| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-ThreadsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.05.2018, 21:26
| #1 |
 |  Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Hallo, ich hab mir die Anleitungen sorgfältig durchgelesen aber ich weiß bei Folgendem nicht, wie ich es machen muss: Ich habe ein Win10 Profesisonal mit 2 Windows-Benutzern: Admin und "Arbeitsbenutzer". Für gewöhnlich arbeite ich mit letzterem, habe aber neulich 2 Tage vergessen, den Admin abzumelden) Beim "Arbeitsbenutzer" sind Probleme aufgetreten (Avast schlug an, ich hab ein PUP in Quarantäne geschickt und dachte gut ist). Dann hatte mein Mann mit seinem Laptop Probleme und ich hab den ganz neu aufgesetzt, weil sich da offensichtlich was eingenistet hatte und er wenig Programme/Daten hat (ist noch Win7) Dann hab ich doch MBAM über meinen Win10 PC laufen lassen, das gab auch ein paar PUPs, die ich in Quarantäne geschickt hatte. Nochmaliger Scan ergab nichts mehr Als aber dann auf diesem Rechner ähnliche Fenster auftraten wie auf dem Laptop meines Manns (à la: Ihr Windows ist unsicher, drücken Sie aktualisieren, sie haben noch x Sekunden) hab ich beschlossen, mich hierhin zu wenden. Muss ich die ganzen Werkzeuge unter dem Admin-Benutzer laufen lassen, auch wenn die Pb beim "Arbeitsbenutzer" aufgetaucht sind? Ich habe einen ESET-Onlinescan laufen lassen (unter dem Arbeitsbenutzer), aber ich kann den log.txt nicht nach Anweisung finden (habe auch bei Admin geschaut mit Hilfe des Everything-Suchprogramms). Muss ich erst einen neuen mit dem Admin machen, bevor ich hier was poste? (ich habe eine txt mit den Meldungen, aber das ist offenbar was anderes als ein Logfile) PS: Ich war als Werbetexterin halbtags angestellt, aber habe auch ein bisschen nebenher freiberuflich gearbeitet, also ist der PC teilweise kommerziell genutzt) PPS: Ich bitte höflich um Hilfe - ihr habt mir vor Jahren schon einmal erfolgreich geholfen. Danach hab ich wohl lange Glück gehabt. |
|
14.05.2018, 11:18
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-ThreadsZitat:
Log von ESET findet man wenn man die Anleitung richtig liest siehe https://www.trojaner-board.de/186277...e-scanner.html Alle Logs bitte in CODE-Tags  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
14.05.2018, 12:13
| #3 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Hallo Cosinus!
__________________Danke für deine Antwort. Es hakt daran, dass ich nicht weiß, ob ich für alle folgenden Aktionen als Admin oder normaler User eingloggt sein muss/darf. Wenn das jetzt überhaupt noch egal ist, denn ich habe heute Nacht noch einen ESET-Scan unterm Admin-Konto laufen lassen (und der hat gemerkt dass es vorher schon einen gab und wollte nur noch ergänzen) Wenn ich weiß, welcher Benutzer ich hierzu sein soll, poste ich sehr dankbar alles, was du willst! |
|
14.05.2018, 12:18
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Du sollst doch erstmal nur die schon vorhandenen Logs posten 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.05.2018, 13:50
| #5 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Ich versuch, alles richtig zu machen. Den AVAST-Log von vor 2 Tagen gibt es nicht mehr. Im Virus-Container steht: Other:Malware-gen [Trj] Document Fraud Case Eingehende E-Mail "Urgent: Plea..." Der MBAM-Scan von gestern ist leider zu lang, darum folgen hier die Einzelteile (das soll ja zum Arbeiten besser sein als Anhänge) Code:
ATTFilter 05/12/18 " 13:49:11.470" 794169234 49d0 04dc INFO LogController CLogController::Start "LogController.cpp" 93 "Started logging"
05/12/18 " 13:49:11.470" 794169234 49d0 04dc INFO LogController CLogController::Start "LogController.cpp" 95 "Local time zone: 'Mitteleuropäische Sommerzeit' (UTC+02:00)"
05/12/18 " 13:49:11.470" 794169234 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 371 "Service Controller starting controller initialization"
05/12/18 " 13:49:11.470" 794169234 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 372 "Product code MBAM-C"
05/12/18 " 13:49:11.470" 794169234 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 373 "Product version 3.5.1.2522"
05/12/18 " 13:49:11.470" 794169234 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 374 "Product build consumer"
05/12/18 " 13:49:11.486" 794169250 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 375 "OS Version Windows 10 (Build 16299.371)"
05/12/18 " 13:49:11.731" 794169500 49d0 04dc WARNING PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::LoadConfig "PoliciesConfigHandler.cpp" 414 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\PoliciesConfig.json. Using default values."
05/12/18 " 13:49:11.793" 794169562 49d0 04dc INFO PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::ShellExtensionControl "PoliciesConfigHandler.cpp" 1177 "Shell extension registered."
05/12/18 " 13:49:11.794" 794169562 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "ServiceControllerImplementation.cpp" 2023 "Policies Controller Started"
05/12/18 " 13:49:11.794" 794169562 49d0 04dc INFO LicenseControllerCOM CLicenseController::Start "LicenseController.cpp" 98 "CLicenseController::Start"
05/12/18 " 13:49:11.925" 794169687 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "ServiceControllerImplementation.cpp" 2053 "License Controller Started"
05/12/18 " 13:49:12.009" 794169765 49d0 04dc WARNING UpdateControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json"
05/12/18 " 13:49:12.009" 794169765 49d0 04dc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ReadConfig "UpdateControllerImplHelper.cpp" 395 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json not found; using default values"
05/12/18 " 13:49:12.011" 794169781 49d0 04dc WARNING UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "UpdateControllerImplHelper.cpp" 216 "Controller package version is 1.0.0 - config file may have reset"
05/12/18 " 13:49:12.039" 794169796 49d0 04dc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetInitialPackageVersions "UpdateControllerImplHelper.cpp" 2616 "Setting initial package versions"
05/12/18 " 13:49:12.045" 794169812 49d0 04dc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetInitialPackageVersions "UpdateControllerImplHelper.cpp" 2662 "Setting DB publication date"
05/12/18 " 13:49:12.049" 794169812 49d0 04dc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "UpdateControllerImplHelper.cpp" 324 "COMPONENT PACKAGE VERSION: 1.0.365, DB PACKAGE VERSION: 1.0.5068"
05/12/18 " 13:49:12.274" 794170031 49d0 04dc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 13:49:13.709" 794171468 49d0 04dc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 13:49:13.709" 794171468 49d0 04dc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 13:49:13.840" 794171609 49d0 04dc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetMinSupportedCULevel "UpdateControllerImplHelper.cpp" 5122 "Minimum supported Component (CU) package version is: 1.0.354"
05/12/18 " 13:49:13.840" 794171609 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "ServiceControllerImplementation.cpp" 2110 "Update Controller Started"
05/12/18 " 13:49:13.840" 794171609 49d0 04dc INFO CloudController CCloudController::Start "CloudController.cpp" 101 "CCloudController::Initialize"
05/12/18 " 13:49:13.972" 794171734 49d0 04dc INFO CloudCtrlImpl Initialize "CloudControllerImpl.cpp" 58 "CC Initialize called"
05/12/18 " 13:49:14.056" 794171812 49d0 04dc WARNING CloudCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json"
05/12/18 " 13:49:14.056" 794171812 49d0 04dc INFO CloudCtrlImpl CloudControllerImplHelper::ReadConfig "CloudControllerImplHelper.cpp" 2255 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json not found; using default values"
05/12/18 " 13:49:14.172" 794171937 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "ServiceControllerImplementation.cpp" 2141 "Cloud Controller Started"
05/12/18 " 13:49:14.187" 794171953 49d0 04dc INFO TelemController CTelemetryController::Start_impl "TelemetryController.cpp" 157 "::Initialize"
05/12/18 " 13:49:14.710" 794172468 49d0 04dc WARNING TelemCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\TelemCtrlConfig.json"
05/12/18 " 13:49:14.710" 794172468 49d0 04dc INFO TelemCtrlImpl TelemetryControllerImpl::ReadConfig "TelemetryControllerImplHelper.cpp" 797 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\TelemCtrlConfig.json not found; using default values"
05/12/18 " 13:49:14.757" 794172515 49d0 04dc WARNING TelemCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\telemetry.json"
05/12/18 " 13:49:14.757" 794172515 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartTelemetryController "ServiceControllerImplementation.cpp" 2202 "Telemetry Controller Started"
05/12/18 " 13:49:14.773" 794172531 49d0 04dc INFO CleanController CCleanController::StartV2 "CleanController.cpp" 155 "Initializing CleanController"
05/12/18 " 13:49:14.872" 794172640 49d0 04dc INFO CleanControllerImpl CleanControllerImpl::Start "CleanControllerImpl.cpp" 90 "Starting Clean Controller Impl"
05/12/18 " 13:49:14.872" 794172640 49d0 04dc WARNING CleanControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CleanControllerConfig.json"
05/12/18 " 13:49:14.872" 794172640 49d0 04dc WARNING CleanControllerImpl CleanControllerImpl::ReadConfig "CleanControllerImpl.cpp" 269 "Failed to read config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CleanControllerConfig.json"
05/12/18 " 13:49:14.872" 794172640 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 825 "Initializing system paths and resolving DOR status"
05/12/18 " 13:49:14.872" 794172640 49d0 04dc INFO CleanController CCleanController::StartV2::<lambda_0c7e478e3a96988dedb44b6982b548fa>::operator () "CleanController.cpp" 156 "CleanController initialization complete"
05/12/18 " 13:49:14.872" 794172640 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartCleanController "ServiceControllerImplementation.cpp" 2264 "Clean Controller Started"
05/12/18 " 13:49:14.910" 794172671 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 846 "Processing pending actions"
05/12/18 " 13:49:15.157" 794172921 49d0 04dc WARNING ScanControllerImpl mb::scancontrollerimpl::ScanConfigHandler::LoadConfig "ScanConfigHandler.cpp" 85 "Could not load config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ScanConfig.json. Using default values."
05/12/18 " 13:49:15.210" 794172968 49d0 4bfc INFO Actions ActionsManager::ProcessPendingActionsAfterReboot "ActionsManager.cpp" 972 "Executing pending post cleanup actions"
05/12/18 " 13:49:15.210" 794172968 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 951 "Initializing CLS Engine"
05/12/18 " 13:49:15.225" 794172984 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 986 "Initializing swiss army SDK"
05/12/18 " 13:49:15.376" 794173140 49d0 04dc INFO SwissarmyDDA DDAInstall "dda.cpp" 249 "Existing driver is not loaded."
05/12/18 " 13:49:15.926" 794173687 49d0 04dc INFO SwissarmyDDA DDAInstall "dda.cpp" 261 "Successfully installed swissarmy driver."
05/12/18 " 13:49:15.926" 794173687 49d0 04dc INFO SwissarmyShim SwissarmyShimImpl::InstallEx "SwissarmyShimImpl.cpp" 1715 "Swissarmy was successfully installed. DdaContext (00000146D5ED3240), Mode (0), DriverName (MBAMSwissArmy), DeviceFileName (\\.\MBAMSwissArmy), LogFile (), BootStart (false)."
05/12/18 " 13:49:15.973" 794173734 49d0 4bfc INFO SwissarmyShim SwissarmyShimImpl::InstallEx "SwissarmyShimImpl.cpp" 1715 "Swissarmy was successfully installed. DdaContext (00000146D5EAD900), Mode (1), DriverName (MBAMSwissArmy), DeviceFileName (\\.\MBAMSwissArmy), LogFile (), BootStart (false)."
05/12/18 " 13:49:15.973" 794173734 49d0 4bfc INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/12/18 " 13:49:16.169" 794173937 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartScanController "ServiceControllerImplementation.cpp" 2294 "Scan Controller Started"
05/12/18 " 13:49:16.169" 794173937 49d0 4bfc INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/12/18 " 13:49:16.185" 794173953 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1033 "Loading Hubble cache"
05/12/18 " 13:49:16.291" 794174046 49d0 04dc WARNING RTPControllerImpl mb::rtpcontrollerimpl::RTPConfigHandler::LoadConfig "RTPConfigHandler.cpp" 137 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\RtpConfig.json. Using default values."
05/12/18 " 13:49:16.295" 794174062 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartRtpController "ServiceControllerImplementation.cpp" 2324 "RTP Controller Started"
05/12/18 " 13:49:16.295" 794174062 49d0 04dc INFO MWACControllerCOM CMWACController::InitializeV2 "MWACController.cpp" 315 "Initializing MWAC Controller"
05/12/18 " 13:49:16.296" 794174062 49d0 04dc INFO MWACControllerCOM CMWACController::InitializeV2::<lambda_643a76174211e62591089d2d15f087a3>::operator () "MWACController.cpp" 316 "MWAC Controller initialization complete"
05/12/18 " 13:49:16.375" 794174140 49d0 04dc INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacConfigHandler::CreateMwacConfigFile "MwacConfigHandler.cpp" 386 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\MwacControllerConfig.json. Using default values."
05/12/18 " 13:49:16.382" 794174140 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartMWACController "ServiceControllerImplementation.cpp" 2355 "MWAC Controller Started"
05/12/18 " 13:49:16.874" 794174640 49d0 04dc INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwConfigHandler::LoadConfig "ArwConfigHandler.cpp" 67 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwControllerConfig.json. Using default values."
05/12/18 " 13:49:16.959" 794174718 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartArwController "ServiceControllerImplementation.cpp" 2388 "ARW Controller Started"
05/12/18 " 13:49:17.378" 794175140 49d0 04dc WARNING AEControllerImpl mb::aecontrollerimpl::AEConfigHandler::LoadConfig "AeConfigHandler.cpp" 159 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\AeConfig.json. Using default values."
05/12/18 " 13:49:17.410" 794175171 49d0 04dc ERROR AEControllerImpl mb::aecontrollerimpl::AEShimModuleLoader::AeShimSetExclusions "AEShimModuleLoader.cpp" 365 "Cannot set exclusions! AEShim is not loaded."
05/12/18 " 13:49:17.410" 794175171 49d0 04dc ERROR AEControllerImpl mb::aecontrollerimpl::AeExclusionsHandler::InitializeExclusions "ExclusionsHandler.cpp" 73 "Could not configure exclusions in MbaeSdk (-1)"
05/12/18 " 13:49:17.544" 794175312 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1060 "Starting white list manager"
05/12/18 " 13:49:17.575" 794175343 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1079 "Starting restore engine"
05/12/18 " 13:49:17.612" 794175375 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1103 "Initializing Browser SDK"
05/12/18 " 13:49:17.675" 794175437 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1135 "Entering into main loop"
05/12/18 " 13:49:18.385" 794176156 49d0 04dc ERROR AEControllerImpl mb::aecontrollerimpl::AEShimModuleLoader::AeShimSetConfig "AEShimModuleLoader.cpp" 295 "Cannot set config! AEShim is not loaded."
05/12/18 " 13:49:18.385" 794176156 49d0 04dc ERROR AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::AeSetOption "AEControllerImplHelper.cpp" 1184 "Error configuring mbae sdk engine (-1)"
05/12/18 " 13:49:18.385" 794176156 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartAEController "ServiceControllerImplementation.cpp" 2418 "Anti-Exploit Controller Started"
05/12/18 " 13:49:18.605" 794176375 49d0 04dc WARNING SPControllerImpl mb::spcontrollerimpl::SpConfigHandler::LoadConfig "SpConfigHandler.cpp" 351 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\Config\SpConfigFile.json. Using default values."
05/12/18 " 13:49:18.605" 794176375 49d0 04dc INFO SPControllerImpl mb::spcontrollerimpl::SpConfigHandler::LoadConfig "SpConfigHandler.cpp" 411 "Protecting MBAM Install path - C:\Program Files\Malwarebytes\Anti-Malware\"
05/12/18 " 13:49:18.637" 794176406 49d0 04dc INFO SPControllerImpl mb::spcontrollerimpl::SPShimModuleLoader::SPShimSetVerificationMode "SPShimModuleLoader.cpp" 445 "verification mode = 0 ."
05/12/18 " 13:49:18.637" 794176406 49d0 04dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 171 "Successfully initialized the SPControllerImpl, spFolderPath=[C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE]."
05/12/18 " 13:49:18.637" 794176406 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 2171 "Self-Protection Controller Started"
05/12/18 " 13:49:18.637" 794176406 49d0 04dc INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 2173 "Start Service Controller complete"
05/12/18 " 13:49:18.671" 794176437 49d0 3da8 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x1"
05/12/18 " 13:49:20.022" 794177781 0000 08ac INFO MBAMInstaller IService.cpp "MbamService::Initialize" 233 "Starting post install process."
05/12/18 " 13:49:20.037" 794177796 0000 08ac INFO MBAMInstaller suhlpr.cpp "EP2" 798 "Starting Trial"
05/12/18 " 13:49:20.037" 794177796 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::GetInstallationToken "KeystoneImpl.cpp" 1086 "Unable to retreive the installation token data. Performing a register to receive a token from Keystone."
05/12/18 " 13:49:20.037" 794177796 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::GetInstallationToken "KeystoneImpl.cpp" 1100 "GetInstallationToken machineId is empty, calulating the machineId."
05/12/18 " 13:49:20.466" 794178234 49d0 1acc INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/12/18 " 13:49:20.467" 794178234 49d0 1acc INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/12/18 " 13:49:21.809" 794179578 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::LicenseState "LicenseConfigHandler.cpp" 919 "License state changed."
05/12/18 " 13:49:21.809" 794179578 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::SendLicenseStateChangedNotification "LicenseConfigHandler.cpp" 1262 "Called License state changed callback."
05/12/18 " 13:49:21.809" 794179578 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::LicenseState "LicenseConfigHandler.cpp" 927 "LicenseStateChangedNotification Sent with license state [1]."
05/12/18 " 13:49:21.809" 794179578 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::SetReportLicenseState "LicenseConfigHandler.cpp" 1328 "Setting ReportStateChange flag to (true)."
