "KeystoneImpl.cpp" 783 "Received a [202] response from Keystone. This isn't one of the expected httpStatus returns."
10/09/17 " 00:47:19.144" 694953 1c18 1c14 ERROR LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::SendKeystoneRequest "KeystoneImpl.cpp" 793 "SendRequest RequestBody ({
""installation_token"" : ""xQrq5qSPP29p5m9wwNax1504858911"",
""tags"" : ""{\\u000a ""affiliate_id"" : """",\\u000a ""affiliate_name"" : ""consumer"",\\u000a ""antivirus"" : [\\u000a ""Windows Defender"",\\u000a ""AVG Antivirus""\\u000a ],\\u000a ""biz_env"" : false,\\u000a ""domain_name"" : """",\\u000a ""is_on_domain"" : false,\\u000a ""license_state"" : ""free"",\\u000a ""os"" : ""Windows 10 (Build 14393.187)"",\\u000a ""os_build"" : ""14393"",\\u000a ""unredeem_reason"" : """",\\u000a ""user_is_admin"" : false\\u000a}""
})."
10/09/17 " 00:47:19.144" 694953 1c18 1c14 ERROR LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::SendKeystoneRequest "KeystoneImpl.cpp" 795 "SendRequest returned with responseBody ({
""message"": ""Trial not allowed"",
""status"": ""failed""
})."
10/09/17 " 00:47:19.144" 694953 1c18 1c14 ERROR LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::KeystoneStart "KeystoneImpl.cpp" 413 "SendKeystoneRequest failed trying to start a trial. Code: 202, Message: {
""message"": ""Trial not allowed"",
""status"": ""failed""
}"
10/09/17 " 00:47:19.159" 694968 0000 2754 INFO MBAMInstaller IService.cpp "MbamService::~MbamService" 136 "Post install process finished."
10/09/17 " 00:47:24.627" 700437 1c18 18e4 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
10/09/17 " 00:47:24.799" 700609 1c18 18e4 INFO RtpSDK RtpUserImpl::Start "RtpUserImpl.cpp" 240 "Rtp driver started."
10/09/17 " 00:47:24.799" 700609 1c18 18e4 INFO RtpShim RtpShimImpl::Start "RtpShimImpl.cpp" 230 "Rtp successfully started."
10/09/17 " 00:47:24.799" 700609 1c18 18e4 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::StartProtection "SPControllerImplHelper.cpp" 925 "Enter StartProtection for SP controller."
10/09/17 " 00:47:24.846" 700656 1c18 18e4 INFO SPSDK Install "SelfProtectionUser.cpp" 83 "SelfProtection verification mode = 0"
10/09/17 " 00:47:25.190" 701000 1c18 18e4 INFO SPSDK Install "SelfProtectionUser.cpp" 89 "SelfProtection driver was successfully installed. Path=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>."
10/09/17 " 00:47:25.190" 701000 1c18 18e4 INFO SPSDK Install "SelfProtectionUser.cpp" 123 "SelfProtection driver is active!"
10/09/17 " 00:47:25.237" 701046 1c18 161c INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwRulesHandler::LoadConfig "RulesHandler.cpp" 39 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwRulesConfig.json. Using default values."
10/09/17 " 00:47:25.643" 701453 1c18 18e4 INFO ScanControllerImpl mb::scancontrollerimpl::ScanScheduler::UpdateScheduledScans "ScanScheduler.cpp" 1105 "License state changed from Trial to Free. Removing existing scheduled scans and adding a default monthly scan."
10/09/17 " 00:47:28.175" 703984 1c18 1730 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 736006 records."
10/09/17 " 00:47:31.457" 707265 1c18 2164 ERROR ArwSDK "" 0 "{Thread: 0x0000161C, Tick: 0x000ACAC1} [arw::mb::dll_driver::do_install] Failed to install driver package. {Error: 1243}"
10/09/17 " 00:47:31.457" 707265 1c18 2164 ERROR ArwSDK "" 0 "{Thread: 0x0000161C, Tick: 0x000ACAC1} [ArwLib::Globals::Impl_Start] {EXCEPTION} ==> {Thread: 0x0000161C, Tick: 0x000ACAC1} [ArwLib::driver_manager::install(31)] Pre-condition not held."
10/09/17 " 00:47:31.457" 707265 1c18 161c ERROR AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartArwProtection "ArwControllerImplHelper.cpp" 720 "Failed to start the Anti-Ransomware driver!"
10/09/17 " 00:47:35.647" 711453 1c18 2190 ERROR RtpSDK RtpUserImpl::MessageLoop "RtpUserImpl.cpp" 437 "Error getting queued completion status (6)"
10/09/17 " 00:47:35.803" 711609 1c18 18e4 INFO RtpSDK RtpUserImpl::Stop "RtpUserImpl.cpp" 280 "Rtp driver stopped."
10/09/17 " 00:47:35.803" 711609 1c18 18e4 INFO RtpShim RtpShimImpl::Stop "RtpShimImpl.cpp" 242 "Rtp successfully stopped."
10/09/17 " 00:47:36.647" 712453 1c18 18e4 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
10/09/17 " 00:47:36.647" 712453 1c18 18e4 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped."
10/09/17 " 00:47:37.537" 713343 1c18 18e4 INFO AeShimImpl AeShimImpl::MbaeShutdown "AeShimImpl.cpp" 430 "MBAE Shutdown"
10/09/17 " 00:47:40.929" 716734 1c18 18e4 INFO SPSDK Uninstall "SelfProtectionUser.cpp" 199 "SelfProtection driver was successfully removed."
10/09/17 " 00:47:40.944" 716750 1c18 1730 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded"
10/09/17 " 00:47:49.794" 725609 1c18 1c14 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::StartScan "Scanner.cpp" 547 "Starting a Threat scan, clientID = MbamUI, clientType = MBClientFullUI."
10/09/17 " 00:47:49.811" 725625 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4102 "Signature successfully validated"
10/09/17 " 00:47:50.221" 726031 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4106 "DB manifest successfully validated"
10/09/17 " 00:47:50.221" 726031 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4371 "Validated DB manifest - success"
10/09/17 " 00:47:50.221" 726031 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 534 "DoUpdate - Starting check for updates (manual)"
10/09/17 " 00:47:50.221" 726031 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 536 "Checking for: Installer=[No], SDK/Ctlr=[No], DB/CLS=[Yes]"
10/09/17 " 00:47:51.375" 727187 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1173 "DB/ClsEng package --> [mbam-c.dbcls.32bit], current version: [1.0.2951]"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2976) of pkg [mbam-c.dbcls.32bit] (FULL) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2952) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2953) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2954) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2955) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2956) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2957) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2958) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2959) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2960) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2961) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.088" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2962) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2963) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2964) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2965) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2966) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2967) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2968) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2969) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2970) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2971) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2972) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2973) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2974) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2975) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.089" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1053 "A New version (1.0.2976) of pkg [mbam-c.dbcls.32bit] (INCR) is available"
10/09/17 " 00:47:52.090" 727906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 545 "Available updates found - beginning download"
10/09/17 " 00:47:52.807" 728625 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.32bit.incr.7z"
10/09/17 " 00:47:52.858" 728671 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:53.208" 729015 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta2\dbcls.32bit.incr.7z"
10/09/17 " 00:47:53.372" 729187 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:53.531" 729343 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta3\dbcls.32bit.incr.7z"
10/09/17 " 00:47:53.630" 729437 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:53.745" 729562 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta4\dbcls.32bit.incr.7z"
10/09/17 " 00:47:53.891" 729703 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:54.021" 729828 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta5\dbcls.32bit.incr.7z"
10/09/17 " 00:47:54.148" 729953 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:54.494" 730312 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta6\dbcls.32bit.incr.7z"
10/09/17 " 00:47:54.663" 730468 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:55.012" 730828 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta7\dbcls.32bit.incr.7z"
10/09/17 " 00:47:55.180" 730984 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:55.533" 731343 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta8\dbcls.32bit.incr.7z"
10/09/17 " 00:47:55.695" 731500 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:55.801" 731609 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta9\dbcls.32bit.incr.7z"
10/09/17 " 00:47:55.950" 731765 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:56.085" 731890 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta10\dbcls.32bit.incr.7z"
10/09/17 " 00:47:56.206" 732015 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:56.396" 732203 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta11\dbcls.32bit.incr.7z"
10/09/17 " 00:47:56.461" 732265 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:56.837" 732640 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta12\dbcls.32bit.incr.7z"