05/12/18 " 13:49:21.877" 794179640 49d0 1acc WARNING PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::LoadClientData "PoliciesConfigHandler.cpp" 1379 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\MbamClientConfig.json"
05/12/18 " 13:49:21.940" 794179703 49d0 1814 WARNING LicenseControllerImpl mb::licensecontrollerimpl::CLicenseControllerImpl::Check "LicenseControllerImplHelper.cpp" 265 "MinutesUntilNextCheck is invalid."
05/12/18 " 13:49:21.955" 794179718 49d0 4ed0 INFO ScanControllerImpl mb::scancontrollerimpl::ScanScheduler::UpdateScheduledScans "ScanScheduler.cpp" 1067 "License state changed from Unknown to Free. Removing existing scheduled scans and adding a default monthly scan."
05/12/18 " 13:49:21.977" 794179734 49d0 1acc WARNING PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::LoadClientData "PoliciesConfigHandler.cpp" 1379 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\MbamClientConfig.json"
05/12/18 " 13:49:21.977" 794179734 49d0 4ed0 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::SetLicenseState "MWACControllerImplHelper.cpp" 3360 "Entering SetLicenseState Current State is [Not Available]; New License State is [Free]"
05/12/18 " 13:49:21.977" 794179734 49d0 4ed0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetLicenseState "SPControllerImplHelper.cpp" 1281 "Setting SpLicenseState to [1]"
05/12/18 " 13:49:22.306" 794180062 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::LicenseState "LicenseConfigHandler.cpp" 919 "License state changed."
05/12/18 " 13:49:22.306" 794180062 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::SendLicenseStateChangedNotification "LicenseConfigHandler.cpp" 1262 "Called License state changed callback."
05/12/18 " 13:49:22.306" 794180062 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::LicenseState "LicenseConfigHandler.cpp" 927 "LicenseStateChangedNotification Sent with license state [2]."
05/12/18 " 13:49:22.306" 794180062 49d0 4600 INFO LicenseControllerImpl mb::licensecontrollerimpl::LicenseConfigHandler::SetReportLicenseState "LicenseConfigHandler.cpp" 1328 "Setting ReportStateChange flag to (true)."
05/12/18 " 13:49:22.340" 794180109 0000 08ac INFO MBAMInstaller IService.cpp "MbamService::~MbamService" 83 "Post install process finished."
05/12/18 " 13:49:22.577" 794180343 49d0 4190 WARNING PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::LoadClientData "PoliciesConfigHandler.cpp" 1379 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\MbamClientConfig.json"
05/12/18 " 13:49:22.577" 794180343 49d0 4ed0 INFO ScanControllerImpl mb::scancontrollerimpl::ScanScheduler::UpdateScheduledScans "ScanScheduler.cpp" 1081 "License state changed from Free to Trial. Removing existing scheduled scans and adding a default daily scan."
05/12/18 " 13:49:22.577" 794180343 49d0 4ed0 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::SetLicenseState "MWACControllerImplHelper.cpp" 3360 "Entering SetLicenseState Current State is [Not Available]; New License State is [Trial]"
05/12/18 " 13:49:22.609" 794180375 49d0 4ed0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetLicenseState "SPControllerImplHelper.cpp" 1281 "Setting SpLicenseState to [2]"
05/12/18 " 13:49:22.609" 794180375 49d0 4ed0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::StartProtection "SPControllerImplHelper.cpp" 1100 "Enter StartProtection for SP controller."
05/12/18 " 13:49:22.624" 794180390 49d0 4ed0 INFO SPSDK AnalyzeDriverState "SelfProtectionUser.cpp" 537 "AnalyzeDriverState returns 0x5"
05/12/18 " 13:49:22.624" 794180390 49d0 4574 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::LoadAeSdk "AEControllerImplHelper.cpp" 292 "Load and initialize the MbaeSdk"
05/12/18 " 13:49:22.725" 794180484 49d0 2388 INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/12/18 " 13:49:22.778" 794180546 49d0 4528 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwRulesHandler::LoadConfig "RulesHandler.cpp" 39 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwRulesConfig.json. Using default values."
05/12/18 " 13:49:22.778" 794180546 49d0 4da8 INFO ArwSDK "" 0 "{Thread: 0x00004528, Tick: 0x2F563BC2} [ArwLib::Globals::Impl_SetRules] Rules received."
05/12/18 " 13:49:22.778" 794180546 49d0 4da8 INFO ArwSDK "" 0 "{Thread: 0x00004528, Tick: 0x2F563BC2} [ArwLib::Globals::Impl_SetRules] Rules applied correctly."
05/12/18 " 13:49:22.847" 794180609 49d0 4ed0 INFO SPSDK Install "SelfProtectionUser.cpp" 91 "SelfProtection driver was successfully installed. Path=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE> Mode=<1>."
05/12/18 " 13:49:22.848" 794180609 49d0 4ed0 INFO SPSDK Install "SelfProtectionUser.cpp" 125 "SelfProtection driver is active!"
05/12/18 " 13:49:22.909" 794180671 49d0 2f38 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/12/18 " 13:49:23.024" 794180781 49d0 2388 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
05/12/18 " 13:49:23.827" 794181593 49d0 4574 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 205 "mbae-api-na.dll was successfully loaded. aePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbae-api-na.dll>."
05/12/18 " 13:49:23.864" 794181625 49d0 4574 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 220 "Successfully Initialized MBAE"
05/12/18 " 13:49:23.864" 794181625 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeSetConfig "AeShimImpl.cpp" 249 "Successfully configured MBAE."
05/12/18 " 13:49:24.593" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeSetExclusions "AeShimImpl.cpp" 337 "Successfully set exclusion list"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winrar.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzip.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7z.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zFM.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zG.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (S7Z.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zextractor.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip32.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip64.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wzdisktools.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzipss.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cmd.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mshta.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winhlp32.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wscript.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (quicktimeplayer.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winamp.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (vlc.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mplayer2.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wmplayer.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (powerpnt.exe)"
05/12/18 " 13:49:24.597" 794182359 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excel.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excelc.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winword.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winwordc.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mspub.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (eqnedt32.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (soffice.bin)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxitreader.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxit reader.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Foxit PhantomPDF.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FoxitPhantomPDF.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrord32.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrobat.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (java.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaw.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaws.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (dragon.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (waterfox.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tor.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tbb-firefox.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (palemoon.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cyberfox.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (icedragon.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (seamonkey.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (maxthon.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mxapploader.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_plugin_wrapper.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_wrapper_32.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (iexplore.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdge.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdgeCP.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (chrome.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (old_chrome.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (firefox.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (plugin-container.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FlashPlayerPlugin*.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (helpctr.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (fltldr.exe)"
05/12/18 " 13:49:24.613" 794182375 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mbae-test.exe)"
05/12/18 " 13:49:26.358" 794184125 49d0 4574 INFO AeShimImpl AeShimImpl::MbaeStart "AeShimImpl.cpp" 358 "MBAE started."
05/12/18 " 13:49:26.358" 794184125 49d0 4574 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::StartProtectionImpl "AEControllerImplHelper.cpp" 591 "Protection Started"
05/12/18 " 13:49:26.359" 794184125 49d0 5760 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 13:49:26.421" 794184187 49d0 43b8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 13:49:26.421" 794184187 49d0 523c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Excel)"
05/12/18 " 13:49:26.421" 794184187 49d0 23bc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 13:49:26.421" 794184187 49d0 5064 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 13:49:26.421" 794184187 49d0 36b8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 13:49:26.421" 794184187 49d0 3b58 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 13:49:26.421" 794184187 49d0 437c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 13:49:26.421" 794184187 49d0 16d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 13:49:26.421" 794184187 49d0 3a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 13:49:26.421" 794184187 49d0 1c70 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 13:49:26.421" 794184187 49d0 4ad0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 13:49:26.421" 794184187 49d0 3348 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 13:49:26.437" 794184203 49d0 3a60 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 13:49:26.437" 794184203 49d0 164c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 13:49:27.548" 794185312 49d0 4600 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/12/18 " 13:49:27.548" 794185312 49d0 4600 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/12/18 " 13:49:28.662" 794186421 49d0 2f38 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/12/18 " 13:49:28.978" 794186734 49d0 2f38 INFO RtpShim RtpShimImpl::Install "RtpShimImpl.cpp" 139 "rtp.dll was successfully loaded. rtpPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\rtp.dll>."
05/12/18 " 13:49:29.131" 794186890 49d0 2f38 INFO RtpSDK RtpUserImpl::Start "RtpUserImpl.cpp" 256 "Rtp driver started."
05/12/18 " 13:49:29.131" 794186890 49d0 2f38 INFO RtpShim RtpShimImpl::Start "RtpShimImpl.cpp" 233 "Rtp successfully started."
05/12/18 " 13:49:29.778" 794187546 49d0 1eb4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:29.794" 794187562 49d0 1eb4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:29.816" 794187578 49d0 474c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:29.832" 794187593 49d0 1eb4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:29.847" 794187609 49d0 474c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:29.863" 794187625 49d0 1eb4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:29.894" 794187656 49d0 474c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:37.655" 794195421 49d0 4528 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartArwProtection "ArwControllerImplHelper.cpp" 746 "Anti-Ransomware protection has been started."
05/12/18 " 13:49:42.269" 794200031 49d0 4228 INFO IrisImpl mb::updatecontrollerimpl::IrisScheduler::run "IrisImpl.cpp" 654 "Calling check for updates from Iris"
05/12/18 " 13:49:42.269" 794200031 49d0 4228 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "IrisImpl.cpp" 85 "Entering IrisCheck. Checking with Iris for messages."
05/12/18 " 13:49:44.210" 794201968 49d0 4228 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::ProcessMessages "IrisImpl.cpp" 255 "JSON response has a messages collection. Processing messages."
05/12/18 " 13:49:58.868" 794216625 49d0 4600 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::StartScan "Scanner.cpp" 613 "Starting a Threat scan, clientID = MbamUI, clientType = MBClientFullUI."
05/12/18 " 13:49:58.880" 794216640 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 13:49:59.139" 794216906 49d0 474c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:59.175" 794216937 49d0 474c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:59.209" 794216968 49d0 4c20 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:59.244" 794217000 49d0 1eb4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:59.281" 794217046 49d0 4c20 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:59.314" 794217078 49d0 1eb4 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:49:59.346" 794217109 49d0 4c20 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 13:50:00.392" 794218156 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 13:50:00.392" 794218156 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 13:50:00.392" 794218156 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (manual)"
05/12/18 " 13:50:00.392" 794218156 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[No], SDK/Ctlr=[No], DB/CLS=[Yes]"
05/12/18 " 13:50:00.394" 794218156 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5068]"
05/12/18 " 13:50:00.922" 794218687 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5078) of pkg [mbam-c.dbcls.64bit] (FULL) is available"
05/12/18 " 13:50:00.922" 794218687 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5070) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/12/18 " 13:50:00.923" 794218687 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5072) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/12/18 " 13:50:00.923" 794218687 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5074) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/12/18 " 13:50:00.923" 794218687 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5076) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/12/18 " 13:50:00.923" 794218687 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5078) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/12/18 " 13:50:00.924" 794218687 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 640 "Available updates found - beginning download"
05/12/18 " 13:50:01.223" 794218984 49d0 4c0c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z"
05/12/18 " 13:50:01.428" 794219187 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/12/18 " 13:50:01.437" 794219203 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/12/18 " 13:50:01.564" 794219328 49d0 4c0c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta2\dbcls.64bit.incr.7z"
05/12/18 " 13:50:01.689" 794219453 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/12/18 " 13:50:01.703" 794219468 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/12/18 " 13:50:01.807" 794219578 49d0 4c0c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta3\dbcls.64bit.incr.7z"
05/12/18 " 13:50:01.955" 794219718 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/12/18 " 13:50:01.986" 794219750 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/12/18 " 13:50:02.059" 794219828 49d0 4c0c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta4\dbcls.64bit.incr.7z"
05/12/18 " 13:50:02.239" 794220000 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/12/18 " 13:50:02.246" 794220015 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/12/18 " 13:50:02.339" 794220109 49d0 4c0c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta5\dbcls.64bit.incr.7z"
05/12/18 " 13:50:02.499" 794220265 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/12/18 " 13:50:02.509" 794220265 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/12/18 " 13:50:02.639" 794220406 49d0 5258 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/12/18 " 13:50:02.815" 794220578 49d0 5258 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/12/18 " 13:50:02.817" 794220578 49d0 5258 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions"
05/12/18 " 13:50:02.819" 794220578 49d0 5258 INFO BrowserSDKShim BrowserSDKShim::PrepareUpdate "BrowserSDKShim.cpp" 125 "Starting update of browser sdk"
05/12/18 " 13:50:04.589" 794222359 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/12/18 " 13:50:04.590" 794222359 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5070"
05/12/18 " 13:50:04.592" 794222359 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.11.04"
05/12/18 " 13:50:06.029" 794223796 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/12/18 " 13:50:06.030" 794223796 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5072"
05/12/18 " 13:50:06.031" 794223796 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.11.05"
05/12/18 " 13:50:07.383" 794225140 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/12/18 " 13:50:07.384" 794225140 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5074"
05/12/18 " 13:50:07.385" 794225156 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.11.06"
05/12/18 " 13:50:08.064" 794225828 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/12/18 " 13:50:08.064" 794225828 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5076"
05/12/18 " 13:50:08.066" 794225828 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.12.01"
05/12/18 " 13:50:14.825" 794232593 49d0 5258 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions"
05/12/18 " 13:50:14.971" 794232734 49d0 5258 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/12/18 " 13:50:15.049" 794232812 49d0 5258 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/12/18 " 13:50:19.346" 794237109 49d0 5258 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/12/18 " 13:50:19.346" 794237109 49d0 5258 INFO BrowserSDKShim BrowserSDKShim::FinishUpdate "BrowserSDKShim.cpp" 154 "Finishing update of browser sdk"
05/12/18 " 13:50:19.449" 794237218 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/12/18 " 13:50:19.450" 794237218 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5078"
05/12/18 " 13:50:19.451" 794237218 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.12.02"
05/12/18 " 13:50:19.461" 794237218 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 13:50:20.869" 794238625 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 13:50:20.869" 794238625 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 13:50:20.963" 794238718 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 13:50:20.964" 794238734 49d0 4c6c INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/12/18 " 13:50:20.965" 794238734 49d0 4c6c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/12/18 " 13:50:21.425" 794239187 49d0 2388 INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/12/18 " 13:50:21.505" 794239265 49d0 2388 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
05/12/18 " 13:50:23.835" 794241593 49d0 23d8 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 68574 records."