10/09/17 " 00:47:56.976" 732781 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:57.126" 732937 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta13\dbcls.32bit.incr.7z"
10/09/17 " 00:47:57.271" 733078 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:57.405" 733218 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta14\dbcls.32bit.incr.7z"
10/09/17 " 00:47:57.527" 733343 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:57.698" 733515 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta15\dbcls.32bit.incr.7z"
10/09/17 " 00:47:57.785" 733593 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:57.901" 733718 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta16\dbcls.32bit.incr.7z"
10/09/17 " 00:47:58.042" 733859 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:58.153" 733968 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta17\dbcls.32bit.incr.7z"
10/09/17 " 00:47:58.297" 734109 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:58.411" 734218 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta18\dbcls.32bit.incr.7z"
10/09/17 " 00:47:58.553" 734359 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:58.731" 734546 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta19\dbcls.32bit.incr.7z"
10/09/17 " 00:47:58.834" 734640 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:58.946" 734750 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta20\dbcls.32bit.incr.7z"
10/09/17 " 00:47:59.089" 734906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:59.497" 735312 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta21\dbcls.32bit.incr.7z"
10/09/17 " 00:47:59.638" 735453 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:47:59.757" 735562 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta22\dbcls.32bit.incr.7z"
10/09/17 " 00:47:59.894" 735703 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:48:00.025" 735828 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta23\dbcls.32bit.incr.7z"
10/09/17 " 00:48:00.152" 735968 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:48:00.265" 736078 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta24\dbcls.32bit.incr.7z"
10/09/17 " 00:48:00.407" 736218 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:48:00.526" 736343 1c18 1910 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2943 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta25\dbcls.32bit.incr.7z"
10/09/17 " 00:48:00.668" 736484 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1413 "Successfully downloaded: mbam-c.dbcls.32bit"
10/09/17 " 00:48:03.704" 739515 1c18 20fc INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
10/09/17 " 00:48:03.704" 739515 1c18 20fc INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions"
10/09/17 " 00:48:48.647" 784453 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:48:48.648" 784453 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2952"
10/09/17 " 00:48:49.011" 784828 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.05.01"
10/09/17 " 00:48:58.480" 794296 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:48:58.480" 794296 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2953"
10/09/17 " 00:48:58.482" 794296 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.05.02"
10/09/17 " 00:49:02.819" 798625 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:49:02.819" 798625 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2954"
10/09/17 " 00:49:02.820" 798625 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.05.03"
10/09/17 " 00:49:07.822" 803625 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:49:07.822" 803625 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2955"
10/09/17 " 00:49:07.824" 803640 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.05.04"
10/09/17 " 00:49:15.981" 811796 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:49:15.981" 811796 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2956"
10/09/17 " 00:49:15.982" 811796 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.05.05"
10/09/17 " 00:49:23.263" 819078 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:49:23.264" 819078 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2957"
10/09/17 " 00:49:23.266" 819078 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.05.06"
10/09/17 " 00:49:30.437" 826250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:49:30.438" 826250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2958"
10/09/17 " 00:49:30.439" 826250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.05.07"
10/09/17 " 00:49:39.160" 834968 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:49:39.160" 834968 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2959"
10/09/17 " 00:49:39.162" 834968 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.06.01"
10/09/17 " 00:49:41.891" 837703 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:49:41.892" 837703 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2960"
10/09/17 " 00:49:41.895" 837703 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.06.02"
10/09/17 " 00:49:45.272" 841078 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:49:45.272" 841078 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2961"
10/09/17 " 00:49:45.274" 841078 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.06.03"
10/09/17 " 00:49:52.909" 848718 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:49:52.910" 848718 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2962"
10/09/17 " 00:49:52.911" 848718 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.06.04"
10/09/17 " 00:50:01.951" 857765 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:50:01.951" 857765 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2963"
10/09/17 " 00:50:01.953" 857765 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.06.05"
10/09/17 " 00:50:07.667" 863484 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:50:07.668" 863484 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2964"
10/09/17 " 00:50:07.671" 863484 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.06.06"
10/09/17 " 00:50:09.735" 865546 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:50:09.735" 865546 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2965"
10/09/17 " 00:50:09.736" 865546 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.06.07"
10/09/17 " 00:50:14.824" 870640 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:50:14.824" 870640 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2966"
10/09/17 " 00:50:14.828" 870640 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.06.08"
10/09/17 " 00:50:17.442" 873250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:50:17.443" 873250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2967"
10/09/17 " 00:50:17.446" 873250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.07.01"
10/09/17 " 00:50:22.100" 877906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:50:22.101" 877906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2968"
10/09/17 " 00:50:22.103" 877906 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.07.02"
10/09/17 " 00:50:26.546" 882359 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:50:26.546" 882359 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2969"
10/09/17 " 00:50:26.548" 882359 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.07.03"
10/09/17 " 00:50:29.356" 885171 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:50:29.356" 885171 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2970"
10/09/17 " 00:50:29.358" 885171 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.07.04"
10/09/17 " 00:50:58.310" 914125 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:50:58.310" 914125 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2971"
10/09/17 " 00:50:58.312" 914125 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.07.05"
10/09/17 " 00:51:01.353" 917156 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:51:01.354" 917171 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2972"
10/09/17 " 00:51:01.356" 917171 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.08.01"
10/09/17 " 00:51:06.246" 922062 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:51:06.247" 922062 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2973"
10/09/17 " 00:51:06.251" 922062 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.08.02"
10/09/17 " 00:51:08.866" 924671 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:51:08.867" 924671 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2974"
10/09/17 " 00:51:08.869" 924671 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.08.03"
10/09/17 " 00:51:11.981" 927796 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:51:11.981" 927796 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2975"
10/09/17 " 00:51:11.983" 927796 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.08.04"
10/09/17 " 00:51:25.142" 940953 1c18 20fc INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions"
10/09/17 " 00:51:26.279" 942093 1c18 20fc INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
10/09/17 " 00:51:26.280" 942093 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1782 "DoIncrementalUpdate was successful."
10/09/17 " 00:51:26.280" 942093 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2462 "Successfully updated DB/ClsEng package version to: 1.0.2976"
10/09/17 " 00:51:26.282" 942093 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2470 "Set DB version to: 2017.10.08.05"
10/09/17 " 00:51:26.287" 942093 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4102 "Signature successfully validated"
10/09/17 " 00:51:28.592" 944406 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4106 "DB manifest successfully validated"
10/09/17 " 00:51:28.592" 944406 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4371 "Validated DB manifest - success"
10/09/17 " 00:51:28.692" 944500 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 575 "Update check is complete."
10/09/17 " 00:51:28.692" 944500 1c18 18c4 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
10/09/17 " 00:51:28.693" 944500 1c18 18c4 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2974 "Successfully parsed 92 records."
10/09/17 " 00:51:28.698" 944515 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4102 "Signature successfully validated"
10/09/17 " 00:51:29.445" 945250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4106 "DB manifest successfully validated"
10/09/17 " 00:51:29.445" 945250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4371 "Validated DB manifest - success"
10/09/17 " 00:51:29.445" 945250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 534 "DoUpdate - Starting check for updates (automatic)"
10/09/17 " 00:51:29.445" 945250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 536 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[No]"
10/09/17 " 00:51:29.447" 945250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1107 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]"
10/09/17 " 00:51:29.447" 945250 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1134 "SDK/Controller package --> [mbam-c.ctlr.32bit], current version: [1.0.212]"
10/09/17 " 00:51:30.187" 946000 1c18 1da8 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
10/09/17 " 00:51:30.435" 946250 1c18 1730 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module."
10/09/17 " 00:51:30.436" 946250 1c18 1730 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped."
10/09/17 " 00:51:31.469" 947281 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 566 "Checked for updates - no updates available"
10/09/17 " 00:51:31.469" 947281 1c18 20fc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 575 "Update check is complete."
10/09/17 " 00:51:37.414" 953218 1c18 1730 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 739029 records."
10/09/17 " 00:51:40.840" 956656 1c18 1da8 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
10/09/17 " 00:51:48.637" 964453 1c18 1da8 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2974 "Successfully parsed 84408 records."
10/09/17 " 00:51:52.179" 967984 1c18 1730 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded"
10/09/17 " 00:51:52.184" 968000 1c18 1730 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..."
10/09/17 " 00:52:34.989" 1010796 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SECOH-QAD.EXE' (shuriken) => Hubble:BlackListed"
10/09/17 " 00:52:34.990" 1010796 1c18 17f4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Init "Linker.cpp" 92 "Initializing linker"
10/09/17 " 00:52:42.609" 1018421 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\ATIBTMON.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:52:45.893" 1021703 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\CTXFIREG.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:52:46.581" 1022390 1c18 17f4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 206 "Finding linked traces"
10/09/17 " 00:52:46.588" 1022390 1c18 17f4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\WINDOWS\SECOH-QAD.EXE'"
10/09/17 " 00:52:46.588" 1022390 1c18 17f4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SECOH-QAD.EXE' => None:Unknown"
10/09/17 " 00:52:46.588" 1022390 1c18 17f4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Windows\SECOH-QAD.EXE' => None:Unknown"
10/09/17 " 00:52:46.655" 1022468 1c18 17f4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions"
10/09/17 " 00:52:46.997" 1022812 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\CTXFIHLP.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:52:48.391" 1024203 1c18 17f4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 817 "Getting linked traces"
10/09/17 " 00:52:50.579" 1026390 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\CTXFISPI.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:52:52.777" 1028593 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\DEVLOAD.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:52:57.715" 1033531 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\ENLOCSTR.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:52:58.884" 1034687 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\KILLAPPS.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:53:03.402" 1039218 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\ATIECLXX.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:53:05.339" 1041156 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\REGPLIB.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:53:19.509" 1055312 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\UDAAIM32.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:53:20.731" 1056546 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\UDATEL32.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:53:40.552" 1076359 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:54:03.430" 1099234 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:54:27.852" 1123656 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\LOGITECH\VIDEO\ISSTART.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:54:29.544" 1125359 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\COMMON FILES\AV\SPYBOT - SEARCH AND DESTROY\TEST.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:54:32.910" 1128718 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:55:24.540" 1180343 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\AVGUI.LOG"
10/09/17 " 00:55:24.855" 1180671 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\DISKDRV.LOG"
10/09/17 " 00:55:26.874" 1182687 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPDRV.LOG"
10/09/17 " 00:55:26.875" 1182687 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPEH.LOG.LOCK"
10/09/17 " 00:55:28.896" 1184703 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\SELFDEF.LOG"
10/09/17 " 00:55:28.896" 1184703 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\SWHEALTHEX.LOG"
10/09/17 " 00:55:31.163" 1186968 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\REPORT\FILESYSTEMSHIELD.TXT"
10/09/17 " 00:55:41.662" 1197468 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\DB\REMOVAL.DAT"
10/09/17 " 00:55:44.580" 1200390 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\ASWAR.LOG"
10/09/17 " 00:55:45.986" 1201796 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\FILEINFO2.DB"
10/09/17 " 00:55:45.987" 1201796 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG.DB"
10/09/17 " 00:55:46.002" 1201812 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\CLEANUP.LOG"
10/09/17 " 00:55:46.003" 1201812 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\DISKDRV.LOG.LOCK"
10/09/17 " 00:55:46.003" 1201812 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPAGENT.LOG"
10/09/17 " 00:55:46.311" 1202125 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPLUASCRIPT.LOG"
10/09/17 " 00:55:50.967" 1206781 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\SOFTWAREHEALTH.LOG"
10/09/17 " 00:55:51.208" 1207015 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\VPS.LOG"
10/09/17 " 00:55:51.328" 1207140 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\FILTERENGINE.LOG"
10/09/17 " 00:55:51.329" 1207140 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPAGENT.LOG.LOCK"
10/09/17 " 00:55:52.118" 1207921 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPAGENTMONITOR.LOG.LOCK"
10/09/17 " 00:55:52.119" 1207937 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPEH.LOG"
10/09/17 " 00:55:52.831" 1208640 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPLUASCRIPT.LOG.LOCK"
10/09/17 " 00:55:53.087" 1208890 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\EVENT_MANAGER.LOG"
10/09/17 " 00:55:53.099" 1208906 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\MAIL.LOG"
10/09/17 " 00:55:53.256" 1209062 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\AVGSVC.LOG"
10/09/17 " 00:55:56.167" 1211984 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\SECAPI.LOG.LOCK"
10/09/17 " 00:55:56.168" 1211984 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPAGENTMONITOR.LOG"
10/09/17 " 00:55:56.168" 1211984 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\IDPDRV.LOG.LOCK"
10/09/17 " 00:55:56.997" 1212812 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\URLINFOQUERY.LOG"
10/09/17 " 00:55:56.998" 1212812 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\REPORT\EMAILSHIELD.TXT"
10/09/17 " 00:55:59.852" 1215656 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\LIM.LOG"
10/09/17 " 00:55:59.853" 1215656 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\PSI.LOG"
10/09/17 " 00:55:59.853" 1215656 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\PSI.LOG.LOCK"
10/09/17 " 00:55:59.853" 1215656 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\SECAPI.LOG"
10/09/17 " 00:56:00.440" 1216250 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\STREAMFILTER.LOG"
10/09/17 " 00:56:00.440" 1216250 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\UNIVDRV.LOG"
10/09/17 " 00:56:00.441" 1216250 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\REPORT\BEHAVIORSHIELD.TXT"
10/09/17 " 00:56:01.742" 1217546 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\REPORT\WEBSHIELD.TXT"
10/09/17 " 00:56:01.845" 1217656 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\LOG\UNIVDRV.LOG.LOCK"
10/09/17 " 00:56:10.339" 1226156 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\ASWRESP.DAT"