05/12/18 " 13:50:34.342" 794252109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018135022265\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL"
05/12/18 " 13:50:34.377" 794252140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Init "Linker.cpp" 94 "Initializing linker"
05/12/18 " 13:50:36.566" 794254328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:50:36.627" 794254390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|URL' => None:Unknown"
05/12/18 " 13:50:36.628" 794254390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018135034745\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|URL' => None:Unknown"
05/12/18 " 13:50:36.629" 794254390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}' => None:Unknown"
05/12/18 " 13:50:36.630" 794254390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018135034745\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}' => None:Unknown"
05/12/18 " 13:50:36.631" 794254390 49d0 444c INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/12/18 " 13:50:36.685" 794254453 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/12/18 " 13:50:36.685" 794254453 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkingEngine "LinkingEngine.cpp" 76 "Start of LinkingEngine constructor"
05/12/18 " 13:50:36.685" 794254453 49d0 444c INFO CleanControllerImpl LinkingEngine::InitHotspots "LinkingEngine.cpp" 268 "Start of InitHotspots"
05/12/18 " 13:50:36.686" 794254453 49d0 444c INFO CleanControllerImpl LinkingEngine::InitHotKeys "LinkingEngine.cpp" 134 "Start of InitHotKeys"
05/12/18 " 13:50:36.686" 794254453 49d0 444c INFO CleanControllerImpl LinkingEngine::InitHotValues "LinkingEngine.cpp" 216 "Start of InitHotValues"
05/12/18 " 13:50:36.687" 794254453 49d0 444c INFO CleanControllerImpl LinkingEngine::EnumerateProcesses "LinkingEngine.cpp" 352 "Start of EnumerateProcesses"
05/12/18 " 13:50:36.693" 794254453 49d0 193c INFO CleanControllerImpl LinkingEngine::TraverseHotspots "LinkingEngine.cpp" 294 "Start of TraverseHotspots"
05/12/18 " 13:50:39.367" 794257125 49d0 444c INFO CleanControllerImpl LinkingEngine::InitMaps "LinkingEngine.cpp" 372 "Start of InitMaps"
05/12/18 " 13:50:46.922" 794264687 49d0 444c INFO CleanControllerImpl LinkingEngine::InitMaps "LinkingEngine.cpp" 398 "End of InitMaps"
05/12/18 " 13:50:46.922" 794264687 49d0 444c INFO CleanControllerImpl LinkingEngine::InitFileToRunKeysValuesMap "LinkingEngine.cpp" 485 "Start of InitFileToRunKeysValuesMap"
05/12/18 " 13:50:46.943" 794264703 49d0 444c INFO CleanControllerImpl LinkingEngine::InitFileToAutoRunValuesMap "LinkingEngine.cpp" 539 "Start of InitFileToAutoRunValuesMap"
05/12/18 " 13:50:46.950" 794264718 49d0 444c INFO CleanControllerImpl LinkingEngine::InitHKCRSubKeys "LinkingEngine.cpp" 624 "Start of InitHKCRSubKeys"
05/12/18 " 13:50:47.022" 794264781 49d0 444c INFO CleanControllerImpl LinkingEngine::InitSSODLKeyValues "LinkingEngine.cpp" 646 "Start of InitSSODLKeyValues"
05/12/18 " 13:50:47.025" 794264781 49d0 444c INFO CleanControllerImpl LinkingEngine::InitBHOSubKeys "LinkingEngine.cpp" 669 "Start of InitBHOSubKeys"
05/12/18 " 13:50:47.029" 794264796 49d0 444c INFO CleanControllerImpl LinkingEngine::InitTypeLibraryInterfaces "LinkingEngine.cpp" 692 "Start of InitTypeLibraryInterfaces"
05/12/18 " 13:50:51.119" 794268875 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""95b2916ee68375e982e2647fdf9ea85ac7ec478c0109309567982df1dbb572b6"",""md5"":""a236b1646e96ab06be0f8d592b6d9a0d"",""classification"":""GOOD"",""trust_always"":true}]}"
05/12/18 " 13:50:51.119" 794268875 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:51:08.965" 794286734 49d0 193c INFO CleanControllerImpl LinkingEngine::TraverseHotspots::<lambda_d638330b458f0892c23ac451252ac39f>::operator () "LinkingEngine.cpp" 296 "End of TraverseHotspots"
05/12/18 " 13:51:08.965" 794286734 49d0 193c INFO CleanControllerImpl LinkingEngine::InitTasksDataStructures "LinkingEngine.cpp" 726 "Start of InitTasksDataStructures"
05/12/18 " 13:51:15.568" 794293328 49d0 193c INFO CleanControllerImpl LinkingEngine::InitTasksDataStructures "LinkingEngine.cpp" 754 "End of InitTasksDataStructures"
05/12/18 " 13:51:15.608" 794293375 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkingEngine "LinkingEngine.cpp" 119 "End of LinkingEngine constructor"
05/12/18 " 13:51:15.761" 794293531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2369424989-362787197-3549092213-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}' => None:Unknown"
05/12/18 " 13:51:15.846" 794293609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018135035760\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}' => None:Unknown"
05/12/18 " 13:51:15.981" 794293750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}' => None:Unknown"
05/12/18 " 13:51:15.981" 794293750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}' => None:Unknown"
05/12/18 " 13:51:16.118" 794293875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}' => None:Unknown"
05/12/18 " 13:51:16.118" 794293875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}' => None:Unknown"
05/12/18 " 13:51:17.225" 794294984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018135022265\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL"
05/12/18 " 13:51:17.226" 794294984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:17.280" 794295046 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|TOPRESULTURL' => None:Unknown"
05/12/18 " 13:51:17.346" 794295109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018135034745\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|TOPRESULTURL' => None:Unknown"
05/12/18 " 13:51:17.346" 794295109 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A} and HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018135034745\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 13:51:17.350" 794295109 49d0 444c INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
|
|
14.05.2018, 13:54
| #6 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 2. Teil Code:
ATTFilter 05/12/18 " 13:51:17.350" 794295109 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/12/18 " 13:51:17.355" 794295125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.GreatDealz, ObjectPath=HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lobonlhedgiilkfmbbbfhkaoefacipgj"
05/12/18 " 13:51:17.355" 794295125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:17.384" 794295140 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ'"
05/12/18 " 13:51:17.506" 794295265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ' => None:Unknown"
05/12/18 " 13:51:17.506" 794295265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ' => None:Unknown"
05/12/18 " 13:51:17.506" 794295265 49d0 444c INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/12/18 " 13:51:17.518" 794295281 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/12/18 " 13:51:17.518" 794295281 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ'"
05/12/18 " 13:51:17.518" 794295281 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetExtensionLinkedTraces "ChromeSDK.cpp" 507 "Linking to Chrome extension 'LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ'"
05/12/18 " 13:51:17.957" 794295718 49d0 444c INFO CleanControllerImpl LinkingEngine::TraverseDirectory "LinkingEngine.cpp" 1962 "Traversing through linked dir 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 13:51:18.159" 794295921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj' => None:Unknown"
05/12/18 " 13:51:18.159" 794295921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj' => None:Unknown"
05/12/18 " 13:51:18.477" 794296234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1' => None:Unknown"
05/12/18 " 13:51:18.477" 794296234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1' => None:Unknown"
05/12/18 " 13:51:18.739" 794296500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content' => None:Unknown"
05/12/18 " 13:51:18.739" 794296500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content' => None:Unknown"
05/12/18 " 13:51:19.044" 794296812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js'"
05/12/18 " 13:51:19.044" 794296812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js' => None:Unknown"
05/12/18 " 13:51:19.044" 794296812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js' => None:Unknown"
05/12/18 " 13:51:19.191" 794296953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png'"
05/12/18 " 13:51:19.191" 794296953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png' => None:Unknown"
05/12/18 " 13:51:19.191" 794296953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png' => None:Unknown"
05/12/18 " 13:51:19.350" 794297109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales' => None:Unknown"
05/12/18 " 13:51:19.350" 794297109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales' => None:Unknown"
05/12/18 " 13:51:19.547" 794297312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de' => None:Unknown"
05/12/18 " 13:51:19.547" 794297312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de' => None:Unknown"
05/12/18 " 13:51:19.756" 794297515 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json'"
05/12/18 " 13:51:19.756" 794297515 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json' => None:Unknown"
05/12/18 " 13:51:19.756" 794297515 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json' => None:Unknown"
05/12/18 " 13:51:19.907" 794297671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en' => None:Unknown"
05/12/18 " 13:51:19.907" 794297671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en' => None:Unknown"
05/12/18 " 13:51:20.272" 794298031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json'"
05/12/18 " 13:51:20.272" 794298031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json' => None:Unknown"
05/12/18 " 13:51:20.272" 794298031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json' => None:Unknown"
05/12/18 " 13:51:20.421" 794298187 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata' => None:Unknown"
05/12/18 " 13:51:20.421" 794298187 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata' => None:Unknown"
05/12/18 " 13:51:20.618" 794298375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json'"
05/12/18 " 13:51:20.618" 794298375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json' => None:Unknown"
05/12/18 " 13:51:20.618" 794298375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json' => None:Unknown"
05/12/18 " 13:51:20.793" 794298562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json'"
05/12/18 " 13:51:20.793" 794298562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json' => None:Unknown"
05/12/18 " 13:51:20.793" 794298562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json' => None:Unknown"
05/12/18 " 13:51:21.011" 794298781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js'"
05/12/18 " 13:51:21.011" 794298781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js' => None:Unknown"
05/12/18 " 13:51:21.011" 794298781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js' => None:Unknown"
05/12/18 " 13:51:21.180" 794298937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js'"
05/12/18 " 13:51:21.180" 794298937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js' => None:Unknown"
05/12/18 " 13:51:21.180" 794298937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js' => None:Unknown"
05/12/18 " 13:51:21.365" 794299125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png'"
05/12/18 " 13:51:21.365" 794299125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png' => None:Unknown"
05/12/18 " 13:51:21.365" 794299125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png' => None:Unknown"
05/12/18 " 13:51:21.571" 794299328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png'"
05/12/18 " 13:51:21.571" 794299328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png' => None:Unknown"
05/12/18 " 13:51:21.571" 794299328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png' => None:Unknown"
05/12/18 " 13:51:21.789" 794299546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png'"
05/12/18 " 13:51:21.789" 794299546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png' => None:Unknown"
05/12/18 " 13:51:21.789" 794299546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png' => None:Unknown"
05/12/18 " 13:51:21.962" 794299718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json'"
05/12/18 " 13:51:21.962" 794299718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json' => None:Unknown"
05/12/18 " 13:51:21.962" 794299718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json' => None:Unknown"
05/12/18 " 13:51:21.985" 794299750 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js'"
05/12/18 " 13:51:21.987" 794299750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js' => None:Unknown"
05/12/18 " 13:51:21.987" 794299750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js' => None:Unknown"
05/12/18 " 13:51:21.987" 794299750 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js'"
05/12/18 " 13:51:22.029" 794299796 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png'"
05/12/18 " 13:51:22.031" 794299796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png' => None:Unknown"
05/12/18 " 13:51:22.031" 794299796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png' => None:Unknown"
05/12/18 " 13:51:22.031" 794299796 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png'"
05/12/18 " 13:51:22.039" 794299796 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json'"
05/12/18 " 13:51:22.040" 794299796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json' => None:Unknown"
05/12/18 " 13:51:22.040" 794299796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json' => None:Unknown"
05/12/18 " 13:51:22.040" 794299796 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json'"
05/12/18 " 13:51:22.080" 794299843 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json'"
05/12/18 " 13:51:22.082" 794299843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json' => None:Unknown"
05/12/18 " 13:51:22.082" 794299843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json' => None:Unknown"
05/12/18 " 13:51:22.082" 794299843 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json'"
05/12/18 " 13:51:22.127" 794299890 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json'"
05/12/18 " 13:51:22.129" 794299890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json' => None:Unknown"
05/12/18 " 13:51:22.129" 794299890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json' => None:Unknown"
05/12/18 " 13:51:22.130" 794299890 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json'"
05/12/18 " 13:51:22.174" 794299937 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json'"
05/12/18 " 13:51:22.181" 794299937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json' => None:Unknown"
05/12/18 " 13:51:22.181" 794299937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json' => None:Unknown"
05/12/18 " 13:51:22.181" 794299937 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json'"
05/12/18 " 13:51:22.222" 794299984 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js'"
05/12/18 " 13:51:22.224" 794299984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js' => None:Unknown"
05/12/18 " 13:51:22.224" 794299984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js' => None:Unknown"
05/12/18 " 13:51:22.225" 794299984 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js'"
05/12/18 " 13:51:22.270" 794300031 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js'"
05/12/18 " 13:51:22.272" 794300031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js' => None:Unknown"
05/12/18 " 13:51:22.272" 794300031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js' => None:Unknown"
05/12/18 " 13:51:22.272" 794300031 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js'"
05/12/18 " 13:51:22.319" 794300078 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png'"
05/12/18 " 13:51:22.321" 794300078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png' => None:Unknown"
05/12/18 " 13:51:22.321" 794300078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png' => None:Unknown"
05/12/18 " 13:51:22.321" 794300078 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png'"
05/12/18 " 13:51:22.330" 794300093 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png'"
05/12/18 " 13:51:22.332" 794300093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png' => None:Unknown"
05/12/18 " 13:51:22.332" 794300093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png' => None:Unknown"
05/12/18 " 13:51:22.333" 794300093 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png'"
05/12/18 " 13:51:22.381" 794300140 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png'"
05/12/18 " 13:51:22.382" 794300140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png' => None:Unknown"
05/12/18 " 13:51:22.383" 794300140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png' => None:Unknown"
05/12/18 " 13:51:22.383" 794300140 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png'"
05/12/18 " 13:51:22.465" 794300234 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json'"
05/12/18 " 13:51:22.467" 794300234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json' => None:Unknown"
05/12/18 " 13:51:22.467" 794300234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json' => None:Unknown"
05/12/18 " 13:51:22.467" 794300234 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json'"
05/12/18 " 13:51:22.503" 794300265 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de'"
05/12/18 " 13:51:22.503" 794300265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de' => None:Unknown"
05/12/18 " 13:51:22.504" 794300265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de' => None:Unknown"
05/12/18 " 13:51:22.504" 794300265 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de'"
05/12/18 " 13:51:22.512" 794300281 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en'"
05/12/18 " 13:51:22.512" 794300281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en' => None:Unknown"
05/12/18 " 13:51:22.512" 794300281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en' => None:Unknown"
05/12/18 " 13:51:22.512" 794300281 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en'"
05/12/18 " 13:51:22.518" 794300281 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata'"
05/12/18 " 13:51:22.519" 794300281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata' => None:Unknown"
05/12/18 " 13:51:22.519" 794300281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata' => None:Unknown"
05/12/18 " 13:51:22.519" 794300281 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata'"
05/12/18 " 13:51:22.525" 794300281 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales'"
05/12/18 " 13:51:22.525" 794300281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales' => None:Unknown"
05/12/18 " 13:51:22.525" 794300281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales' => None:Unknown"
05/12/18 " 13:51:22.525" 794300281 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales'"
05/12/18 " 13:51:22.531" 794300296 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content'"
05/12/18 " 13:51:22.563" 794300328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content' => None:Unknown"
05/12/18 " 13:51:22.563" 794300328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content' => None:Unknown"
05/12/18 " 13:51:22.563" 794300328 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content'"
05/12/18 " 13:51:22.570" 794300328 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1'"
05/12/18 " 13:51:22.570" 794300328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1' => None:Unknown"
05/12/18 " 13:51:22.570" 794300328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1' => None:Unknown"
05/12/18 " 13:51:22.570" 794300328 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1'"
05/12/18 " 13:51:22.570" 794300328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ' => None:Unknown"
05/12/18 " 13:51:22.570" 794300328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj' => None:Unknown"
05/12/18 " 13:51:22.570" 794300328 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 13:51:22.570" 794300328 49d0 444c INFO CleanControllerImpl LinkingEngine::TraverseDirectory "LinkingEngine.cpp" 1962 "Traversing through linked dir 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 13:51:22.709" 794300468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj' => None:Unknown"
05/12/18 " 13:51:22.709" 794300468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj' => None:Unknown"
05/12/18 " 13:51:22.953" 794300718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0' => None:Unknown"
05/12/18 " 13:51:22.953" 794300718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0' => None:Unknown"
05/12/18 " 13:51:23.136" 794300906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content' => None:Unknown"
05/12/18 " 13:51:23.136" 794300906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content' => None:Unknown"
05/12/18 " 13:51:23.329" 794301093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js'"
05/12/18 " 13:51:23.329" 794301093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js' => None:Unknown"
05/12/18 " 13:51:23.329" 794301093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js' => None:Unknown"
05/12/18 " 13:51:23.531" 794301296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png'"
05/12/18 " 13:51:23.533" 794301296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png' => None:Unknown"
05/12/18 " 13:51:23.533" 794301296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png' => None:Unknown"
05/12/18 " 13:51:23.698" 794301468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales' => None:Unknown"
05/12/18 " 13:51:23.698" 794301468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales' => None:Unknown"
05/12/18 " 13:51:23.953" 794301718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de' => None:Unknown"
05/12/18 " 13:51:23.953" 794301718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de' => None:Unknown"
05/12/18 " 13:51:24.169" 794301937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json'"
05/12/18 " 13:51:24.169" 794301937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json' => None:Unknown"
05/12/18 " 13:51:24.169" 794301937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json' => None:Unknown"
05/12/18 " 13:51:24.332" 794302093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en' => None:Unknown"
05/12/18 " 13:51:24.332" 794302093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en' => None:Unknown"
05/12/18 " 13:51:24.557" 794302312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json'"
05/12/18 " 13:51:24.557" 794302312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json' => None:Unknown"
05/12/18 " 13:51:24.557" 794302312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json' => None:Unknown"
05/12/18 " 13:51:24.697" 794302453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata' => None:Unknown"
05/12/18 " 13:51:24.697" 794302453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata' => None:Unknown"
05/12/18 " 13:51:24.939" 794302703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json'"
05/12/18 " 13:51:24.940" 794302703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json' => None:Unknown"
05/12/18 " 13:51:24.940" 794302703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json' => None:Unknown"
05/12/18 " 13:51:25.162" 794302921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js'"
05/12/18 " 13:51:25.162" 794302921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js' => None:Unknown"
05/12/18 " 13:51:25.162" 794302921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js' => None:Unknown"
05/12/18 " 13:51:25.337" 794303093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js'"
05/12/18 " 13:51:25.337" 794303093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js' => None:Unknown"
05/12/18 " 13:51:25.337" 794303093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js' => None:Unknown"
05/12/18 " 13:51:25.541" 794303296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png'"
05/12/18 " 13:51:25.541" 794303296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png' => None:Unknown"
05/12/18 " 13:51:25.541" 794303296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png' => None:Unknown"
05/12/18 " 13:51:25.707" 794303468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png'"
05/12/18 " 13:51:25.707" 794303468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png' => None:Unknown"
05/12/18 " 13:51:25.707" 794303468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png' => None:Unknown"
05/12/18 " 13:51:25.913" 794303671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png'"
05/12/18 " 13:51:25.913" 794303671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png' => None:Unknown"
05/12/18 " 13:51:25.913" 794303671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png' => None:Unknown"
05/12/18 " 13:51:26.092" 794303859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json'"
05/12/18 " 13:51:26.092" 794303859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json' => None:Unknown"
05/12/18 " 13:51:26.092" 794303859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json' => None:Unknown"
05/12/18 " 13:51:26.115" 794303875 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js'"
05/12/18 " 13:51:26.142" 794303906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js' => None:Unknown"
05/12/18 " 13:51:26.142" 794303906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js' => None:Unknown"
05/12/18 " 13:51:26.142" 794303906 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js'"
05/12/18 " 13:51:26.188" 794303953 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png'"
05/12/18 " 13:51:26.189" 794303953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png' => None:Unknown"
05/12/18 " 13:51:26.191" 794303953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png' => None:Unknown"
05/12/18 " 13:51:26.192" 794303953 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png'"
05/12/18 " 13:51:26.230" 794304000 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json'"
05/12/18 " 13:51:26.231" 794304000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json' => None:Unknown"
05/12/18 " 13:51:26.231" 794304000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json' => None:Unknown"
05/12/18 " 13:51:26.231" 794304000 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json'"
05/12/18 " 13:51:26.240" 794304000 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json'"
05/12/18 " 13:51:26.241" 794304000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json' => None:Unknown"
05/12/18 " 13:51:26.241" 794304000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json' => None:Unknown"
05/12/18 " 13:51:26.241" 794304000 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json'"
05/12/18 " 13:51:26.284" 794304046 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json'"
05/12/18 " 13:51:26.285" 794304046 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json' => None:Unknown"
05/12/18 " 13:51:26.285" 794304046 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json' => None:Unknown"
05/12/18 " 13:51:26.286" 794304046 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json'"
05/12/18 " 13:51:26.340" 794304109 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js'"
05/12/18 " 13:51:26.377" 794304140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js' => None:Unknown"
05/12/18 " 13:51:26.377" 794304140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js' => None:Unknown"
05/12/18 " 13:51:26.377" 794304140 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js'"
05/12/18 " 13:51:26.385" 794304140 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js'"
05/12/18 " 13:51:26.386" 794304156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js' => None:Unknown"
05/12/18 " 13:51:26.386" 794304156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js' => None:Unknown"
05/12/18 " 13:51:26.386" 794304156 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js'"
05/12/18 " 13:51:26.394" 794304156 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png'"
05/12/18 " 13:51:26.395" 794304156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png' => None:Unknown"
05/12/18 " 13:51:26.395" 794304156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png' => None:Unknown"
05/12/18 " 13:51:26.395" 794304156 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png'"
05/12/18 " 13:51:26.442" 794304203 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png'"
05/12/18 " 13:51:26.443" 794304203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png' => None:Unknown"
05/12/18 " 13:51:26.443" 794304203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png' => None:Unknown"
05/12/18 " 13:51:26.443" 794304203 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png'"
05/12/18 " 13:51:26.486" 794304250 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png'"
05/12/18 " 13:51:26.487" 794304250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png' => None:Unknown"
05/12/18 " 13:51:26.487" 794304250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png' => None:Unknown"
05/12/18 " 13:51:26.487" 794304250 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png'"
05/12/18 " 13:51:26.527" 794304296 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json'"
05/12/18 " 13:51:26.529" 794304296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json' => None:Unknown"
05/12/18 " 13:51:26.529" 794304296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json' => None:Unknown"
05/12/18 " 13:51:26.529" 794304296 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json'"
05/12/18 " 13:51:26.573" 794304343 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de'"
05/12/18 " 13:51:26.573" 794304343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de' => None:Unknown"
05/12/18 " 13:51:26.573" 794304343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de' => None:Unknown"
05/12/18 " 13:51:26.573" 794304343 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de'"
05/12/18 " 13:51:26.582" 794304343 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en'"
05/12/18 " 13:51:26.582" 794304343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en' => None:Unknown"
05/12/18 " 13:51:26.582" 794304343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en' => None:Unknown"
05/12/18 " 13:51:26.582" 794304343 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en'"
05/12/18 " 13:51:26.588" 794304343 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata'"
05/12/18 " 13:51:26.588" 794304343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata' => None:Unknown"
05/12/18 " 13:51:26.588" 794304343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata' => None:Unknown"
05/12/18 " 13:51:26.588" 794304343 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata'"
05/12/18 " 13:51:26.596" 794304359 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales'"
05/12/18 " 13:51:26.596" 794304359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales' => None:Unknown"
05/12/18 " 13:51:26.596" 794304359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales' => None:Unknown"
05/12/18 " 13:51:26.596" 794304359 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales'"
05/12/18 " 13:51:26.604" 794304359 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content'"
05/12/18 " 13:51:26.604" 794304359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content' => None:Unknown"
05/12/18 " 13:51:26.604" 794304359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content' => None:Unknown"
05/12/18 " 13:51:26.604" 794304359 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content'"
05/12/18 " 13:51:26.666" 794304421 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0'"
05/12/18 " 13:51:26.666" 794304421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0' => None:Unknown"
05/12/18 " 13:51:26.666" 794304421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0' => None:Unknown"
05/12/18 " 13:51:26.666" 794304421 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0'"
05/12/18 " 13:51:26.666" 794304421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ' => None:Unknown"
05/12/18 " 13:51:26.666" 794304421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj' => None:Unknown"
05/12/18 " 13:51:26.666" 794304421 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 13:51:26.816" 794304578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences'"
05/12/18 " 13:51:26.816" 794304578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences' => None:Unknown"
05/12/18 " 13:51:26.816" 794304578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences' => None:Unknown"
05/12/18 " 13:51:26.816" 794304578 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences'"
05/12/18 " 13:51:26.986" 794304750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences'"
05/12/18 " 13:51:26.986" 794304750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences' => None:Unknown"
05/12/18 " 13:51:26.986" 794304750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences' => None:Unknown"
05/12/18 " 13:51:26.986" 794304750 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences'"
05/12/18 " 13:51:27.174" 794304937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences'"
05/12/18 " 13:51:27.174" 794304937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences' => None:Unknown"
05/12/18 " 13:51:27.174" 794304937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences' => None:Unknown"
05/12/18 " 13:51:27.174" 794304937 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences'"
05/12/18 " 13:51:27.357" 794305125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences'"
05/12/18 " 13:51:27.357" 794305125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences' => None:Unknown"
05/12/18 " 13:51:27.357" 794305125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Preferences' => None:Unknown"
05/12/18 " 13:51:27.357" 794305125 49d0 444c INFO CleanControllerImpl LinkingEngine::LinkChromeObjectUsingSDK "LinkingEngine.cpp" 1757 "Linking to Chrome object 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Preferences'"
05/12/18 " 13:51:27.404" 794305171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.IoloSC, ObjectPath=C:\PROGRAM FILES (X86)\IOLO\SYSTEM CHECKUP"
05/12/18 " 13:51:27.404" 794305171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:27.527" 794305296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\PROGRAM FILES (X86)\IOLO\SYSTEM CHECKUP' => None:Unknown"
05/12/18 " 13:51:27.527" 794305296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Program Files (x86)\iolo\System Checkup' => None:Unknown"
05/12/18 " 13:51:27.527" 794305296 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddDIRContents "PreCleanEngine.cpp" 547 "Traversing through dir 'C:\PROGRAM FILES (X86)\IOLO\SYSTEM CHECKUP'"
05/12/18 " 13:51:27.529" 794305296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Program Files (x86)\iolo\System Checkup' => None:Unknown"
05/12/18 " 13:51:27.602" 794305359 49d0 444c INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/12/18 " 13:51:27.602" 794305359 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/12/18 " 13:51:27.605" 794305375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.ChipDe, ObjectPath=HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}"
05/12/18 " 13:51:27.605" 794305375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:27.723" 794305484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}' => None:Unknown"
05/12/18 " 13:51:27.723" 794305484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}' => None:Unknown"
05/12/18 " 13:51:27.723" 794305484 49d0 444c INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/12/18 " 13:51:27.723" 794305484 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/12/18 " 13:51:28.033" 794305796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.GreatDealz, ObjectPath=C:\PROGRAM FILES (X86)\GREATDEALZ"
05/12/18 " 13:51:28.034" 794305796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:28.135" 794305890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\PROGRAM FILES (X86)\GREATDEALZ' => None:Unknown"
05/12/18 " 13:51:28.135" 794305890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Program Files (x86)\GreatDealz' => None:Unknown"
05/12/18 " 13:51:28.135" 794305890 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddDIRContents "PreCleanEngine.cpp" 547 "Traversing through dir 'C:\PROGRAM FILES (X86)\GREATDEALZ'"
05/12/18 " 13:51:28.145" 794305906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Program Files (x86)\GreatDealz' => None:Unknown"
05/12/18 " 13:51:28.392" 794306156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx'"
05/12/18 " 13:51:28.392" 794306156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx' => None:Unknown"
05/12/18 " 13:51:28.423" 794306187 49d0 444c INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/12/18 " 13:51:28.424" 794306187 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/12/18 " 13:51:28.428" 794306187 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.ChipDe, ObjectPath=HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\chip1click"
05/12/18 " 13:51:28.428" 794306187 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:28.524" 794306281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK' => None:Unknown"
05/12/18 " 13:51:28.524" 794306281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK' => None:Unknown"
05/12/18 " 13:51:28.525" 794306281 49d0 444c INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/12/18 " 13:51:28.525" 794306281 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/12/18 " 13:51:28.683" 794306453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE'"
05/12/18 " 13:51:28.683" 794306453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE' => None:Unknown"