10/09/17 " 00:56:11.533" 1227343 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\PSI.DB"
10/09/17 " 00:56:12.753" 1228562 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\AVG\ANTIVIRUS\URL.DB"
10/09/17 " 00:56:40.221" 1256031 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\LOGS\MBAMSERVICE.LOG"
10/09/17 " 00:56:40.223" 1256031 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005141233-NTUSER.DAT.LOG1"
10/09/17 " 00:56:40.224" 1256031 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005235878-NTUSER.DAT.LOG1"
10/09/17 " 00:56:40.224" 1256031 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005143710-NTUSER.DAT.LOG1"
10/09/17 " 00:56:40.224" 1256031 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005237282-NTUSER.DAT.LOG1"
10/09/17 " 00:56:40.239" 1256046 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005143984-NTUSER.DAT.LOG1"
10/09/17 " 00:56:40.240" 1256046 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005241016-NTUSER.DAT.LOG1"
10/09/17 " 00:56:40.240" 1256046 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-NTUSER.DAT.LOG1"
10/09/17 " 00:56:40.241" 1256046 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-USRCLASS.DAT.LOG1"
10/09/17 " 00:56:40.241" 1256046 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-NTUSER.DAT.LOG1"
10/09/17 " 00:56:40.241" 1256046 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-USRCLASS.DAT.LOG1"
10/09/17 " 00:56:48.338" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005141233-NTUSER.DAT.LOG2"
10/09/17 " 00:56:48.338" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005235878-NTUSER.DAT.LOG2"
10/09/17 " 00:56:48.338" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005143710-NTUSER.DAT.LOG2"
10/09/17 " 00:56:48.339" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005237282-NTUSER.DAT.LOG2"
10/09/17 " 00:56:48.339" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005143984-NTUSER.DAT.LOG2"
10/09/17 " 00:56:48.339" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005241016-NTUSER.DAT.LOG2"
10/09/17 " 00:56:48.339" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-NTUSER.DAT.LOG2"
10/09/17 " 00:56:48.340" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-USRCLASS.DAT.LOG2"
10/09/17 " 00:56:48.340" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-NTUSER.DAT.LOG2"
10/09/17 " 00:56:48.340" 1264156 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-USRCLASS.DAT.LOG2"
10/09/17 " 00:56:48.845" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005141233-NTUSER.DAT"
10/09/17 " 00:56:48.846" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005235878-NTUSER.DAT"
10/09/17 " 00:56:48.846" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005143710-NTUSER.DAT"
10/09/17 " 00:56:48.846" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005237282-NTUSER.DAT"
10/09/17 " 00:56:48.847" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005143984-NTUSER.DAT"
10/09/17 " 00:56:48.847" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005241016-NTUSER.DAT"
10/09/17 " 00:56:48.847" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-NTUSER.DAT"
10/09/17 " 00:56:48.848" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-USRCLASS.DAT"
10/09/17 " 00:56:48.848" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-NTUSER.DAT"
10/09/17 " 00:56:48.848" 1264656 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-USRCLASS.DAT"
10/09/17 " 00:56:53.286" 1269093 1c18 1af8 ERROR HttpConnection mb::common::net::HttpConnection::SendRequest "HttpConnection.cpp" 390 "Network error."
10/09/17 " 00:56:53.286" 1269093 1c18 1af8 ERROR HttpConnection mb::common::net::HttpConnection::LogExceptionDetails "HttpConnection.cpp" 1472 "Exception details: text=No message received"
10/09/17 " 00:56:53.286" 1269093 1c18 1af8 ERROR CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 398 "Error code -9 returned in PUT to Hubble"
10/09/17 " 00:56:53.288" 1269093 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5a21dd8c-ac84-11e7-a34e-001e4fdf241c' (shuriken) => Hubble:Error"
10/09/17 " 00:56:56.681" 1272484 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5a2deba4-ac84-11e7-b265-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 00:56:57.003" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005141233-NTUSER.DAT{677B56BC-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:57.003" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005235878-NTUSER.DAT{677B56EB-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:57.003" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005143710-NTUSER.DAT{677B56C4-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:57.004" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005237282-NTUSER.DAT{677B56F1-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:57.004" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005143984-NTUSER.DAT{677B56CA-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:57.004" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005241016-NTUSER.DAT{677B56F7-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:57.005" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-NTUSER.DAT{677B56D0-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:57.005" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-USRCLASS.DAT{677B56D2-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:57.005" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-NTUSER.DAT{677B56FD-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:57.006" 1272812 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-USRCLASS.DAT{677B56FF-AC81-11E7-945F-001E4FDF241C}.TM.BLF"
10/09/17 " 00:56:59.893" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005141233-NTUSER.DAT{677B56BC-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:56:59.893" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005235878-NTUSER.DAT{677B56EB-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:56:59.894" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005143710-NTUSER.DAT{677B56C4-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:56:59.894" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005237282-NTUSER.DAT{677B56F1-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:56:59.895" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005143984-NTUSER.DAT{677B56CA-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:56:59.895" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005241016-NTUSER.DAT{677B56F7-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:56:59.895" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-NTUSER.DAT{677B56D0-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:56:59.896" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-USRCLASS.DAT{677B56D2-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:56:59.896" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-NTUSER.DAT{677B56FD-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:56:59.896" 1275703 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-USRCLASS.DAT{677B56FF-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 00:57:11.355" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005141233-NTUSER.DAT{677B56BC-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:57:11.356" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-10092017005235878-NTUSER.DAT{677B56EB-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:57:11.358" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005143710-NTUSER.DAT{677B56C4-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:57:11.359" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-10092017005237282-NTUSER.DAT{677B56F1-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:57:11.359" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005143984-NTUSER.DAT{677B56CA-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:57:11.360" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-10092017005241016-NTUSER.DAT{677B56F7-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:57:11.360" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-NTUSER.DAT{677B56D0-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:57:11.361" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005144395-USRCLASS.DAT{677B56D2-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:57:11.361" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-NTUSER.DAT{677B56FD-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:57:11.362" 1287171 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307612883-4072204045-1798725994-1002-10092017005242123-USRCLASS.DAT{677B56FF-AC81-11E7-945F-001E4FDF241C}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 00:59:19.055" 1414859 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\DIAGNOSIS\EVENTS_COSTDEFERRED.RBS"
10/09/17 " 00:59:19.511" 1415328 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT"
10/09/17 " 00:59:20.336" 1416140 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT"
10/09/17 " 00:59:22.751" 1418562 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\DIAGNOSIS\EVENTS_NORMAL.RBS"
10/09/17 " 00:59:27.862" 1423671 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\DIAGNOSIS\EVENTS_NORMALCRITICAL.RBS"
10/09/17 " 00:59:28.392" 1424203 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\DIAGNOSIS\EVENTS_REALTIME.RBS"
10/09/17 " 00:59:43.367" 1439171 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\WINDOWS\APPREPOSITORY\STATEREPOSITORY-DEPLOYMENT.SRD-SHM"
10/09/17 " 00:59:44.625" 1440437 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\WINDOWS\LFSVC\GEOFENCE\GEOFENCEAPPLICATIONID.DAT"
10/09/17 " 00:59:45.067" 1440875 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\WINDOWS\APPREPOSITORY\STATEREPOSITORY-DEPLOYMENT.SRD-WAL"
10/09/17 " 00:59:47.257" 1443062 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\WINDOWS\APPREPOSITORY\STATEREPOSITORY-MACHINE.SRD-WAL"
10/09/17 " 00:59:48.280" 1444093 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\WINDOWS\APPREPOSITORY\STATEREPOSITORY-MACHINE.SRD-SHM"
10/09/17 " 00:59:53.093" 1448906 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\WINDOWS\APPREPOSITORY\STATEREPOSITORY-MACHINE.SRD"
10/09/17 " 00:59:58.747" 1454562 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PROGRAMDATA\MICROSOFT\WINDOWS\WFP\WFPDIAG.ETL"
10/09/17 " 01:01:10.900" 1526718 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\APPLE COMPUTER\LOGS\ASL.003833_09OCT17.LOG"
10/09/17 " 01:08:18.946" 1954750 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\AVG\ANTIVIRUS\CACHE\CACHE\DATA_3"
10/09/17 " 01:08:18.970" 1954781 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\AVG\ANTIVIRUS\CACHE\CACHE\DATA_2"
10/09/17 " 01:08:19.089" 1954906 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\AVG\ANTIVIRUS\CACHE\CACHE\DATA_0"
10/09/17 " 01:08:19.089" 1954906 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\AVG\ANTIVIRUS\CACHE\CACHE\INDEX"
10/09/17 " 01:08:21.349" 1957156 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\AVG\ANTIVIRUS\CACHE\COOKIES"
10/09/17 " 01:08:22.476" 1958281 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\AVG\ANTIVIRUS\LOG\CEF_LOG.TXT"
10/09/17 " 01:08:22.766" 1958578 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\AVG\ANTIVIRUS\CACHE\CACHE\DATA_1"
10/09/17 " 01:08:24.454" 1960265 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\AVG\ANTIVIRUS\CACHE\COOKIES-JOURNAL"
10/09/17 " 01:08:25.100" 1960906 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\ROAMING\AVG\ANTIVIRUS\CACHE\VISITED LINKS"
10/09/17 " 01:10:32.870" 2088687 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\APPLE COMPUTER\LOGS\ASL.003647_09OCT17.LOG"
10/09/17 " 01:10:36.532" 2092343 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\EXPLORER\ICONCACHE_32.DB"
10/09/17 " 01:10:36.532" 2092343 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\EXPLORER\ICONCACHE_IDX.DB"
10/09/17 " 01:10:36.552" 2092359 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\EXPLORER\THUMBCACHE_96.DB"
10/09/17 " 01:10:36.666" 2092468 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\EXPLORER\ICONCACHE_16.DB"
10/09/17 " 01:10:36.930" 2092734 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\EXPLORER\THUMBCACHE_32.DB"
10/09/17 " 01:10:36.931" 2092734 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\EXPLORER\THUMBCACHE_IDX.DB"
10/09/17 " 01:10:36.952" 2092765 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\EXPLORER\ICONCACHE_256.DB"
10/09/17 " 01:10:37.016" 2092828 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\EXPLORER\ICONCACHE_48.DB"
10/09/17 " 01:10:38.028" 2093843 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\COUNTERS.DAT"
10/09/17 " 01:10:44.455" 2100265 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\NOTIFICATIONS\WPNDATABASE.DB"
10/09/17 " 01:10:44.647" 2100453 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT"
10/09/17 " 01:10:44.647" 2100453 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT{2FDEFEF8-8358-11E6-A360-B0EA3DF3CA99}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 01:10:45.205" 2101015 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT{2FDEFEF8-8358-11E6-A360-B0EA3DF3CA99}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 01:10:45.696" 2101500 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\NOTIFICATIONS\WPNDATABASE.DB-WAL"
10/09/17 " 01:10:45.696" 2101500 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\WEBCACHE\V01.LOG"
10/09/17 " 01:10:45.696" 2101500 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\WEBCACHE\V01TMP.LOG"
10/09/17 " 01:10:45.697" 2101515 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG2"
10/09/17 " 01:10:45.700" 2101515 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\NOTIFICATIONS\WPNPRMRY.TMP"
10/09/17 " 01:10:45.887" 2101703 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\WEBCACHE\WEBCACHEV01.DAT"
10/09/17 " 01:10:45.932" 2101750 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\NOTIFICATIONS\WPNDATABASE.DB-SHM"
10/09/17 " 01:10:46.072" 2101890 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG1"
10/09/17 " 01:10:46.072" 2101890 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\WEBCACHELOCK.DAT"
10/09/17 " 01:10:46.857" 2102671 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\NOTIFICATIONS\WPNDATABASE.DB-WAL"
10/09/17 " 01:10:47.973" 2103781 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\NOTIFICATIONS\WPNPRMRY.TMP"
10/09/17 " 01:10:47.975" 2103781 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DEFAULT\APPDATA\LOCAL\MICROSOFT\WINDOWS\SHELL\DEFAULTLAYOUTS.XML"
10/09/17 " 01:10:48.030" 2103843 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\WEBCACHE\WEBCACHEV01.JFM"
10/09/17 " 01:10:48.031" 2103843 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT{2FDEFEF8-8358-11E6-A360-B0EA3DF3CA99}.TM.BLF"
10/09/17 " 01:10:48.079" 2103890 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\COUNTERS.DAT"
10/09/17 " 01:10:48.627" 2104437 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\NOTIFICATIONS\WPNDATABASE.DB"
10/09/17 " 01:10:49.244" 2105046 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\NOTIFICATIONS\WPNDATABASE.DB-SHM"
10/09/17 " 01:10:50.269" 2106078 1c18 1af8 ERROR HttpConnection mb::common::net::HttpConnection::SendRequest "HttpConnection.cpp" 390 "Network error."
10/09/17 " 01:10:50.269" 2106078 1c18 1af8 ERROR HttpConnection mb::common::net::HttpConnection::LogExceptionDetails "HttpConnection.cpp" 1472 "Exception details: text=No message received"
10/09/17 " 01:10:50.269" 2106078 1c18 1af8 ERROR CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 398 "Error code -9 returned in PUT to Hubble"
10/09/17 " 01:10:50.270" 2106078 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\AIRFOIL\AIRFOIL.EXE' (shuriken) => Hubble:Error"
10/09/17 " 01:10:52.947" 2108750 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\AIRFOIL\AIRFOILSATELLITE.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:11:09.615" 2125421 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\HDD REGENERATOR\HDDREG.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:11:11.475" 2127281 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "WhiteListManager.cpp" 201 "Started batch white listing"
10/09/17 " 01:11:13.372" 2129187 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\FREAC\FREAC.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:11:13.372" 2129187 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\FREAC\UNINSTALL.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:11:13.372" 2129187 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\HDD REGENERATOR\HDD REGENERATOR.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:11:13.372" 2129187 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_cab0c25b4beacc8a545de8a1e5c3d793>::operator () "WhiteListManager.cpp" 208 "Completed batch white listing"
10/09/17 " 01:11:33.293" 2149109 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\MXETX0MNVR\UNINSTALLER.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:11:36.100" 2151906 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\SCRIBBLENAUTS UNMASKED\LAUNCHER.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:11:54.497" 2170312 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\SUGARBOX\SUGARBOX.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:11:56.915" 2172718 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES\TETRIS UNLIMITED\TETRIS.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:11:57.282" 2173093 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\SWAPFILE.SYS"
10/09/17 " 01:12:00.742" 2176546 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\HIBERFIL.SYS"
10/09/17 " 01:12:01.498" 2177312 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\PAGEFILE.SYS"
10/09/17 " 01:12:12.796" 2188609 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|D82049156621BC18787FB0746B2CA0A7C78E3AB75D4318DB92795F0A781792F1' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:12.796" 2188609 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\ATIBTMON.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:12.796" 2188609 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\ATIBTMON.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:12.797" 2188609 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "WhiteListManager.cpp" 201 "Started batch white listing"
10/09/17 " 01:12:14.565" 2190375 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|4CC8CBEB6E0672C5F682360A63A900D001F78587A57240DD02BCC1B8D190544B' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:14.565" 2190375 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\ATIECLXX.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:14.897" 2190703 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\ATIECLXX.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:14.897" 2190703 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\7f77c068-ac86-11e7-ad42-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:14.897" 2190703 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_cab0c25b4beacc8a545de8a1e5c3d793>::operator () "WhiteListManager.cpp" 208 "Completed batch white listing"