05/12/18 " 13:51:28.684" 794306453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE' => None:Unknown"
05/12/18 " 13:51:28.719" 794306484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.ChipDe, ObjectPath=HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\chip 1-click download service"
05/12/18 " 13:51:28.719" 794306484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:28.832" 794306593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE' => None:Unknown"
05/12/18 " 13:51:28.832" 794306593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE' => None:Unknown"
05/12/18 " 13:51:28.832" 794306593 49d0 444c INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/12/18 " 13:51:28.832" 794306593 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/12/18 " 13:51:28.871" 794306640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.GreatDealz, ObjectPath=C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\lobonlhedgiilkfmbbbfhkaoefacipgj"
05/12/18 " 13:51:28.871" 794306640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:28.878" 794306640 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 13:51:28.878" 794306640 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\lobonlhedgiilkfmbbbfhkaoefacipgj and C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj"
05/12/18 " 13:51:28.880" 794306640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.GreatDealz, ObjectPath=C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\lobonlhedgiilkfmbbbfhkaoefacipgj"
05/12/18 " 13:51:28.880" 794306640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:28.886" 794306656 49d0 444c INFO BrowserSDK mb::browsersdk::chrome::ChromeSDK::GetChromeExtensionObject "ChromeSDK.cpp" 405 "Identifying object as part of Chrome extension 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 13:51:28.886" 794306656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\lobonlhedgiilkfmbbbfhkaoefacipgj and C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj"
05/12/18 " 13:51:28.887" 794306656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:28.887" 794306656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.020" 794306781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS'"
05/12/18 " 13:51:29.020" 794306781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS' => None:Unknown"
05/12/18 " 13:51:29.020" 794306781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js' => None:Unknown"
05/12/18 " 13:51:29.021" 794306781 49d0 444c INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/12/18 " 13:51:29.021" 794306781 49d0 444c INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/12/18 " 13:51:29.046" 794306812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.047" 794306812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.052" 794306812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.054" 794306812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.054" 794306812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.060" 794306828 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
|
|
14.05.2018, 13:58
| #7 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 3. Teil Code:
ATTFilter 05/12/18 " 13:51:29.061" 794306828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.061" 794306828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.067" 794306828 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.069" 794306828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.069" 794306828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.074" 794306843 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.087" 794306843 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.087" 794306843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.128" 794306890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.129" 794306890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.129" 794306890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.136" 794306906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.137" 794306906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.138" 794306906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.143" 794306906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.145" 794306906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.145" 794306906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.152" 794306921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.153" 794306921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.154" 794306921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.160" 794306921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.161" 794306921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.162" 794306921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.167" 794306937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.168" 794306937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.169" 794306937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.174" 794306937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.175" 794306937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.175" 794306937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.180" 794306937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.181" 794306937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.182" 794306937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.188" 794306953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.222" 794306984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.223" 794306984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.228" 794306984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.230" 794307000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.230" 794307000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.235" 794307000 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.237" 794307000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.237" 794307000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.242" 794307000 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.244" 794307000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.244" 794307000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.250" 794307015 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.251" 794307015 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.252" 794307015 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.291" 794307046 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.293" 794307062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.293" 794307062 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.298" 794307062 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.299" 794307062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.300" 794307062 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.305" 794307062 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.307" 794307062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.307" 794307078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.312" 794307078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.314" 794307078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.314" 794307078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.319" 794307078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.321" 794307078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.321" 794307078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.368" 794307125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.370" 794307140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.370" 794307140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.375" 794307140 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.377" 794307140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.377" 794307140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.382" 794307140 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.383" 794307140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.384" 794307140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.390" 794307156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.391" 794307156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.392" 794307156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.431" 794307187 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.433" 794307203 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.434" 794307203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.440" 794307203 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.441" 794307203 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.441" 794307203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.447" 794307203 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.448" 794307218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.449" 794307218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.455" 794307218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.456" 794307218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.457" 794307218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.462" 794307218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.464" 794307234 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.465" 794307234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.486" 794307250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.488" 794307250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.489" 794307250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.494" 794307250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.496" 794307265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.496" 794307265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.503" 794307265 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.506" 794307265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.507" 794307265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.513" 794307281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.514" 794307281 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.514" 794307281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.540" 794307296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.542" 794307312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.543" 794307312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.549" 794307312 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.552" 794307312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.552" 794307312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.577" 794307343 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.579" 794307343 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.579" 794307343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.586" 794307343 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.587" 794307343 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.588" 794307343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.632" 794307390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.633" 794307390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.634" 794307390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.641" 794307406 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.642" 794307406 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.643" 794307406 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.649" 794307406 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.652" 794307421 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.653" 794307421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.663" 794307421 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.665" 794307421 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.665" 794307421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.673" 794307437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.711" 794307468 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.712" 794307468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.717" 794307484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.719" 794307484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.720" 794307484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.726" 794307484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.727" 794307484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.728" 794307484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.734" 794307500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.736" 794307500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.737" 794307500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.744" 794307500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.746" 794307515 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.746" 794307515 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.759" 794307515 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.761" 794307531 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.761" 794307531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.767" 794307531 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.768" 794307531 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.769" 794307531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.774" 794307531 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.776" 794307546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.776" 794307546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.781" 794307546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.783" 794307546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.783" 794307546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.789" 794307546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.814" 794307578 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.815" 794307578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.821" 794307578 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.822" 794307578 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.823" 794307593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.828" 794307593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.830" 794307593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.830" 794307593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.836" 794307593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.838" 794307609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.839" 794307609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.844" 794307609 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.846" 794307609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.846" 794307609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.880" 794307640 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.882" 794307640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.882" 794307640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.890" 794307656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.892" 794307656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.892" 794307656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.898" 794307656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.899" 794307656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.900" 794307656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.906" 794307671 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.908" 794307671 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.908" 794307671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.925" 794307687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.927" 794307687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.928" 794307687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.933" 794307703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.934" 794307703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.935" 794307703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.947" 794307703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.950" 794307718 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.951" 794307718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.962" 794307718 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.964" 794307734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.964" 794307734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.977" 794307734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.978" 794307734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.979" 794307750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.984" 794307750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.987" 794307750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.987" 794307750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:29.995" 794307765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:29.996" 794307765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:29.997" 794307765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.004" 794307765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.006" 794307765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.006" 794307765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.011" 794307781 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.013" 794307781 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.029" 794307796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.045" 794307812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.047" 794307812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.047" 794307812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.052" 794307812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.055" 794307812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.055" 794307812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.062" 794307828 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.063" 794307828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.064" 794307828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.070" 794307828 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.072" 794307828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.072" 794307828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.106" 794307875 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.108" 794307875 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.109" 794307875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.115" 794307875 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.116" 794307875 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.117" 794307875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.124" 794307890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.126" 794307890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.126" 794307890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.131" 794307890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.132" 794307890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.133" 794307890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.148" 794307906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.150" 794307906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.151" 794307921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.159" 794307921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.161" 794307921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.162" 794307921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.180" 794307937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.182" 794307953 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.184" 794307953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.206" 794307968 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.207" 794307968 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.208" 794307968 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.213" 794307984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.227" 794307984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.227" 794307984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.233" 794308000 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.235" 794308000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.235" 794308000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.240" 794308000 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.242" 794308000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.242" 794308000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.247" 794308015 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.248" 794308015 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.249" 794308015 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.254" 794308015 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.257" 794308015 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.257" 794308015 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.279" 794308046 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.281" 794308046 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.282" 794308046 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.287" 794308046 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.289" 794308046 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.289" 794308046 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.298" 794308062 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.300" 794308062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.301" 794308062 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.310" 794308078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.312" 794308078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.312" 794308078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.318" 794308078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.344" 794308109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.345" 794308109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.351" 794308109 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.352" 794308109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.352" 794308109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.358" 794308125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.359" 794308125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.359" 794308125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.364" 794308125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.366" 794308125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.366" 794308125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.372" 794308140 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.374" 794308140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.374" 794308140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.385" 794308156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.389" 794308156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.390" 794308156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.395" 794308156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.397" 794308156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.398" 794308156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.403" 794308171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.406" 794308171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.406" 794308171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.411" 794308171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.412" 794308171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.413" 794308171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.417" 794308187 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.436" 794308203 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.439" 794308203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.478" 794308234 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.479" 794308250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.479" 794308250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.485" 794308250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.486" 794308250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.487" 794308250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.492" 794308250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.493" 794308250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.494" 794308250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.499" 794308265 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.500" 794308265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.500" 794308265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.525" 794308281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.527" 794308296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.527" 794308296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.533" 794308296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.534" 794308296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.535" 794308296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.540" 794308296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.541" 794308296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.542" 794308312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.548" 794308312 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.549" 794308312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.550" 794308312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.562" 794308328 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.602" 794308359 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.603" 794308359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.610" 794308375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.612" 794308375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.612" 794308375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.617" 794308375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.619" 794308375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.619" 794308375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.625" 794308390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.627" 794308390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.628" 794308390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.632" 794308390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.634" 794308390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.634" 794308390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.674" 794308437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.676" 794308437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.676" 794308437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.681" 794308437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.683" 794308453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.683" 794308453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.690" 794308453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.691" 794308453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.691" 794308453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.697" 794308453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.698" 794308453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.698" 794308468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.706" 794308468 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.707" 794308468 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.708" 794308468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.714" 794308484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.715" 794308484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.715" 794308484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.721" 794308484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.723" 794308484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.723" 794308484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.728" 794308484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.729" 794308500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.730" 794308500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.735" 794308500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.736" 794308500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.736" 794308500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.774" 794308531 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.775" 794308531 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.776" 794308531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.781" 794308546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.783" 794308546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.783" 794308546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.788" 794308546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.790" 794308546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.791" 794308546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.796" 794308562 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.797" 794308562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.797" 794308562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.826" 794308593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.827" 794308593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.827" 794308593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.833" 794308593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.834" 794308593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.835" 794308593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.840" 794308609 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.843" 794308609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.844" 794308609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.849" 794308609 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.850" 794308609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.851" 794308609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.856" 794308625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.858" 794308625 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.858" 794308625 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.894" 794308656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.896" 794308656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.896" 794308656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.902" 794308671 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.904" 794308671 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.904" 794308671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.910" 794308671 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.911" 794308671 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.911" 794308671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.916" 794308671 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.917" 794308687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.918" 794308687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.944" 794308703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.946" 794308703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.946" 794308703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.952" 794308718 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.954" 794308718 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.954" 794308718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.960" 794308718 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.961" 794308718 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
|
|
14.05.2018, 14:01
| #8 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 4. Teil Code:
ATTFilter 05/12/18 " 13:51:30.968" 794308734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.969" 794308734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.969" 794308734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:30.975" 794308734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:30.977" 794308734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:30.977" 794308734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.010" 794308765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.013" 794308781 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.014" 794308781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.020" 794308781 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.022" 794308781 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.023" 794308781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.028" 794308796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.030" 794308796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.030" 794308796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.035" 794308796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.036" 794308796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.037" 794308796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.066" 794308828 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.067" 794308828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.068" 794308828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.074" 794308843 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.075" 794308843 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.076" 794308843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.082" 794308843 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.083" 794308843 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.083" 794308843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.089" 794308859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.091" 794308859 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.091" 794308859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.096" 794308859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.128" 794308890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.128" 794308890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.134" 794308890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.135" 794308890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.136" 794308906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.141" 794308906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.143" 794308906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.143" 794308906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.148" 794308906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.150" 794308906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.150" 794308906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.155" 794308921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.156" 794308921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.157" 794308921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.197" 794308953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.199" 794308968 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.199" 794308968 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.206" 794308968 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.207" 794308968 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.208" 794308968 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.213" 794308968 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.214" 794308984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.214" 794308984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.219" 794308984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.221" 794308984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.221" 794308984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.227" 794308984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.263" 794309031 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.264" 794309031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.295" 794309062 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.297" 794309062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.298" 794309062 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.303" 794309062 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.305" 794309062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.305" 794309062 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.311" 794309078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.312" 794309078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.313" 794309078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.318" 794309078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.320" 794309078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.320" 794309078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.343" 794309109 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.345" 794309109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.345" 794309109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.351" 794309109 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.352" 794309109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.352" 794309109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.359" 794309125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.360" 794309125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.360" 794309125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.366" 794309125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.367" 794309125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.367" 794309125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.386" 794309156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.387" 794309156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.387" 794309156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.393" 794309156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.395" 794309156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.395" 794309156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.400" 794309156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.402" 794309171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.403" 794309171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.409" 794309171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.410" 794309171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.411" 794309171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.416" 794309171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.418" 794309187 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.439" 