10/09/17 " 01:12:17.277" 2193093 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\8002eb7a-ac86-11e7-b5df-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:18.480" 2194296 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|32213C40712AC40F6B096277482693A1370B74BF08CBA4BC9329E9C6F9C45398' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:18.480" 2194296 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\CTXFIREG.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:18.480" 2194296 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\CTXFIREG.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:20.178" 2195984 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|37AB04F28801F95876A8E9EE6536EE9F6316F6C0ABCDFEAE8FD64C121F8AA039' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:20.178" 2195984 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\CTXFIHLP.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:20.178" 2195984 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\CTXFIHLP.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:20.180" 2195984 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "WhiteListManager.cpp" 201 "Started batch white listing"
10/09/17 " 01:12:22.818" 2198625 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|ED95F6F5BBC62E6BFD5E0718D48D7F0FF1113BD2CC9E19F660742AE38E3EE509' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:22.818" 2198625 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\DEVLOAD.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:23.501" 2199312 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\838da640-ac86-11e7-a605-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:23.501" 2199312 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\83ae4e18-ac86-11e7-ad76-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:23.501" 2199312 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\83b9e70a-ac86-11e7-909a-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:23.501" 2199312 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\DEVLOAD.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:23.501" 2199312 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_cab0c25b4beacc8a545de8a1e5c3d793>::operator () "WhiteListManager.cpp" 208 "Completed batch white listing"
10/09/17 " 01:12:23.503" 2199312 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "WhiteListManager.cpp" 201 "Started batch white listing"
10/09/17 " 01:12:25.291" 2201109 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|3C9B27DAD37B1C19362443256C750526D0799C04465814922A67E4436A9F2E83' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:25.292" 2201109 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\CTXFISPI.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:25.629" 2201437 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\CTXFISPI.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:25.629" 2201437 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\857e0bd4-ac86-11e7-90cf-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:25.629" 2201437 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_cab0c25b4beacc8a545de8a1e5c3d793>::operator () "WhiteListManager.cpp" 208 "Completed batch white listing"
10/09/17 " 01:12:25.630" 2201437 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "WhiteListManager.cpp" 201 "Started batch white listing"
10/09/17 " 01:12:26.856" 2202671 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|7C668F31CC8B4B3A2B6D04BC185ABF16A6824E84BAF3D4D83CC0AEBACF48008D' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:26.856" 2202671 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\KILLAPPS.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:26.856" 2202671 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|6E1164C023F57246522F33DE44E284638BCB20535A0A4BB975B05F45BE8DDFB0' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:26.856" 2202671 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\ENLOCSTR.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:26.856" 2202671 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\KILLAPPS.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:26.856" 2202671 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\ENLOCSTR.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:26.856" 2202671 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_cab0c25b4beacc8a545de8a1e5c3d793>::operator () "WhiteListManager.cpp" 208 "Completed batch white listing"
10/09/17 " 01:12:29.355" 2205171 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\88f51744-ac86-11e7-90d8-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:29.356" 2205171 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "WhiteListManager.cpp" 201 "Started batch white listing"
10/09/17 " 01:12:32.166" 2207968 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|44FE804538A07F9842EAF7942AD8F11D8FF2C014ACE2B4A865349C84BB3337E5' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:32.166" 2207968 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\UDAAIM32.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:32.166" 2207968 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|3DB08D95202EBD18AE4A28490FB46EC77A03D4D91B8169B8DDFB1599B473580A' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:32.166" 2207968 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\UDATEL32.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:32.445" 2208250 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\UDAAIM32.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:32.445" 2208250 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\896c1dda-ac86-11e7-9053-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:32.445" 2208250 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\UDATEL32.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:32.445" 2208250 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_cab0c25b4beacc8a545de8a1e5c3d793>::operator () "WhiteListManager.cpp" 208 "Completed batch white listing"
10/09/17 " 01:12:33.056" 2208859 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|5B5FD1AD70070927381F5CB427CD715D965E73C93C72B93F34DAAB8F827FF9CB' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:33.056" 2208859 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\REGPLIB.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:33.056" 2208859 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\REGPLIB.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:36.838" 2212640 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SAM"
10/09/17 " 01:12:36.839" 2212656 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG2"
10/09/17 " 01:12:36.840" 2212656 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM"
10/09/17 " 01:12:37.931" 2213734 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\BBI.LOG2"
10/09/17 " 01:12:38.874" 2214687 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG1"
10/09/17 " 01:12:40.771" 2216578 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT"
10/09/17 " 01:12:41.101" 2216906 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SECURITY"
10/09/17 " 01:12:41.102" 2216906 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG2"
10/09/17 " 01:12:41.808" 2217625 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG1"
10/09/17 " 01:12:42.058" 2217875 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG1"
10/09/17 " 01:12:45.601" 2221406 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\TEMP\~DF9749180EB4EBD1F3.TMP"
10/09/17 " 01:12:45.635" 2221453 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\BBI"
10/09/17 " 01:12:45.722" 2221531 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\TEMP\~DF9DF8C737DE023181.TMP"
10/09/17 " 01:12:45.795" 2221609 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\TEMP\_AVG_\AVLOCK.TXT"
10/09/17 " 01:12:46.368" 2222171 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\TEMP\_AVG_\NSFSP00000011.TMP"
10/09/17 " 01:12:47.295" 2223109 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG1"
10/09/17 " 01:12:47.557" 2223375 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\TEMP\~DFA1B6C0B275660DD4.TMP"
10/09/17 " 01:12:47.843" 2223656 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\TEMP\DESKTOP-2FD7588-20171009-0036.LOG"
10/09/17 " 01:12:47.844" 2223656 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\TEMP\OFFICECLICKTORUN.EXE_STREAMSERVER(201710090036509C0).LOG"
10/09/17 " 01:12:47.974" 2223781 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG2"
10/09/17 " 01:12:47.975" 2223781 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE"
10/09/17 " 01:12:47.975" 2223781 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG2"
10/09/17 " 01:12:48.360" 2224171 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\TEMP\~DFC9AACCEDAA49E4A6.TMP"
10/09/17 " 01:12:48.360" 2224171 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\TEMP\TMP00002EF5\TMP00000000"
10/09/17 " 01:12:48.572" 2224375 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\BBI.LOG1"
10/09/17 " 01:12:49.209" 2225015 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG2"
10/09/17 " 01:12:50.418" 2226234 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG1"
10/09/17 " 01:12:52.213" 2228015 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|4B013D4910363A3BE50C92271C484E902C11B74EFE6BC3B242FB00E0BDF1F51A' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:52.213" 2228015 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\973ed560-ac86-11e7-b479-001e4fdf241c' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:52.213" 2228015 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\973ed560-ac86-11e7-b479-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:52.245" 2228062 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|3DB08D95202EBD18AE4A28490FB46EC77A03D4D91B8169B8DDFB1599B473580A' in Hubble cache, white list status = 'WhiteListed'"
10/09/17 " 01:12:52.245" 2228062 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\TEMP\UDATEL32.EXE' in Hubble's cache, value = WhiteListed"
10/09/17 " 01:12:52.245" 2228062 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\TEMP\UDATEL32.EXE' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:12:53.149" 2228953 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\NTUSER.DAT"
10/09/17 " 01:12:54.346" 2230156 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\NTUSER.DAT.LOG1"
10/09/17 " 01:12:54.908" 2230718 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\TEMP\~DF5A60128195484CD4.TMP"
10/09/17 " 01:12:55.476" 2231281 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT{2FDEFD6D-8358-11E6-A360-B0EA3DF3CA99}.TM.BLF"
10/09/17 " 01:12:55.712" 2231515 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\NTUSER.DAT{2FDEFD8E-8358-11E6-A360-B0EA3DF3CA99}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 01:12:56.391" 2232203 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT.LOG2"
10/09/17 " 01:12:56.535" 2232343 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT{3F85C224-4B2D-11E6-80CB-E41D2D0D40E0}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 01:12:57.390" 2233203 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT{2FDEFD6D-8358-11E6-A360-B0EA3DF3CA99}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 01:12:57.391" 2233203 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT"
10/09/17 " 01:12:57.391" 2233203 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT{3F85C224-4B2D-11E6-80CB-E41D2D0D40E0}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 01:12:57.999" 2233812 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT{3F85C224-4B2D-11E6-80CB-E41D2D0D40E0}.TM.BLF"
10/09/17 " 01:12:59.392" 2235203 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\NTUSER.DAT.LOG2"
10/09/17 " 01:12:59.393" 2235203 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\NTUSER.DAT{2FDEFD8E-8358-11E6-A360-B0EA3DF3CA99}.TM.BLF"
10/09/17 " 01:13:00.539" 2236343 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\COMMS\UNISTOREDB\STORE.VOL"
10/09/17 " 01:13:00.614" 2236421 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\COMMS\UNISTOREDB\STORE.JFM"
10/09/17 " 01:13:00.717" 2236531 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\CONNECTEDDEVICESPLATFORM\CDPTRACES.LOG"
10/09/17 " 01:13:00.761" 2236578 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT"
10/09/17 " 01:13:00.761" 2236578 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT{2FDEFD6D-8358-11E6-A360-B0EA3DF3CA99}.TMCONTAINER00000000000000000002.REGTRANS-MS"
10/09/17 " 01:13:00.761" 2236578 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT.LOG1"
10/09/17 " 01:13:02.941" 2238750 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9d53c71c-ac86-11e7-9ff7-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:13:04.125" 2239937 1c18 17d8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\LOG\TRAY.LOG"
10/09/17 " 01:13:04.851" 2240656 1c18 1af8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9dbc003e-ac86-11e7-97b1-001e4fdf241c' (shuriken) => Hubble:WhiteListed"
10/09/17 " 01:13:06.011" 2241828 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\NTUSER.DAT{2FDEFD8E-8358-11E6-A360-B0EA3DF3CA99}.TMCONTAINER00000000000000000001.REGTRANS-MS"
10/09/17 " 01:13:08.116" 2243921 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT.LOG1"
10/09/17 " 01:13:08.162" 2243968 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT.LOG2"
10/09/17 " 01:13:11.532" 2247343 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\TILEDATALAYER\DATABASE\EDB.LOG"
10/09/17 " 01:13:12.500" 2248312 1c18 06e4 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\CONNECTEDDEVICESPLATFORM\CDPTRACES.LOG"
10/09/17 " 01:13:13.614" 2249421 1c18 0f50 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\FONTCACHE\~FONTCACHE-SYSTEM.DAT"
10/09/17 " 01:13:13.650" 2249453 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\COMMS\UNISTOREDB\USS.JTX"
10/09/17 " 01:13:14.624" 2250437 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\FONTCACHE\~FONTCACHE-S-1-5-21-1307612883-4072204045-1798725994-1002.DAT"
10/09/17 " 01:13:15.141" 2250953 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\TILEDATALAYER\DATABASE\VEDATAMODEL.EDB"
10/09/17 " 01:13:20.000" 2255812 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\USERS\DAD\APPDATA\LOCAL\TILEDATALAYER\DATABASE\VEDATAMODEL.JFM"
10/09/17 " 01:13:20.257" 2256062 1c18 108c WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\CONNECTEDDEVICESPLATFORM\CDPTRACES.LOG"
10/09/17 " 01:13:20.705" 2256515 1c18 17f8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\FONTCACHE\~FONTCACHE-FONTFACE.DAT"
10/09/17 " 01:13:26.450" 2262265 1c18 17f4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3505 "Threat detected: ThreatName=HackTool.IdleKMS, FilePath=C:\WINDOWS\SECOH-QAD.EXE"
10/09/17 " 01:13:26.579" 2262390 1c18 17f4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 206 "Finding linked traces"
10/09/17 " 01:13:26.816" 2262625 1c18 17f4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 424 "Ignoring clean item because it is a duplicate, C:\WINDOWS\SECOH-QAD.EXE and C:\Windows\SECOH-QAD.EXE"
10/09/17 " 01:13:30.951" 2266765 1c18 13a8 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanUtils::ReadFileUsingDDA "ScanUtils.cpp" 219 "The SwissArmySDK is not available, cannot read the file, FilePath = C:\WINDOWS\DEBUG\PASSWD.LOG"
10/09/17 " 01:15:13.769" 2369578 1c18 1da8 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 143 "Shutting down linker, waiting for it to complete"
10/09/17 " 01:15:13.769" 2369578 1c18 1da8 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::UnInit "Linker.cpp" 130 "Un-initializing linker"
10/09/17 " 01:15:24.149" 2379953 1c18 1da8 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 143 "Shutting down linker, waiting for it to complete"
10/09/17 " 01:15:31.539" 2387343 1c18 1da8 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
10/09/17 " 01:15:32.112" 2387921 1c18 1da8 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::PerformScan "Scanner.cpp" 1046 "Scan completed."
10/09/17 " 01:15:32.112" 2387921 1c18 1da8 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
10/09/17 " 01:15:32.112" 2387921 1c18 1da8 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
10/09/17 " 01:16:13.275" 2429078 1c18 1354 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\\MBAMCore.dll>."
10/09/17 " 01:16:32.809" 2448625 1c18 1354 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
10/09/17 " 01:16:32.809" 2448625 1c18 1354 INFO CleanControllerImpl Cleaner::Clean "Cleaner.cpp" 55 "Start of clean, client 'MbamUI', detection results 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\17cd0e94-ac83-11e7-8eca-001e4fdf241c.json'"
10/09/17 " 01:16:33.044" 2448859 1c18 1354 INFO CleanControllerImpl DOREngine::PreCleanIsRebootRequired "DOREngine.cpp" 119 "Must reboot, special file C:\Windows\SECOH-QAD.EXE"
10/09/17 " 01:16:33.170" 2448984 1c18 1354 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 395 "Quarantining C:\WINDOWS\SECOH-QAD.EXE"
10/09/17 " 01:16:33.740" 2449546 1c18 1354 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 320 "Starting cleaning of File C:\WINDOWS\SECOH-QAD.EXE"
10/09/17 " 01:16:33.741" 2449546 1c18 1354 INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1156 "Cleaning file 'C:\WINDOWS\SECOH-QAD.EXE', anti-rootkit = false"
10/09/17 " 01:16:34.516" 2450328 1c18 1354 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1518 "Deleting file 'C:\Windows\SECOH-QAD.EXE', resolved path = 'C:\Windows\SECOH-QAD.EXE'"
10/09/17 " 01:16:50.451" 2466265 1c18 1354 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1691 "Succeeded cleaning file 'C:\Windows\SECOH-QAD.EXE'"
10/09/17 " 01:16:50.452" 2466265 1c18 1354 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 138 "Copying quarantine metadata for C:\WINDOWS\SECOH-QAD.EXE"
10/09/17 " 01:16:50.527" 2466343 1c18 1354 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 639 "Succeeded quarantining File 'C:\Windows\SECOH-QAD.EXE'"
10/09/17 " 01:16:50.527" 2466343 1c18 1354 INFO CleanControllerImpl Cleaner::RebuildSystemRegistryValues "Cleaner.cpp" 449 "Rebuilding system registry values."
10/09/17 " 01:16:50.528" 2466343 1c18 1354 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 432 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages, from 'scecli^^' to 'scecli'."
10/09/17 " 01:16:50.528" 2466343 1c18 1354 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 432 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages, from '""""^^' to '""""'."
10/09/17 " 01:16:50.529" 2466343 1c18 1354 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 432 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages, from 'msv1_0^^' to 'msv1_0'."
10/09/17 " 01:16:50.531" 2466343 1c18 1354 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Windows\SECOH-QAD.EXE'"
10/09/17 " 01:16:50.577" 2466390 1c18 1354 INFO CleanControllerImpl Cleaner::ExecutePostCleanupActions "Cleaner.cpp" 576 "Executing post-cleanup actions"
10/09/17 " 01:16:50.578" 2466390 1c18 1354 INFO Actions ActionsManager::ProcessThreatActionsV2 "ActionsManager.cpp" 835 "Executing post cleanup actions"
10/09/17 " 01:16:50.772" 2466578 1c18 1354 INFO CleanControllerImpl Cleaner::Clean "Cleaner.cpp" 267 "Completed clean from client MbamUI, detection results C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\17cd0e94-ac83-11e7-8eca-001e4fdf241c.json, status DORRequired"
10/09/17 " 01:16:51.233" 2467046 1c18 1354 INFO CleanControllerImpl CleanControllerImpl::SetAutoStartOverrideDueToDOR "CleanControllerImpl.cpp" 2518 "Service auto-start override was set"
10/09/17 " 01:16:51.398" 2467203 1c18 1354 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."