794309203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.445" 794309203 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.453" 794309218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.454" 794309218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.462" 794309218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.466" 794309234 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.467" 794309234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.472" 794309234 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.474" 794309234 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.475" 794309234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.480" 794309250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.481" 794309250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.482" 794309250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.517" 794309281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.519" 794309281 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.519" 794309281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.525" 794309281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.526" 794309296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.527" 794309296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.533" 794309296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.535" 794309296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.535" 794309296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.541" 794309296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.545" 794309312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.545" 794309312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.587" 794309343 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.588" 794309343 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.589" 794309359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.596" 794309359 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.598" 794309359 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.598" 794309359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.603" 794309359 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.605" 794309375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.606" 794309375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.611" 794309375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.613" 794309375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.613" 794309375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.618" 794309375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.620" 794309390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.620" 794309390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.650" 794309406 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.651" 794309406 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.651" 794309421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.656" 794309421 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.658" 794309421 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.658" 794309421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.663" 794309421 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.665" 794309421 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.665" 794309421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.671" 794309437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.674" 794309437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.674" 794309437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.710" 794309468 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.711" 794309468 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.712" 794309468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.717" 794309484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.719" 794309484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.719" 794309484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.724" 794309484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.726" 794309484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.726" 794309484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.731" 794309500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.733" 794309500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.734" 794309500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.739" 794309500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.740" 794309500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.741" 794309500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.768" 794309531 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.770" 794309531 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.770" 794309531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.776" 794309531 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.777" 794309546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.778" 794309546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.783" 794309546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.784" 794309546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.785" 794309546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.790" 794309546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.792" 794309562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.792" 794309562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.827" 794309593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.829" 794309593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.829" 794309593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.835" 794309593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.837" 794309593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.837" 794309593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.844" 794309609 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.845" 794309609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.845" 794309609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.850" 794309609 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.852" 794309609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.852" 794309609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.857" 794309625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.890" 794309656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.891" 794309656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.917" 794309687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.919" 794309687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.919" 794309687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.925" 794309687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.928" 794309687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.928" 794309687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.933" 794309703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.935" 794309703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.935" 794309703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.940" 794309703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.941" 794309703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.942" 794309703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.980" 794309750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.981" 794309750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.982" 794309750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.987" 794309750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.988" 794309750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.989" 794309750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:31.994" 794309750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:31.995" 794309765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:31.995" 794309765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.001" 794309765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.002" 794309765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.002" 794309765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.008" 794309765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.026" 794309781 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.026" 794309796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.032" 794309796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.033" 794309796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.034" 794309796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.039" 794309796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.041" 794309796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.041" 794309796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.047" 794309812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.050" 794309812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.051" 794309812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.056" 794309812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.057" 794309828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.058" 794309828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.093" 794309859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.095" 794309859 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.096" 794309859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.101" 794309859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.102" 794309859 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.103" 794309859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.108" 794309875 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.110" 794309875 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.110" 794309875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.116" 794309875 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.117" 794309875 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.118" 794309875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.152" 794309921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.153" 794309921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.154" 794309921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.163" 794309921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.165" 794309921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.165" 794309921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.172" 794309937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.173" 794309937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.174" 794309937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.179" 794309937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.180" 794309937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.181" 794309937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.186" 794309953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.187" 794309953 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.188" 794309953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.223" 794309984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.224" 794309984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.225" 794309984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.230" 794310000 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.232" 794310000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.232" 794310000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.237" 794310000 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.238" 794310000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.239" 794310000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.244" 794310000 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.245" 794310015 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.246" 794310015 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.279" 794310046 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.281" 794310046 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.281" 794310046 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.286" 794310046 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.288" 794310046 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.288" 794310046 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.333" 794310093 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.335" 794310093 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.335" 794310093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.341" 794310109 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.342" 794310109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.343" 794310109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.348" 794310109 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.382" 794310140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.382" 794310140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.387" 794310156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.389" 794310156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.389" 794310156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.395" 794310156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.398" 794310156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.398" 794310156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.404" 794310171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.405" 794310171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.406" 794310171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.412" 794310171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.413" 794310171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.414" 794310171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.433" 794310203 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.435" 794310203 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.435" 794310203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.441" 794310203 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.442" 794310203 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.443" 794310203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.448" 794310218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.450" 794310218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.451" 794310218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.456" 794310218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.457" 794310218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.457" 794310218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.490" 794310250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.492" 794310250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.492" 794310250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.498" 794310265 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.499" 794310265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.500" 794310265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.505" 794310265 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.507" 794310265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.507" 794310265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.514" 794310281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.515" 794310281 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.516" 794310281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.521" 794310281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.540" 794310296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.541" 794310296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.548" 794310312 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.549" 794310312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.550" 794310312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.556" 794310312 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.557" 794310328 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.558" 794310328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.564" 794310328 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.566" 794310328 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.566" 794310328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.572" 794310328 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.573" 794310343 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.573" 794310343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.607" 794310375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.609" 794310375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.609" 794310375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.615" 794310375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.616" 794310375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.617" 794310375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.622" 794310390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.623" 794310390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.623" 794310390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.630" 794310390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.631" 794310390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.631" 794310390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.638" 794310406 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.639" 794310406 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.640" 794310406 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.645" 794310406 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.648" 794310406 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.648" 794310406 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.654" 794310421 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.655" 794310421 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.656" 794310421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.662" 794310421 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.663" 794310421 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.664" 794310421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.672" 794310437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.673" 794310437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.673" 794310437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.679" 794310437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.681" 794310437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.681" 794310437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.687" 794310453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.688" 794310453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.689" 794310453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.695" 794310453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.697" 794310453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.698" 794310468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.703" 794310468 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.705" 794310468 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.705" 794310468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.721" 794310484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.723" 794310484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.724" 794310484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.732" 794310500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.734" 794310500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.735" 794310500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.746" 794310515 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.748" 794310515 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.749" 794310515 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.756" 794310515 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.758" 794310515 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.758" 794310515 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.799" 794310562 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.800" 794310562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.801" 794310562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.806" 794310562 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.807" 794310578 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.808" 794310578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.813" 794310578 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.815" 794310578 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.815" 794310578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.820" 794310578 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.821" 794310578 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.822" 794310578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.828" 794310593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.829" 794310593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.849" 794310609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
|
|
14.05.2018, 14:03
| #9 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 5. Teil Code:
ATTFilter 05/12/18 " 13:51:32.856" 794310625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.858" 794310625 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.858" 794310625 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.864" 794310625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.866" 794310625 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.866" 794310625 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.871" 794310640 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.873" 794310640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.873" 794310640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.880" 794310640 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.881" 794310640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.881" 794310640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.917" 794310687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.918" 794310687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.919" 794310687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.924" 794310687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.925" 794310687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.926" 794310687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.932" 794310687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.933" 794310703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.933" 794310703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.940" 794310703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.941" 794310703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.941" 794310703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.968" 794310734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.970" 794310734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.971" 794310734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:32.977" 794310734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:32.980" 794310750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:32.982" 794310750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.005" 794310765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.007" 794310765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.007" 794310765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.014" 794310781 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.015" 794310781 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.016" 794310781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.021" 794310781 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.022" 794310781 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.022" 794310781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.045" 794310812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.047" 794310812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.048" 794310812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.053" 794310812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.055" 794310812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.055" 794310812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.061" 794310828 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.063" 794310828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.063" 794310828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.068" 794310828 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.070" 794310828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.070" 794310828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.107" 794310875 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.108" 794310875 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.109" 794310875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.124" 794310890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.125" 794310890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.126" 794310890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.131" 794310890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.132" 794310890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.133" 794310890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.138" 794310906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.139" 794310906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.139" 794310906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.144" 794310906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.171" 794310937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.172" 794310937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.177" 794310937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.179" 794310937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.180" 794310937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.186" 794310953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.187" 794310953 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.188" 794310953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.193" 794310953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.195" 794310953 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.195" 794310953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.201" 794310968 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.202" 794310968 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.203" 794310968 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.254" 794311015 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.255" 794311015 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.256" 794311015 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.261" 794311031 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.263" 794311031 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.264" 794311031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.269" 794311031 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.270" 794311031 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.271" 794311031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.276" 794311046 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.278" 794311046 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.278" 794311046 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.312" 794311078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.316" 794311078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.317" 794311078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.323" 794311093 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.325" 794311093 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.325" 794311093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.331" 794311093 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.333" 794311093 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.333" 794311093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.339" 794311109 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.341" 794311109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.341" 794311109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.347" 794311109 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.355" 794311125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.356" 794311125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.366" 794311125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.367" 794311125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.368" 794311125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.373" 794311140 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.375" 794311140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.375" 794311140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.382" 794311140 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.383" 794311140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.384" 794311140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.389" 794311156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.391" 794311156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.391" 794311156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.420" 794311187 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.422" 794311187 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.422" 794311187 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.428" 794311187 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.429" 794311187 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.430" 794311187 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.435" 794311203 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.437" 794311203 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.437" 794311203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.443" 794311203 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.444" 794311203 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.444" 794311203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.471" 794311234 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.473" 794311234 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.474" 794311234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.479" 794311250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.482" 794311250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.482" 794311250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.487" 794311250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.488" 794311250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.489" 794311250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.494" 794311250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.495" 794311265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.495" 794311265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.502" 794311265 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.503" 794311265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.519" 794311281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.525" 794311281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.527" 794311296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.528" 794311296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.535" 794311296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.537" 794311296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.537" 794311296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.542" 794311312 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.543" 794311312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.543" 794311312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.549" 794311312 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.551" 794311312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.551" 794311312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.596" 794311359 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.598" 794311359 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.599" 794311359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.608" 794311375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.610" 794311375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.610" 794311375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.616" 794311375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.617" 794311375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.618" 794311375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.623" 794311390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.624" 794311390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.625" 794311390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.630" 794311390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.650" 794311406 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.651" 794311421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.665" 794311421 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.667" 794311437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.668" 794311437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.674" 794311437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.676" 794311437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.676" 794311437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.682" 794311437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.683" 794311453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.684" 794311453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.689" 794311453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.691" 794311453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.691" 794311453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.718" 794311484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.719" 794311484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.720" 794311484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.725" 794311484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.726" 794311484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.726" 794311484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.731" 794311500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.733" 794311500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.733" 794311500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.738" 794311500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.740" 794311500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.740" 794311500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.745" 794311515 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.769" 794311531 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.770" 794311531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.776" 794311546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.779" 794311546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.779" 794311546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.785" 794311546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.786" 794311546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.787" 794311546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.792" 794311562 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.793" 794311562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.793" 794311562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.798" 794311562 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.800" 794311562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.800" 794311562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.836" 794311593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.837" 794311593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.838" 794311593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.844" 794311609 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.846" 794311609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.846" 794311609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.852" 794311609 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.853" 794311609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.854" 794311625 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.860" 794311625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.862" 794311625 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.862" 794311625 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.898" 794311656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.900" 794311656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.900" 794311656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.905" 794311671 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.907" 794311671 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.907" 794311671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.912" 794311671 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.913" 794311671 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.914" 794311671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.920" 794311687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.921" 794311687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.922" 794311687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.927" 794311687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.958" 794311718 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.959" 794311718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.973" 794311734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.974" 794311734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.975" 794311734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.981" 794311750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.983" 794311750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.983" 794311750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.988" 794311750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.990" 794311750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.990" 794311750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:33.995" 794311765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:33.997" 794311765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:33.997" 794311765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.019" 794311781 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.021" 794311781 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.021" 794311781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.026" 