Aww Shucks - Thanks. Also think your way cleverer though
Malwarebytes now installed ok and works
Run a scan - Log Below. Only one thing found relating to the KMSPico thing I had
cleverer, is that a real word?
lol thank you

**
Yeah for MalwareBytes!
I think what you've posted is an applications log of sorts. To find the malware scan log
You can access the logs by going in the "Reports" tab, clicking on the latest "Scan" entry (the one with detections), then clicking on the "Export" button in the bottom-left corner and select "Copy to clipboard". After that, all you have to do is paste it here

Usually at this point I recommend running an online scan, up to it?
Look back a couple of post and look at what I posted for Emsisoft Emergency Kit

Or, are you ready to remove tools and quarantine folders?

Running the EMISOFT Scanner now 90% done

Yep ! Cleverer (More Clever) Jamp (Jumped) yous (You both) Yogi Berra'd be proud of me LOL :red:

Ok Sorry Yep - Here it is :

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/9/17
Scan Time: 12:47 AM
Log File: 17cd0e94-ac83-11e7-8eca-001e4fdf241c.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.2976
License: Free

-System Information-
OS: Windows 10 (Build 14393.187)
CPU: x86
File System: NTFS
User: DESKTOP-2FD7588\Dad

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 291010
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 27 min, 42 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Generic.Malware/Suspicious, C:\WINDOWS\SECOH-QAD.EXE, Delete-on-Reboot, [0], [392686],1.0.2976

Physical Sector: 0
(No malicious items detected)


(end)

Emisoft Log :

Emsisoft Emergency Kit - Version 2017.8
Last update: 9/10/17 01:18:19
User account: DESKTOP-2FD7588\Dad
Computer name: DESKTOP-2FD7588
OS version: Windows 10x86

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off

Scan start: 9/10/17 01:29:56
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{55D63393-DB17-4A2B-9052-15D85B4B1344} detected: Application.AdReg (A) [271358]

Scanned 79956
Found 1

Scan end: 9/10/17 01:53:18
Scan time: 0:23:22

Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{55D63393-DB17-4A2B-9052-15D85B4B1344} Application.AdReg (A)

Quarantined 1

Good deal
I knew the tools we use might find that.

OK
So that people don't start talking about us connecting so much on the internet, we gotta say good bye.
The country girl is wore out! and I got to go cook supper.


DelFix


Please download DelFix (https://www.bleepingcomputer.com/download/delfix/) or from Here (http://www.bleepingcomputer.com/download/delfix/) and save the file to your Desktop.
Double-click DelFix.exe to run the programme.
Place a checkmark next to the following items:
Activate UAC
Remove disinfection tools
Click the Run button.
-- This will remove the specialized tools we used to disinfect your system.
Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

****************************

hahaha

Done !

Thanks for all your help

Where are you based - Love country girls LOL

Oh just found a glitch in my system (I hope the only one)

Tried opening a .jpg and a .png file for work and both wont open coming up with a message invalid value for registry. same for all photos on my system now.

Will this be due to my registry being a bit all over the place now having restored it to last weeks (pre changes we made) ?

Where are you based - Love country girls LOL

Tried opening a .jpg and a .png file for work and both wont open coming up with a message invalid value for registry. same for all photos on my system now.
Will this be due to my registry being a bit all over the place now having restored it to last weeks (pre changes we made) ?
*Tennessee*

I think your registry has been through quite an ordeal. Makes me kinda feel what we might do to it now could wreck the repairs that were done.
But,
What are you trying to view the jpg's with, the Photos app or something else ? What photo viewer programs do you have ?
Does the "Photos" app work OK when you launch it from the Start Menu?
The easy thing to try first is this -

1. Click "Start", then click "Settings".
2. Click the first option "System".
3. On the left side second from the bottom, click "Default Apps".
4. Click the name of the App under "Photo Viewer" (Should currently say "Photos").
5. Select "Windows Photo Viewer" or any other App.

or
R-click a jpg/click Open with/Choose another app. In the window that opens, click on the app you want to use, tick Always use this app to open .jpg files/click OK.
This should reset the default registry settings, if it's corrupted.
*********
SFC -System File Checker
https://www.howtogeek.com/222532/how-to-repair-corrupted-windows-system-files-with-the-sfc-and-dism-commands/

It was Win 10 Photo Viewer I had been using - I've now installed a third part photoviewer which seems to work ok

Followed an online tutorial to uninstall photoviewer with windows powershell - by typing ............. get-appxpackage *Microsoft.Windows.Photos* | remove-appxpackage

I tried then reinstalling using windows app store but it doesn't load just flashes up briefly and disappears

when I go into default apps and try and associate an app from the app store (photo viewer - as its now missing) as soon as I click on look for an app in the store it generates a similar error message ms-windows-store :assoc?filext=.jpg

I got Appstore and windows photo viewer working by following step 3 here

https://www.jitbit.com/alexblog/246-resolving-issues-with-store-in-windows-10/

Fingers crossed:lip:

hate to ask as I know i've potentially created a registry minefield but is there any tools I can use to iron out registry conflicts that may be lurking waiting to pounce ?

Thanks

Man, you mess up this computer after we've worked so hard to get it up and running again, ..........(Thats what I'd tell my boyfriend)
Your kinda taking me out of my comfort zone here.


The only thing I feel that I would trust here,
Backup the registry first and create a restore point.

Windows Repair toolTweaking.com - Windows Repair All-In-One (Portable)

- Download Windows Repair All-In-One (Portable Version) from here (http://www.tweaking.com/content/page/windows_repair_all_in_one.html).

- Extract tweaking.com_windows_repair_aio.zip to your Desktop.

- Disable all your antivirus and antimalware software - see how to do that here (http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/).
- Right click on https://i.imgur.com/QfBzvq1.png and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
(Windows Vista/7/8 users: Accept UAC warning if it is enabled.)

- A window will appear. Click Step 2.
http://i.imgur.com/2f8o60N.png

- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.

- Depending on which error Windows Repair found, click Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.

- Go to Step 3, then click Check in the See If Check Disk Is Needed.

- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk.
http://i.imgur.com/Ymy7crZ.png

- Go to Step 4, then click Do It.
http://i.imgur.com/zDtdN75.png

- Go to Step 5. Under System Restore click Create.
http://i.imgur.com/f7lEe1N.png

- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.
http://i.imgur.com/PGv2vtD.png

Right ! Jules me gal !!!

Think you've done it! PC hasn't run so well in a long long time. And fingers crossed it has no glitches yet.

Even allowing me to select Windows mail as my default email program which has never been an option in default Apps before. (Because I'm stubborn and hate change and have been migrating "Windiws mail" from vista to 7 and 10 for years)

So thanks very much for all your input and perseverance with this (me) :heart:

Love Murdo (Romeo) x

Hallelujah

Let's remove tools and send you on your way.



Please download DelFix (https://www.bleepingcomputer.com/download/delfix/) or from Here (http://www.bleepingcomputer.com/download/delfix/) and save the file to your Desktop.
Double-click DelFix.exe to run the programme.
Place a checkmark next to the following items:
Activate UAC
Remove disinfection tools
Click the Run button.
-- This will remove the specialized tools we used to disinfect your system.
Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

*********

Glad we could help. http://i.imgur.com/SakDYGv.gif
Since this issue appears resolved ... this Topic is closed.