794311796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.028" 794311796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.028" 794311796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.035" 794311796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.036" 794311796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.036" 794311796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.041" 794311812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.043" 794311812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.043" 794311812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.049" 794311812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.068" 794311828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.068" 794311828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.073" 794311843 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.075" 794311843 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.075" 794311843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.081" 794311843 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.082" 794311843 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.083" 794311843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.089" 794311859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.090" 794311859 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.091" 794311859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.096" 794311859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.098" 794311859 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.099" 794311859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.130" 794311890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.133" 794311890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.134" 794311890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.140" 794311906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.141" 794311906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.141" 794311906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.147" 794311906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.148" 794311906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.148" 794311906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.154" 794311921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.155" 794311921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.156" 794311921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.178" 794311937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.180" 794311937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.180" 794311937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.197" 794311953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.201" 794311968 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.202" 794311968 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.212" 794311968 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.214" 794311984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.214" 794311984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.220" 794311984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.222" 794311984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.222" 794311984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.228" 794311984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.229" 794312000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.229" 794312000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.273" 794312031 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.307" 794312062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.307" 794312078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.312" 794312078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.314" 794312078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.315" 794312078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.320" 794312078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.321" 794312078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.322" 794312078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.327" 794312093 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.329" 794312093 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.329" 794312093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.335" 794312093 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.336" 794312093 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.336" 794312093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.377" 794312140 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.379" 794312140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.379" 794312140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.385" 794312156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.386" 794312156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.387" 794312156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.392" 794312156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.393" 794312156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.394" 794312156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.398" 794312156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.402" 794312171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.402" 794312171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.407" 794312171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.410" 794312171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.444" 794312203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.450" 794312218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.452" 794312218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.452" 794312218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.457" 794312218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.459" 794312218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.459" 794312218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.465" 794312234 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.466" 794312234 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.466" 794312234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.472" 794312234 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.473" 794312234 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.474" 794312234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.505" 794312265 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.507" 794312265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.507" 794312265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.513" 794312281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.514" 794312281 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.515" 794312281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.520" 794312281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.522" 794312281 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.522" 794312281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.527" 794312296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.529" 794312296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.529" 794312296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.534" 794312296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.551" 794312312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.552" 794312312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.557" 794312328 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.559" 794312328 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.559" 794312328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.565" 794312328 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.566" 794312328 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.567" 794312328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.572" 794312328 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.573" 794312343 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.574" 794312343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.580" 794312343 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.581" 794312343 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.581" 794312343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.605" 794312375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.607" 794312375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.608" 794312375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.621" 794312390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.622" 794312390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.624" 794312390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.629" 794312390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.631" 794312390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.631" 794312390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.637" 794312406 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.638" 794312406 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.639" 794312406 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.675" 794312437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.677" 794312437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.678" 794312437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.683" 794312453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.684" 794312453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.685" 794312453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.690" 794312453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.692" 794312453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.692" 794312453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.697" 794312453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
|
|
14.05.2018, 14:05
| #10 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 6. Teil Code:
ATTFilter 05/12/18 " 13:51:34.698" 794312468 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.699" 794312468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.705" 794312468 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.706" 794312468 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.706" 794312468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.727" 794312484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.728" 794312484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.729" 794312484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.734" 794312500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.736" 794312500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.737" 794312500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.742" 794312500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.743" 794312500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.744" 794312500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.757" 794312515 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.763" 794312531 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.763" 794312531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.776" 794312546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.778" 794312546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.778" 794312546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.784" 794312546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.786" 794312546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.786" 794312546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.791" 794312546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.793" 794312562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.794" 794312562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.799" 794312562 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.800" 794312562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.801" 794312562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.806" 794312562 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.807" 794312578 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.814" 794312578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.822" 794312578 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.824" 794312593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.825" 794312593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.830" 794312593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.831" 794312593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.831" 794312593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.837" 794312593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.839" 794312609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.839" 794312609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.845" 794312609 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.846" 794312609 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.847" 794312609 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.855" 794312625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.857" 794312625 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.857" 794312625 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.862" 794312625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.863" 794312625 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.864" 794312625 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.869" 794312625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.871" 794312640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.871" 794312640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.878" 794312640 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.880" 794312640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.881" 794312640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.886" 794312656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.893" 794312656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.893" 794312656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.898" 794312656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.900" 794312656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.900" 794312656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.906" 794312671 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.908" 794312671 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.909" 794312671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.914" 794312671 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.917" 794312687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.917" 794312687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.924" 794312687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.925" 794312687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.925" 794312687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.933" 794312703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.934" 794312703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.935" 794312703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.940" 794312703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.942" 794312703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.942" 794312703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.948" 794312703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.949" 794312718 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.950" 794312718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.956" 794312718 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.958" 794312718 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.958" 794312718 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.965" 794312734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.967" 794312734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.967" 794312734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.972" 794312734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.973" 794312734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.974" 794312734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.979" 794312734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.981" 794312750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.981" 794312750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.987" 794312750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.989" 794312750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:34.989" 794312750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:34.995" 794312765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:34.996" 794312765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.001" 794312765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.008" 794312765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.009" 794312765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.010" 794312765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.015" 794312781 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.017" 794312781 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.017" 794312781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.022" 794312781 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.023" 794312781 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.024" 794312781 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.029" 794312796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.031" 794312796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.032" 794312796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.040" 794312796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.042" 794312812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.043" 794312812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.049" 794312812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.050" 794312812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.051" 794312812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.057" 794312812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.060" 794312828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.060" 794312828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.075" 794312843 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.077" 794312843 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.078" 794312843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.088" 794312843 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.107" 794312875 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.107" 794312875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.113" 794312875 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.114" 794312875 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.115" 794312875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.120" 794312890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.122" 794312890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.122" 794312890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.128" 794312890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.130" 794312890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.130" 794312890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.135" 794312890 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.137" 794312906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.138" 794312906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.149" 794312906 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.150" 794312906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.151" 794312906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.156" 794312921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.158" 794312921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.158" 794312921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.164" 794312921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.165" 794312921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.165" 794312921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.171" 794312937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.172" 794312937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.173" 794312937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.188" 794312953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.189" 794312953 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.189" 794312953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.194" 794312953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.196" 794312953 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.196" 794312953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.202" 794312968 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.204" 794312968 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.205" 794312968 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.210" 794312968 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.211" 794312968 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.212" 794312968 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.217" 794312984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.224" 794312984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.225" 794312984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.232" 794313000 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.234" 794313000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.235" 794313000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.252" 794313015 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.254" 794313015 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.254" 794313015 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.260" 794313015 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.262" 794313031 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.262" 794313031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.267" 794313031 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.269" 794313031 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.269" 794313031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.296" 794313062 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.297" 794313062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.297" 794313062 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.302" 794313062 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.304" 794313062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.305" 794313062 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.310" 794313078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.311" 794313078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.311" 794313078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.317" 794313078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.318" 794313078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.318" 794313078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.325" 794313093 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.342" 794313109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.342" 794313109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.358" 794313125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.359" 794313125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.360" 794313125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.365" 794313125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.367" 794313125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.367" 794313125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.373" 794313140 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.374" 794313140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.375" 794313140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.380" 794313140 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.381" 794313140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.381" 794313140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.413" 794313171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.415" 794313171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.416" 794313171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.422" 794313187 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.423" 794313187 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.424" 794313187 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.429" 794313187 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.431" 794313187 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.431" 794313187 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.446" 794313203 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.447" 794313203 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.447" 794313203 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.476" 794313234 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.478" 794313234 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.478" 794313234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.484" 794313250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.485" 794313250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.486" 794313250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.491" 794313250 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.492" 794313250 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.493" 794313250 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.498" 794313265 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.499" 794313265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.500" 794313265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.506" 794313265 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.507" 794313265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.507" 794313265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.538" 794313296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.539" 794313296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.540" 794313296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.545" 794313312 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.547" 794313312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.547" 794313312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.552" 794313312 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.554" 794313312 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.554" 794313312 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.559" 794313328 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.560" 794313328 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.561" 794313328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.586" 794313343 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.598" 794313359 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.599" 794313359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.613" 794313375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.615" 794313375 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.615" 794313375 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.620" 794313390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.621" 794313390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.622" 794313390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.627" 794313390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.629" 794313390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.629" 794313390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.635" 794313390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.637" 794313406 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.638" 794313406 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.654" 794313421 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.657" 794313421 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.657" 794313421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.663" 794313421 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.665" 794313421 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.666" 794313421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.673" 794313437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.674" 794313437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.675" 794313437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.680" 794313437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.681" 794313437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.681" 794313437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.711" 794313468 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.713" 794313468 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.713" 794313468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.719" 794313484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.720" 794313484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.721" 794313484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.726" 794313484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.728" 794313484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.728" 794313484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.734" 794313500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.735" 794313500 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.736" 794313500 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.767" 794313531 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.769" 794313531 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.769" 794313531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.775" 794313531 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.776" 794313546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.777" 794313546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.782" 794313546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.784" 794313546 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.785" 794313546 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.791" 794313546 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.793" 794313562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.794" 794313562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.800" 794313562 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.801" 794313562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.809" 794313578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.814" 794313578 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.815" 794313578 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.816" 794313578 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.821" 794313578 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.822" 794313578 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.823" 794313593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.828" 794313593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.829" 794313593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.829" 794313593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.835" 794313593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.836" 794313593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.836" 794313593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.859" 794313625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.860" 794313625 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.861" 794313625 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.867" 794313625 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.869" 794313625 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.870" 794313640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.876" 794313640 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.878" 794313640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.878" 794313640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.883" 794313640 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.885" 794313640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.885" 794313640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.891" 794313656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.913" 794313671 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.914" 794313671 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.920" 794313687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.922" 794313687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.922" 794313687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.928" 794313687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.929" 794313687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.929" 794313687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.934" 794313703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.936" 794313703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.936" 794313703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.942" 794313703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.943" 794313703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.943" 794313703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.969" 794313734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.970" 794313734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.971" 794313734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.977" 794313734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
|
|
14.05.2018, 14:07
| #11 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 7. Teil Code:
ATTFilter 05/12/18 " 13:51:35.979" 794313734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.979" 794313750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.985" 794313750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.986" 794313750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.987" 794313750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:35.992" 794313750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:35.993" 794313750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:35.994" 794313750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.030" 794313796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.032" 794313796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.033" 794313796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.038" 794313796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.040" 794313796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.041" 794313796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.046" 794313812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.047" 794313812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.047" 794313812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.052" 794313812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.054" 794313812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.054" 794313812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.060" 794313828 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.061" 794313828 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.062" 794313828 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.097" 794313859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.098" 794313859 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.099" 794313859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.104" 794313859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.105" 794313875 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.106" 794313875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.112" 794313875 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.113" 794313875 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.114" 794313875 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.119" 794313875 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.120" 794313890 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.121" 794313890 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.159" 794313921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.160" 794313921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.161" 794313921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.166" 794313921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.167" 794313937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.168" 794313937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.173" 794313937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.174" 794313937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.175" 794313937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.180" 794313937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.181" 794313937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.181" 794313937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.187" 794313953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.189" 794313953 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.189" 794313953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.225" 794313984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.227" 794313984 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.228" 794313984 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.236" 794314000 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.238" 794314000 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.239" 794314000 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.245" 794314015 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.246" 794314015 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.247" 794314015 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.252" 794314015 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.253" 794314015 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.253" 794314015 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.275" 794314031 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.280" 794314046 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.282" 794314046 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.291" 794314046 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.293" 794314062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.293" 794314062 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.299" 794314062 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.300" 794314062 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.301" 794314062 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.306" 794314062 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.308" 794314078 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.308" 794314078 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.315" 794314078 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.326" 794314093 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.326" 794314093 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.338" 794314093 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.341" 794314109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.342" 794314109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.349" 794314109 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.351" 794314109 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.351" 794314109 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.357" 794314125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.359" 794314125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.359" 794314125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.366" 794314125 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.367" 794314125 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.367" 794314125 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.374" 794314140 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.381" 794314140 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.381" 794314140 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.386" 794314156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.388" 794314156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.388" 794314156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.394" 794314156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.395" 794314156 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.395" 794314156 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.400" 794314156 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.401" 794314171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.402" 794314171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.408" 794314171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.409" 794314171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.410" 794314171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.414" 794314171 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.416" 794314171 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.416" 794314171 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.448" 794314218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.450" 794314218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.450" 794314218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.456" 794314218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.458" 794314218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.458" 794314218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.464" 794314234 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.465" 794314234 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.465" 794314234 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.502" 794314265 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.503" 794314265 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.504" 794314265 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.513" 794314281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.515" 794314281 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.515" 794314281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.521" 794314281 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.522" 794314281 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.523" 794314281 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.528" 794314296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.529" 794314296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.530" 794314296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.536" 794314296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.562" 794314328 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.563" 794314328 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.578" 794314343 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.579" 794314343 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.579" 794314343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.585" 794314343 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.586" 794314343 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.587" 794314343 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.593" 794314359 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.596" 794314359 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.597" 794314359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.602" 794314359 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.603" 794314359 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.603" 794314359 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.616" 794314375 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.621" 794314390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.622" 794314390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.629" 794314390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.630" 794314390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.631" 794314390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.636" 794314406 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.637" 794314406 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.638" 794314406 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.644" 794314406 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.645" 794314406 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.646" 794314406 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.650" 794314406 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.672" 794314437 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.673" 794314437 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.689" 794314453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.691" 794314453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.GreatDealz, ObjectPath=C:\PROGRAM FILES (X86)\GreatDealz"
05/12/18 " 13:51:36.691" 794314453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.693" 794314453 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\PROGRAM FILES (X86)\GreatDealz and C:\Program Files (x86)\GreatDealz"
05/12/18 " 13:51:36.694" 794314453 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.694" 794314453 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.700" 794314468 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.701" 794314468 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.701" 794314468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.707" 794314468 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.709" 794314468 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.709" 794314468 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.723" 794314484 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.725" 794314484 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.726" 794314484 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.739" 794314500 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.741" 794314500 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""35c15e57f1bc8f72a712fa3313a0333ea84d2c4d52f176ce23b4505b3d10cab1"",""md5"":""66c2d240e8422aa395a5286ce7ae17a4"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:51:36.741" 794314500 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:51:36.748" 794314515 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.749" 794314515 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.757" 794314515 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.759" 794314515 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.760" 794314515 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.765" 794314531 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.767" 794314531 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.767" 794314531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.773" 794314531 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.775" 794314531 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.775" 794314531 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.801" 794314562 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.803" 794314562 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.803" 794314562 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.834" 794314593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.836" 794314593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.837" 794314593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.880" 794314640 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.881" 794314640 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.881" 794314640 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.887" 794314656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.889" 794314656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.889" 794314656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.928" 794314687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.930" 794314687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.930" 794314687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.944" 794314703 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.945" 794314703 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.946" 794314703 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.961" 794314718 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.963" 794314718 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.964" 794314734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.970" 794314734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.971" 794314734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.972" 794314734 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.978" 794314734 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.979" 794314734 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.979" 794314750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.985" 794314750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.986" 794314750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.987" 794314750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.992" 794314750 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:36.994" 794314750 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:36.994" 794314750 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:36.999" 794314765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.000" 794314765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.000" 794314765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.006" 794314765 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.007" 794314765 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.007" 794314765 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.024" 794314781 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.026" 794314796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.027" 794314796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.032" 794314796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.034" 794314796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.034" 794314796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.039" 794314796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.041" 794314796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.041" 794314796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.048" 794314812 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.050" 794314812 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.050" 794314812 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.072" 794314828 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.075" 794314843 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.076" 794314843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.082" 794314843 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.084" 794314843 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.085" 794314843 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.091" 794314859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.094" 794314859 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.094" 794314859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.100" 794314859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.101" 794314859 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.102" 794314859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.106" 794314875 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.137" 794314906 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.138" 794314906 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.151" 794314921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.153" 794314921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.153" 794314921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.158" 794314921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.160" 794314921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.160" 794314921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.165" 794314921 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.166" 794314921 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.166" 794314921 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.172" 794314937 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.175" 794314937 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.176" 794314937 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.220" 794314984 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:37.259" 794315015 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 13:51:37.259" 794315015 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/12/18 " 13:51:37.259" 794315015 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:51:37.456" 794315218 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:37.457" 794315218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:37.463" 794315218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:38.096" 794315859 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:38.097" 794315859 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:38.103" 794315859 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:38.267" 794316031 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:38.268" 794316031 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:38.274" 794316031 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:38.448" 794316203 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:38.448" 794316218 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:38.453" 794316218 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:38.533" 794316296 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:38.534" 794316296 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:38.539" 794316296 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:39.188" 794316953 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:39.189" 794316953 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:39.193" 794316953 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:39.621" 794317390 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:39.622" 794317390 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:39.628" 794317390 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:47.804" 794325562 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 13:51:47.804" 794325562 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/12/18 " 13:51:47.804" 794325562 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:51:47.918" 794325687 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:47.918" 794325687 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:47.924" 794325687 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:48.035" 794325796 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:48.035" 794325796 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:48.041" 794325796 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:48.826" 794326593 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:48.826" 794326593 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:48.833" 794326593 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:49.589" 794327359 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""271f3deb0cc6828bd894dc9462d30c4d440a96e1d82927c92ccd8a99d48fa14d"",""md5"":""c4cf61cfea5fefc23a7dc6c3275642d1"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:51:49.589" 794327359 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\BROWNY02\BRYNSVC.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:51:50.890" 794328656 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:51:50.891" 794328656 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:51:50.896" 794328656 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:51:51.417" 794329187 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""d1aae5b0425047ca0c2d376d3e59324d35a90df9074cd442dfd0ed6e434d3c84"",""md5"":""3bb48f7e33c2b76184ddf233000c09cd"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:51:51.417" 794329187 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\COMMON FILES\SONY SHARED\FSK\SONYSCSIHELPERSERVICE.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:51:51.760" 794329531 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""b48a00b00dfdfcf6911911b34788cd359bf90ab66f4a2a3fe177b75eb775c2c2"",""md5"":""053c93d5967e08748dba0e132eaec0b3"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:51:51.760" 794329531 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\AMDUSB3DEVICEDETECTOR\NUSB3MON.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:51:52.378" 794330140 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""3ac3d29b89616421f2f92743a9fa32cc14c7d309d0898ac3a73e8668b04b8199"",""md5"":""f448ddc69cdaa391dba26c3bcdd67dda"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:51:52.378" 794330140 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\BROTHER\BROTHER HELP\BROTHERHELP.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:51:53.897" 794331656 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""a69d37c34713a16210d3a325418df1acaaa0cd252bceb41abde91775fe193fc9"",""md5"":""0e3bb9e5ca462cfa7033a1628c7ef104"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:51:53.897" 794331656 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\WORDEXPANDER\WORDEXPANDER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:52:05.110" 794342875 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""24aab8c944a6420e901e3d08ab37fe4081279b982d315515f5f21ac479fcac0a"",""md5"":""9dd1e2f2c5baac44ff166b458c03001c"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:52:05.110" 794342875 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\SCIROCCO\SCIROCCO TAKE A BREAK\TAKEABREAK.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:52:12.970" 794350734 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 13:52:15.204" 794352968 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 13:52:15.204" 794352968 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 13:52:15.219" 794352984 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 13:52:15.220" 794352984 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 13:52:15.221" 794352984 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 13:52:15.221" 794352984 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 13:52:15.221" 794352984 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5078]"
05/12/18 " 13:52:15.728" 794353484 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/12/18 " 13:52:15.728" 794353484 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 13:52:30.665" 794368421 49d0 444c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.Conduit, ObjectPath=C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 13:52:30.666" 794368421 49d0 444c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/12/18 " 13:52:30.676" 794368437 49d0 444c INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPathsPreCleanNotStarted "PreCleanEngine.cpp" 402 "Ignoring clean item because it is a duplicate, C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS and C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js"
05/12/18 " 13:53:38.347" 794436109 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""3fa2c24b32e01c88edd94dabf8a20fdda99d26e7d1e753ba0a62f62cf92d2a5c"",""md5"":""8a3477ea368f11357df091112ca65b8e"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:53:38.347" 794436109 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCTRLCNTR.EXE' (shuriken) => Hubble:WhiteListed"
|
|
14.05.2018, 14:10
| #12 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 8. Teil Code:
ATTFilter 05/12/18 " 13:53:38.812" 794436578 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""7496f86c82c6aaa97a0ef8925fc5f197eccd8e944ce88d8d2a3e35141c64f58e"",""md5"":""93334849de66f92a184eb7446297b995"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:53:38.812" 794436578 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCUXSYS.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:53:42.874" 794440640 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""2b3d9cee0b5c88482e7f802ef110ec50bd848de79c0e5a64167eedf932e09167"",""md5"":""eae7f591c17ef1361622039d2375f7b5"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:53:42.874" 794440640 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\JL SEASIDE CALENDAR\JL SEASIDE CALENDAR.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:53:43.846" 794441609 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""1c436467bb14ad031b46747547b7e747041ae73f38f44767b3ed23cab1ab796e"",""md5"":""123247c4cb184074fe46e387adb91cea"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:53:43.846" 794441609 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\GMAILDEFAULTMAKER\GMAILDEFAULTMAKER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:53:45.442" 794443203 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""85cbe3f2bd61316543023dfd03984b79bfe7e9e43db9a7886fcf040a48c84c8c"",""md5"":""407497c28da9313bf176d1b9e3870fc6"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:53:45.442" 794443203 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ANKI\ANKI.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:53:47.848" 794445609 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""06fe230d5474ff988d9af5292f562707a725e0843941a2afbb30223bed2755a0"",""md5"":""abfbd35316f847b400ba97b44465f257"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:53:47.848" 794445609 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRTWNACCS.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:53:48.468" 794446234 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""1d9fbaf080ff3b9fc552809b08a15a1f039d44f5b4eb9b25ec336e7cd6087b0f"",""md5"":""a6868722d46ca33afd6d3fb2bd0c0bef"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:53:48.468" 794446234 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\SCRIVENER\CLIPBOARD.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:53:53.260" 794451031 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""79515acd2f85b95e12495a55edc0efe52454559c63a661ff9a74da0afd010d75"",""md5"":""3176b4035f1ab517f922c0974815c3e5"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:53:53.260" 794451031 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\JUTOH\JUTOH_LAUNCHER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:53:58.955" 794456718 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""e902c3c853e8b7c5c91a8eb6086210dab56e8571f047632a3d5eaacf7649db36"",""md5"":""1ef2c9befbb3c940a43ec2d066ae3204"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:53:58.955" 794456718 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER_NODD.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:00.041" 794457796 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""3d77947c6fbdf1a23b8059829cf15b2687420d299baa0bc47dfdac26f5b00905"",""md5"":""a1a8f03b53b7b69ae017fee7f1f3652f"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:00.041" 794457796 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\285208b2-55db-11e8-a796-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:00.043" 794457812 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus "WhiteListManager.cpp" 201 "Started batch white listing"
05/12/18 " 13:54:00.401" 794458171 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""dc88cb30bc97cdcea675f57b2154280529e84be0ae43aa220fd6490e8a1f3ee8"",""md5"":""f64b12e6b6b6ff3554dee0b00b913668"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false},{""sha256"":""8b0db0ddfaff4686a9fd22b15934ac51db6465982656e93a79bc78b4e5c818ed"",""md5"":""232f543de5ca1ffaa8bff1c62c544666"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false},{""sha256"":""7c2959935b02b92b9d1e721cdd4265e846ee46994ddd951ef171781160ca4670"",""md5"":""71a35f818ed2b8d7a67505d7763b2d64"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:00.401" 794458171 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2858c008-55db-11e8-ba91-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:00.401" 794458171 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\285c1b7c-55db-11e8-93fd-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:00.401" 794458171 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\DESKTOP\WINDOWS LIZENZSCHLüSSEL.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:00.401" 794458171 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_3bcb9cc954dffdcfeac0e133a8c0d2b7>::operator () "WhiteListManager.cpp" 208 "Completed batch white listing"
05/12/18 " 13:54:02.391" 794460156 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""3d042b08e1f07d16ce48ffb012fbfeb83a3b1c777e32d5dfc2ecdce6e1113ea9"",""md5"":""d1e73044dc027a4fae39776f520e9c61"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:02.392" 794460156 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRMAPISEND.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:03.100" 794460859 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""38a4e59fe4913aab87c06a358a290a5f9cdb0d17d8077f90e4137e6e3f94c6d7"",""md5"":""af268515c1b6aabbda319a6f4be08c74"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:03.100" 794460859 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2a0b8bc4-55db-11e8-a6cf-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:03.497" 794461265 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""8e2c3a0087d584ddcedda2cfba7a8db1accbf378a0d9a0bada7f5891e270cd54"",""md5"":""aca3e1966ef2b4ff8ae64b5269bb6594"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:03.497" 794461265 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2a12e22a-55db-11e8-b57c-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:04.690" 794462453 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""85df17aec997ea769bd5fa56ea78164f123b6337cfdab619735c64b58f8791c7"",""md5"":""a0039528834dcdfa2d583baf6d74d867"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:04.690" 794462453 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2b06aa86-55db-11e8-b615-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:06.062" 794463828 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""f65e80a15f41e8a9ea3384ea68507c6d30fea5954dbe5026c5156a1c5c1e3cda"",""md5"":""4b7a6e06a973448b71a3451bb94191f4"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:06.062" 794463828 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2bdfde8c-55db-11e8-a3e6-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:06.354" 794464125 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""d7e8b5d18cf3946c0fab9fba957a47ef92dd752ee24a52d366a8c18d61e2dcf1"",""md5"":""bb4863a0d4046c06e20968cdd0942717"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:06.354" 794464125 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2be5a79a-55db-11e8-9c8a-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:07.592" 794465359 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""7b8795a2fb328442378d56b67d2c85bce86b0e40b0dca1b4113f553cbbd906ab"",""md5"":""4cf5173c5ad10b20af4bb1e72c7befc9"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:07.592" 794465359 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2ca49baa-55db-11e8-b834-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:08.294" 794466062 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""2cf4f78ec4be99258bc91f5d94a9af261f0dbdfd55d0100dca2ca88813aad4b4"",""md5"":""c0f72af517e27cfe23d4e37ec7ff7e9e"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:08.294" 794466062 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCBOOT.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:12.161" 794469921 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""7a8ace1744b8cf940609a35cce6a3c0a01cf5c7880cd3a8614d71ad9354b8e1a"",""md5"":""6371852c70957c342fec4db571f8da13"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:12.161" 794469921 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\PC-FAXRECEIVE\PCFAXRX.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:12.579" 794470343 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""3d34d47bca2a6705a643ef914d6c669f99877050b7466c13f350868694653a06"",""md5"":""2104220b38160fdfd36359e134be7486"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:12.579" 794470343 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRMFRMSS.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:16.837" 794474593 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""1e1da6511886a623dd2a41250a08b02ebdb374f3cb556c95b58a59a058fee9b1"",""md5"":""3982aa85a3e1b5a3f82cbd76e286a780"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:16.837" 794474593 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\31fd518c-55db-11e8-bc08-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:17.171" 794474937 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""a0ada2db30ee5cd575246b4d1271c84f5540b776b3992954070de6c520518d83"",""md5"":""6d61b31b3ae37d7e5a2156110b030c8e"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:17.171" 794474937 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\326eb6ce-55db-11e8-b8db-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:17.396" 794475156 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""e8dea40eb60bba7d43e59768afa00d9486300bfd8a2f7ba9576bd1b01b595ad5"",""md5"":""6c4885781988442d3562ca0d8f6e059c"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:17.396" 794475156 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\328ec5fe-55db-11e8-acc9-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:18.419" 794476187 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""022f11d78e3e6f8651ddeb3e7e4e195a6ea2e28cc57a92b518ab00355ae10d91"",""md5"":""f74182d30d44c770b219a9853de78e51"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:18.419" 794476187 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRLOGRX.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:21.076" 794478843 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|95B2916EE68375E982E2647FDF9EA85AC7EC478C0109309567982DF1DBB572B6' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 13:54:21.078" 794478843 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' in Hubble's cache, value = WhiteListed"
05/12/18 " 13:54:21.078" 794478843 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:30.692" 794488453 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""cfda8654934aa0936a0865ae30df3f52fc98d5aca5ce1e549dc6f944606e5ed5"",""md5"":""3dde3ff7711d889da8a162a208ddd3ec"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:30.692" 794488453 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\TINYPIC\TINYPIC.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:31.138" 794488906 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""c091e5e6769d23c37746c8e636b6644b8fe7d973986e86bb385be2601eee2b51"",""md5"":""d52c2aa3afb49db3c187449dd893b1ea"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:31.138" 794488906 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:35.066" 794492828 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""4338aca3f0bfc8f164930427162592e5c0b072df7f5a46457fa4789909b0b6ff"",""md5"":""40268ded9af17189fb36f143a5dfcbbc"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:35.066" 794492828 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\3d0bd634-55db-11e8-b7e3-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:35.334" 794493093 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""cca93cf0b2bd40e440dc34160fecbfa0016a3fbc6f603ca7c5442568735a96b1"",""md5"":""f30bbf477e2afc70f669cfc2efe91759"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:35.334" 794493093 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\3d28d568-55db-11e8-8799-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:36.571" 794494328 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""5d759cf2cdaf9a66763323f342a462a9be141e74d6a43f6c7c6ad41c18f0674e"",""md5"":""66b7daa9bc2336d619d2f3b987167171"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:36.571" 794494328 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\3e10d016-55db-11e8-8bec-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:36.911" 794494671 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""a731d5993b9864d829ff0e0144572cd816e9998797902d1a6307549213508a18"",""md5"":""5ce9b1c1421497b1e0df267c41b9631b"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:36.911" 794494671 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\3e15d9a8-55db-11e8-bc7e-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:38.097" 794495859 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""22ced8befd5ec9bd8df58ca6fecb27eb1ec289baaa1350459488cc4691cc16f8"",""md5"":""7fa3c095c582b5d14c8a6ef2e33e4672"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:38.097" 794495859 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\3efbaf78-55db-11e8-864b-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:47.614" 794505375 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""11b4ad54831d7062dfbb38a13a37bced9c46d28f0dd11a9eafbc31282632826a"",""md5"":""d52e631136a50e0457ee24d222dc70a0"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:47.614" 794505375 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\44b465c2-55db-11e8-945c-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:50.839" 794508609 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""7d277ab2cac293a6cd3c8e2e92f0ef720e1257764fcc1ca9bb210ec7e9a2884f"",""md5"":""7021b17338fbfd5e5156548a7e42f156"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:50.839" 794508609 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\469da5b0-55db-11e8-87b8-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:52.909" 794510671 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""8d44f5f10d6aa32f87d3a1b7d13ad35108befb20360a96cc502a4fa6703a5ee5"",""md5"":""a9357063949b93763c563ef9f922d91e"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:52.909" 794510671 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\478bcf4c-55db-11e8-84e7-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:54:53.099" 794510859 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""4cce814dd613b765456e23123dd64d5ec7090ea3849c171a232783982ecba43e"",""md5"":""d13eab774fcc0cd058fbf24619e866de"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:54:53.099" 794510859 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\478f2af2-55db-11e8-b183-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:55:03.263" 794521031 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""cf8fe678eb7ee4d74089e1975b94cb364c8c43fbde43bb12612fd69ee3b234f5"",""md5"":""13140f24fd6c4c3671f80e4297c53035"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:55:03.263" 794521031 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\4deaf660-55db-11e8-a2b5-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:55:08.112" 794525875 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 13:55:08.113" 794525875 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/12/18 " 13:55:08.113" 794525875 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:55:16.730" 794534500 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A0ADA2DB30EE5CD575246B4D1271C84F5540B776B3992954070DE6C520518D83' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 13:55:16.730" 794534500 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\561f80c6-55db-11e8-8caf-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/12/18 " 13:55:16.730" 794534500 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\561f80c6-55db-11e8-8caf-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:55:17.330" 794535093 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 404 "Response body from Hubble request: {""results"":[{""sha256"":""4e73515c7004ac747cd129a2372621b4348d9c6185eaa299cf51a8ad75b0f49f"",""md5"":""cc460cf8ef51dff2b6284f1065830175"",""classification"":""DO_NOT_DETECT"",""trust_always"":true,""send_file"":false}]}"
05/12/18 " 13:55:17.330" 794535093 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5647f826-55db-11e8-b865-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:55:39.605" 794557375 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 13:55:39.605" 794557375 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/12/18 " 13:55:39.605" 794557375 49d0 41c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/12/18 " 13:55:55.646" 794573406 49d0 23d8 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 146 "Shutting down linker, waiting for it to complete"
05/12/18 " 13:55:55.646" 794573406 49d0 23d8 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::UnInit "Linker.cpp" 133 "Un-initializing linker"
05/12/18 " 13:55:56.229" 794574000 49d0 23d8 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 146 "Shutting down linker, waiting for it to complete"
05/12/18 " 13:55:57.186" 794574953 49d0 23d8 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::PerformScan "Scanner.cpp" 938 "Scan completed."
05/12/18 " 13:55:57.186" 794574953 49d0 23d8 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/12/18 " 13:55:57.361" 794575125 49d0 23d8 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/12/18 " 13:55:57.372" 794575140 49d0 23d8 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/12/18 " 13:55:57.461" 794575218 49d0 23d8 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/12/18 " 13:56:01.537" 794579296 49d0 23d8 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/12/18 " 13:57:57.785" 794695546 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 14:03:07.378" 795005140 49d0 4bfc INFO CleanControllerImpl Cleaner::Clean "Cleaner.cpp" 56 "Start of clean, client 'MbamUI', detection results 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\98c086ec-55da-11e8-b8f6-2c56dc97df15.json'"
05/12/18 " 14:03:07.744" 795005500 49d0 4bfc INFO CleanControllerImpl PreCleanEngine::AddPreCleanCompletedCleanItem "PreCleanEngine.cpp" 245 "Clean item's action was set to ignore, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK"
05/12/18 " 14:03:07.745" 795005515 49d0 4bfc INFO CleanControllerImpl PreCleanEngine::AddPreCleanCompletedCleanItem "PreCleanEngine.cpp" 245 "Clean item's action was set to ignore, C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE"
05/12/18 " 14:03:07.747" 795005515 49d0 4bfc INFO CleanControllerImpl PreCleanEngine::AddPreCleanCompletedCleanItem "PreCleanEngine.cpp" 245 "Clean item's action was set to ignore, C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE"
05/12/18 " 14:03:07.748" 795005515 49d0 4bfc INFO CleanControllerImpl PreCleanEngine::AddPreCleanCompletedCleanItem "PreCleanEngine.cpp" 245 "Clean item's action was set to ignore, C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE"
05/12/18 " 14:03:07.748" 795005515 49d0 4bfc INFO CleanControllerImpl PreCleanEngine::AddPreCleanCompletedCleanItem "PreCleanEngine.cpp" 245 "Clean item's action was set to ignore, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE"
05/12/18 " 14:03:10.407" 795008171 49d0 4bfc INFO CleanControllerImpl Cleaner::ShutdownChromeProcesses "Cleaner.cpp" 686 "Shutting down Chrome proccesses (if any)"
05/12/18 " 14:03:11.296" 795009062 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 560 "Quarantining HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:11.790" 795009546 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 560 "Quarantining HKU\S-1-5-21-2369424989-362787197-3549092213-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:11.927" 795009687 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 560 "Quarantining HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.060" 795009828 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 560 "Quarantining HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.194" 795009953 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 560 "Quarantining HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ"
05/12/18 " 14:03:12.330" 795010093 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js"
05/12/18 " 14:03:12.344" 795010109 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png"
05/12/18 " 14:03:12.346" 795010109 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json"
05/12/18 " 14:03:12.347" 795010109 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json"
05/12/18 " 14:03:12.349" 795010109 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json"
05/12/18 " 14:03:12.350" 795010109 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json"
05/12/18 " 14:03:12.359" 795010125 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js"
05/12/18 " 14:03:12.371" 795010140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js"
05/12/18 " 14:03:12.372" 795010140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png"
05/12/18 " 14:03:12.382" 795010140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png"
05/12/18 " 14:03:12.384" 795010140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png"
05/12/18 " 14:03:12.395" 795010156 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json"
05/12/18 " 14:03:12.400" 795010156 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js"
05/12/18 " 14:03:12.406" 795010171 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png"
05/12/18 " 14:03:12.407" 795010171 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json"
05/12/18 " 14:03:12.410" 795010171 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json"
05/12/18 " 14:03:12.411" 795010171 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json"
05/12/18 " 14:03:12.418" 795010187 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js"
05/12/18 " 14:03:12.425" 795010187 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js"
05/12/18 " 14:03:12.427" 795010187 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png"
05/12/18 " 14:03:12.455" 795010218 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png"
05/12/18 " 14:03:12.457" 795010218 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png"
05/12/18 " 14:03:12.461" 795010218 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json"
05/12/18 " 14:03:12.472" 795010234 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences"
05/12/18 " 14:03:12.484" 795010250 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences"
05/12/18 " 14:03:12.497" 795010265 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences"
05/12/18 " 14:03:12.508" 795010265 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences"
05/12/18 " 14:03:12.511" 795010281 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 560 "Quarantining HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}"
05/12/18 " 14:03:12.647" 795010406 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx"
05/12/18 " 14:03:12.666" 795010421 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 14:03:12.695" 795010453 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegValue HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|URL"
05/12/18 " 14:03:12.696" 795010453 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateRegValue "RemovalEngine.cpp" 219 "Cleaning reg value HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|URL"
05/12/18 " 14:03:12.696" 795010453 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg value 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|URL'"
05/12/18 " 14:03:12.696" 795010453 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|URL"
05/12/18 " 14:03:12.698" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegValue 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|URL'"
05/12/18 " 14:03:12.698" 795010468 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegKey HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.699" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateRegKey "RemovalEngine.cpp" 468 "Cleaning reg key HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, anti - rootkit = false"
05/12/18 " 14:03:12.700" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg key 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}'"
05/12/18 " 14:03:12.700" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.702" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegKey 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}'"
05/12/18 " 14:03:12.702" 795010468 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegKey HKU\S-1-5-21-2369424989-362787197-3549092213-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.702" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateRegKey "RemovalEngine.cpp" 468 "Cleaning reg key HKU\S-1-5-21-2369424989-362787197-3549092213-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, anti - rootkit = false"
05/12/18 " 14:03:12.704" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg key 'HKU\S-1-5-21-2369424989-362787197-3549092213-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}'"
05/12/18 " 14:03:12.704" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKU\S-1-5-21-2369424989-362787197-3549092213-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.706" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegKey 'HKU\S-1-5-21-2369424989-362787197-3549092213-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}'"
05/12/18 " 14:03:12.706" 795010468 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegKey HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.706" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateRegKey "RemovalEngine.cpp" 468 "Cleaning reg key HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, anti - rootkit = false"
05/12/18 " 14:03:12.707" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg key 'HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}'"
05/12/18 " 14:03:12.707" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.709" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}'"
05/12/18 " 14:03:12.709" 795010468 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegKey HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.709" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateRegKey "RemovalEngine.cpp" 468 "Cleaning reg key HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, anti - rootkit = false"
05/12/18 " 14:03:12.710" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg key 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}'"
05/12/18 " 14:03:12.711" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}"
05/12/18 " 14:03:12.712" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}'"
05/12/18 " 14:03:12.712" 795010468 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegValue HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|TOPRESULTURL"
05/12/18 " 14:03:12.713" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateRegValue "RemovalEngine.cpp" 219 "Cleaning reg value HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|TOPRESULTURL"
05/12/18 " 14:03:12.713" 795010468 49d0 4bfc WARNING RegistryUtils mb::common::system::RegistryUtils::DeleteValueImpl "RegistryUtils.cpp" 1385 "Failed to open reg key HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, wow64 = 0x0, Das System kann die angegebene Datei nicht finden. (0x2)"
05/12/18 " 14:03:12.713" 795010468 49d0 4bfc ERROR CleanControllerImpl mb::common::system::NtRegistryUtils::OpenKeyImpl "NtRegistryUtils.cpp" 78 "Error opening key = \Registry\User\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, error = 'Das System kann die angegebene Datei nicht finden. '"
05/12/18 " 14:03:12.713" 795010468 49d0 4bfc ERROR CleanControllerImpl RemovalEngine::RegDeleteValueNative "RemovalEngine.cpp" 367 "Error opening key = 0xFFFFFFFF80000003, subkey = S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, value name = TOPRESULTURL"
05/12/18 " 14:03:12.713" 795010468 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg value 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|TOPRESULTURL'"
05/12/18 " 14:03:12.713" 795010468 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|TOPRESULTURL"
05/12/18 " 14:03:12.715" 795010484 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegValue 'HKU\S-1-5-21-2369424989-362787197-3549092213-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|TOPRESULTURL'"
05/12/18 " 14:03:12.715" 795010484 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegKey HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ"
05/12/18 " 14:03:12.716" 795010484 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateRegKey "RemovalEngine.cpp" 468 "Cleaning reg key HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ, anti - rootkit = false"
05/12/18 " 14:03:12.717" 795010484 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg key 'HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ'"
05/12/18 " 14:03:12.717" 795010484 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ"
05/12/18 " 14:03:12.719" 795010484 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ'"
05/12/18 " 14:03:12.719" 795010484 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js"
05/12/18 " 14:03:12.719" 795010484 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js', anti-rootkit = false"
05/12/18 " 14:03:12.888" 795010656 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js'"
05/12/18 " 14:03:13.775" 795011531 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js'"
05/12/18 " 14:03:13.775" 795011531 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js"
05/12/18 " 14:03:13.777" 795011546 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\main.js'"
05/12/18 " 14:03:13.777" 795011546 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png"
05/12/18 " 14:03:13.778" 795011546 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png', anti-rootkit = false"
05/12/18 " 14:03:13.790" 795011546 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png'"
05/12/18 " 14:03:14.377" 795012140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png'"
05/12/18 " 14:03:14.377" 795012140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png"
05/12/18 " 14:03:14.380" 795012140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content\pxl2.png'"
05/12/18 " 14:03:14.380" 795012140 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json"
05/12/18 " 14:03:14.380" 795012140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json', anti-rootkit = false"
05/12/18 " 14:03:14.387" 795012156 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json'"
05/12/18 " 14:03:15.149" 795012906 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json'"
05/12/18 " 14:03:15.150" 795012906 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json"
05/12/18 " 14:03:15.153" 795012921 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de\messages.json'"
05/12/18 " 14:03:15.153" 795012921 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json"
05/12/18 " 14:03:15.153" 795012921 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json', anti-rootkit = false"
05/12/18 " 14:03:15.175" 795012937 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json'"
05/12/18 " 14:03:15.736" 795013500 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json'"
05/12/18 " 14:03:15.736" 795013500 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json"
05/12/18 " 14:03:15.738" 795013500 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en\messages.json'"
05/12/18 " 14:03:15.738" 795013500 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json"
05/12/18 " 14:03:15.739" 795013500 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json', anti-rootkit = false"
05/12/18 " 14:03:15.761" 795013531 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json'"
05/12/18 " 14:03:16.278" 795014046 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json'"
05/12/18 " 14:03:16.278" 795014046 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json"
05/12/18 " 14:03:16.280" 795014046 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\computed_hashes.json'"
05/12/18 " 14:03:16.280" 795014046 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json"
05/12/18 " 14:03:16.281" 795014046 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json', anti-rootkit = false"
05/12/18 " 14:03:16.295" 795014062 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json'"
05/12/18 " 14:03:16.827" 795014593 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json'"
05/12/18 " 14:03:16.828" 795014593 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json"
05/12/18 " 14:03:16.830" 795014593 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata\verified_contents.json'"
05/12/18 " 14:03:16.830" 795014593 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js"
05/12/18 " 14:03:16.831" 795014593 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js', anti-rootkit = false"
05/12/18 " 14:03:16.848" 795014609 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js'"
05/12/18 " 14:03:17.377" 795015140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js'"
05/12/18 " 14:03:17.378" 795015140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js"
05/12/18 " 14:03:17.379" 795015140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\background.js'"
05/12/18 " 14:03:17.379" 795015140 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js"
05/12/18 " 14:03:17.380" 795015140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js', anti-rootkit = false"
05/12/18 " 14:03:17.404" 795015171 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js'"
05/12/18 " 14:03:17.927" 795015687 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js'"
05/12/18 " 14:03:17.927" 795015687 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js"
05/12/18 " 14:03:17.929" 795015687 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\chnl.js'"
05/12/18 " 14:03:17.929" 795015687 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png"
05/12/18 " 14:03:17.930" 795015687 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png', anti-rootkit = false"
05/12/18 " 14:03:17.960" 795015718 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png'"
05/12/18 " 14:03:18.485" 795016250 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png'"
05/12/18 " 14:03:18.486" 795016250 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png"
05/12/18 " 14:03:18.487" 795016250 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon128.png'"
05/12/18 " 14:03:18.487" 795016250 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png"
05/12/18 " 14:03:18.488" 795016250 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png', anti-rootkit = false"
05/12/18 " 14:03:18.493" 795016250 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png'"
05/12/18 " 14:03:19.011" 795016781 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png'"
05/12/18 " 14:03:19.011" 795016781 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png"
05/12/18 " 14:03:19.012" 795016781 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon16.png'"
05/12/18 " 14:03:19.012" 795016781 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png"
05/12/18 " 14:03:19.014" 795016781 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png', anti-rootkit = false"
05/12/18 " 14:03:19.031" 795016796 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png'"
05/12/18 " 14:03:19.568" 795017328 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png'"
05/12/18 " 14:03:19.569" 795017328 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png"
05/12/18 " 14:03:19.570" 795017328 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\icon48.png'"
05/12/18 " 14:03:19.570" 795017328 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json"
05/12/18 " 14:03:19.571" 795017328 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json', anti-rootkit = false"
05/12/18 " 14:03:19.594" 795017359 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json', resolved path = 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json'"
05/12/18 " 14:03:20.136" 795017906 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json'"
05/12/18 " 14:03:20.136" 795017906 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json"
05/12/18 " 14:03:20.138" 795017906 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\manifest.json'"
05/12/18 " 14:03:20.138" 795017906 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de"
05/12/18 " 14:03:20.139" 795017906 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de"
05/12/18 " 14:03:20.139" 795017906 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de' with no link targets"
05/12/18 " 14:03:21.161" 795018921 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de'"
05/12/18 " 14:03:21.161" 795018921 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de"
05/12/18 " 14:03:21.163" 795018921 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\de'"
05/12/18 " 14:03:21.163" 795018921 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en"
05/12/18 " 14:03:21.163" 795018921 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en"
05/12/18 " 14:03:21.163" 795018921 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en' with no link targets"
05/12/18 " 14:03:22.184" 795019953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en'"
05/12/18 " 14:03:22.184" 795019953 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en"
05/12/18 " 14:03:22.186" 795019953 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales\en'"
05/12/18 " 14:03:22.186" 795019953 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata"
05/12/18 " 14:03:22.187" 795019953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata"
05/12/18 " 14:03:22.187" 795019953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata' with no link targets"
05/12/18 " 14:03:23.179" 795020937 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata'"
05/12/18 " 14:03:23.180" 795020937 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata"
05/12/18 " 14:03:23.184" 795020953 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_metadata'"
05/12/18 " 14:03:23.185" 795020953 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales"
05/12/18 " 14:03:23.187" 795020953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales"
05/12/18 " 14:03:23.187" 795020953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales' with no link targets"
05/12/18 " 14:03:24.188" 795021953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales'"
05/12/18 " 14:03:24.188" 795021953 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales"
05/12/18 " 14:03:24.190" 795021953 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\_locales'"
05/12/18 " 14:03:24.190" 795021953 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content"
05/12/18 " 14:03:24.191" 795021953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content"
05/12/18 " 14:03:24.191" 795021953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content' with no link targets"
05/12/18 " 14:03:25.190" 795022953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content'"
05/12/18 " 14:03:25.190" 795022953 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content"
05/12/18 " 14:03:25.192" 795022953 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1\content'"
05/12/18 " 14:03:25.192" 795022953 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1"
05/12/18 " 14:03:25.193" 795022953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1"
05/12/18 " 14:03:25.193" 795022953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1' with no link targets"
05/12/18 " 14:03:26.181" 795023937 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1'"
05/12/18 " 14:03:26.181" 795023937 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1"
05/12/18 " 14:03:26.183" 795023953 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_1'"
05/12/18 " 14:03:26.183" 795023953 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ"
05/12/18 " 14:03:26.183" 795023953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ"
05/12/18 " 14:03:26.183" 795023953 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj' with no link targets"
05/12/18 " 14:03:27.168" 795024937 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 14:03:27.168" 795024937 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ"
05/12/18 " 14:03:27.171" 795024937 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 14:03:27.172" 795024937 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js"
05/12/18 " 14:03:27.172" 795024937 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js', anti-rootkit = false"
05/12/18 " 14:03:27.307" 795025078 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js'"
05/12/18 " 14:03:27.806" 795025562 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js'"
05/12/18 " 14:03:27.806" 795025562 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js"
05/12/18 " 14:03:27.807" 795025578 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\main.js'"
05/12/18 " 14:03:27.807" 795025578 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png"
05/12/18 " 14:03:27.809" 795025578 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png', anti-rootkit = false"
05/12/18 " 14:03:27.830" 795025593 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png'"
05/12/18 " 14:03:28.359" 795026125 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png'"
05/12/18 " 14:03:28.359" 795026125 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png"
05/12/18 " 14:03:28.361" 795026125 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content\pxl2.png'"
05/12/18 " 14:03:28.361" 795026125 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json"
05/12/18 " 14:03:28.362" 795026125 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json', anti-rootkit = false"
05/12/18 " 14:03:28.400" 795026156 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json'"
05/12/18 " 14:03:28.899" 795026656 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json'"
05/12/18 " 14:03:28.899" 795026656 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json"
05/12/18 " 14:03:28.901" 795026671 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de\messages.json'"
05/12/18 " 14:03:28.901" 795026671 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json"
05/12/18 " 14:03:28.902" 795026671 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json', anti-rootkit = false"
05/12/18 " 14:03:28.907" 795026671 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json'"
05/12/18 " 14:03:29.413" 795027171 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json'"
05/12/18 " 14:03:29.413" 795027171 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json"
05/12/18 " 14:03:29.415" 795027171 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en\messages.json'"
05/12/18 " 14:03:29.415" 795027171 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json"
05/12/18 " 14:03:29.416" 795027171 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json', anti-rootkit = false"
05/12/18 " 14:03:29.444" 795027203 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json'"
05/12/18 " 14:03:29.944" 795027703 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json'"
05/12/18 " 14:03:29.944" 795027703 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json"
05/12/18 " 14:03:29.946" 795027703 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata\verified_contents.json'"
05/12/18 " 14:03:29.946" 795027703 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js"
05/12/18 " 14:03:29.947" 795027703 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js', anti-rootkit = false"
05/12/18 " 14:03:29.969" 795027734 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js'"
05/12/18 " 14:03:30.517" 795028281 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js'"
05/12/18 " 14:03:30.517" 795028281 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js"
05/12/18 " 14:03:30.519" 795028281 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\background.js'"
05/12/18 " 14:03:30.519" 795028281 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js"
05/12/18 " 14:03:30.520" 795028281 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js', anti-rootkit = false"
05/12/18 " 14:03:30.538" 795028296 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js'"
05/12/18 " 14:03:31.117" 795028875 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js'"
05/12/18 " 14:03:31.117" 795028875 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js"
05/12/18 " 14:03:31.119" 795028875 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\chnl.js'"
05/12/18 " 14:03:31.119" 795028875 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png"
05/12/18 " 14:03:31.121" 795028890 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png', anti-rootkit = false"
05/12/18 " 14:03:31.141" 795028906 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png'"
05/12/18 " 14:03:31.683" 795029453 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png'"
05/12/18 " 14:03:31.683" 795029453 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png"
05/12/18 " 14:03:31.685" 795029453 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon128.png'"
05/12/18 " 14:03:31.685" 795029453 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png"
05/12/18 " 14:03:31.686" 795029453 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png', anti-rootkit = false"
05/12/18 " 14:03:31.691" 795029453 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png'"
05/12/18 " 14:03:32.233" 795030000 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png'"
05/12/18 " 14:03:32.233" 795030000 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png"
05/12/18 " 14:03:32.235" 795030000 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon16.png'"
05/12/18 " 14:03:32.235" 795030000 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png"
05/12/18 " 14:03:32.235" 795030000 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png', anti-rootkit = false"
05/12/18 " 14:03:32.254" 795030015 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png'"
05/12/18 " 14:03:32.783" 795030546 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png'"
05/12/18 " 14:03:32.783" 795030546 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png"
05/12/18 " 14:03:32.785" 795030546 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\icon48.png'"
05/12/18 " 14:03:32.785" 795030546 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json"
05/12/18 " 14:03:32.786" 795030546 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json', anti-rootkit = false"
05/12/18 " 14:03:32.824" 795030593 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json', resolved path = 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json'"
05/12/18 " 14:03:33.342" 795031109 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json'"
05/12/18 " 14:03:33.342" 795031109 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json"
05/12/18 " 14:03:33.344" 795031109 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\manifest.json'"
05/12/18 " 14:03:33.344" 795031109 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de"
05/12/18 " 14:03:33.345" 795031109 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de"
05/12/18 " 14:03:33.345" 795031109 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de' with no link targets"
05/12/18 " 14:03:34.363" 795032125 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de'"
05/12/18 " 14:03:34.363" 795032125 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de"
05/12/18 " 14:03:34.366" 795032125 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\de'"
05/12/18 " 14:03:34.366" 795032125 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en"
05/12/18 " 14:03:34.367" 795032125 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en"
05/12/18 " 14:03:34.367" 795032125 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en' with no link targets"
|
|
14.05.2018, 14:11
| #13 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 9. Teil Code:
ATTFilter 05/12/18 " 14:03:35.371" 795033140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en'"
05/12/18 " 14:03:35.371" 795033140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en"
05/12/18 " 14:03:35.373" 795033140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales\en'"
05/12/18 " 14:03:35.373" 795033140 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata"
05/12/18 " 14:03:35.373" 795033140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata"
05/12/18 " 14:03:35.373" 795033140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata' with no link targets"
05/12/18 " 14:03:36.379" 795034140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata'"
05/12/18 " 14:03:36.379" 795034140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata"
05/12/18 " 14:03:36.381" 795034140 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_metadata'"
05/12/18 " 14:03:36.381" 795034140 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales"
05/12/18 " 14:03:36.382" 795034140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales"
05/12/18 " 14:03:36.382" 795034140 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales' with no link targets"
05/12/18 " 14:03:37.427" 795035187 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales'"
05/12/18 " 14:03:37.427" 795035187 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales"
05/12/18 " 14:03:37.428" 795035187 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\_locales'"
05/12/18 " 14:03:37.428" 795035187 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content"
05/12/18 " 14:03:37.429" 795035187 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content"
05/12/18 " 14:03:37.429" 795035187 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content' with no link targets"
05/12/18 " 14:03:38.442" 795036203 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content'"
05/12/18 " 14:03:38.442" 795036203 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content"
05/12/18 " 14:03:38.444" 795036203 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0\content'"
05/12/18 " 14:03:38.444" 795036203 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0"
05/12/18 " 14:03:38.445" 795036203 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0"
05/12/18 " 14:03:38.445" 795036203 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0' with no link targets"
05/12/18 " 14:03:39.442" 795037203 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0'"
05/12/18 " 14:03:39.442" 795037203 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0"
05/12/18 " 14:03:39.444" 795037203 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj\1.1.0_0'"
05/12/18 " 14:03:39.444" 795037203 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ"
05/12/18 " 14:03:39.445" 795037203 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ"
05/12/18 " 14:03:39.445" 795037203 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj' with no link targets"
05/12/18 " 14:03:40.450" 795038218 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 14:03:40.450" 795038218 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ"
05/12/18 " 14:03:40.452" 795038218 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj'"
05/12/18 " 14:03:40.452" 795038218 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences"
05/12/18 " 14:03:40.452" 795038218 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateChromeObjectUsingSDK "RemovalEngine.cpp" 158 "Cleaning Chrome object C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences"
05/12/18 " 14:03:40.452" 795038218 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeRemediationEngine::RemoveSecurePrefsExtension "ChromeRemediatonEngine.cpp" 341 "Removing Chrome extension ID 'LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ' from 'C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences'"
05/12/18 " 14:03:40.487" 795038250 49d0 4bfc WARNING RegistryUtils mb::common::system::RegistryUtils::GetValueAsStringImpl "RegistryUtils.cpp" 1714 "Failed to open key opening key = HKLM\Software\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}, wow64 = 0x0, Das System kann die angegebene Datei nicht finden. (0x2)"
05/12/18 " 14:03:40.487" 795038250 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeHasher::GetChromeInstallationPath "ChromeHasher.cpp" 134 "Unable to read registry value HKLM\Software\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}|UninstallString"
05/12/18 " 14:03:40.487" 795038250 49d0 4bfc WARNING RegistryUtils mb::common::system::RegistryUtils::GetValueAsStringImpl "RegistryUtils.cpp" 1714 "Failed to open key opening key = HKLM\Software\WOW6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}, wow64 = 0x0, Das System kann die angegebene Datei nicht finden. (0x2)"
05/12/18 " 14:03:40.487" 795038250 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeHasher::GetChromeInstallationPath "ChromeHasher.cpp" 134 "Unable to read registry value HKLM\Software\WOW6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}|UninstallString"
05/12/18 " 14:03:40.487" 795038250 49d0 4bfc WARNING RegistryUtils mb::common::system::RegistryUtils::GetValueAsStringImpl "RegistryUtils.cpp" 1714 "Failed to open key opening key = HKLM\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}, wow64 = 0x0, Das System kann die angegebene Datei nicht finden. (0x2)"
05/12/18 " 14:03:40.487" 795038250 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeHasher::GetChromeInstallationPath "ChromeHasher.cpp" 134 "Unable to read registry value HKLM\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}|UninstallString"
05/12/18 " 14:03:40.488" 795038250 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeHasher::GetInstallationPathFromAppPath "ChromeHasher.cpp" 222 "Chrome installation path='C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139'"
05/12/18 " 14:03:40.608" 795038375 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning chrome object 'C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences'"
05/12/18 " 14:03:40.608" 795038375 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences"
05/12/18 " 14:03:40.610" 795038375 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences'"
05/12/18 " 14:03:40.610" 795038375 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences"
05/12/18 " 14:03:40.610" 795038375 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateChromeObjectUsingSDK "RemovalEngine.cpp" 158 "Cleaning Chrome object C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences"
05/12/18 " 14:03:40.610" 795038375 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeRemediationEngine::RemoveSecurePrefsExtension "ChromeRemediatonEngine.cpp" 341 "Removing Chrome extension ID 'LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ' from 'C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences'"
05/12/18 " 14:03:40.626" 795038390 49d0 4bfc WARNING RegistryUtils mb::common::system::RegistryUtils::GetValueAsStringImpl "RegistryUtils.cpp" 1714 "Failed to open key opening key = HKLM\Software\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}, wow64 = 0x0, Das System kann die angegebene Datei nicht finden. (0x2)"
05/12/18 " 14:03:40.626" 795038390 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeHasher::GetChromeInstallationPath "ChromeHasher.cpp" 134 "Unable to read registry value HKLM\Software\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}|UninstallString"
05/12/18 " 14:03:40.626" 795038390 49d0 4bfc WARNING RegistryUtils mb::common::system::RegistryUtils::GetValueAsStringImpl "RegistryUtils.cpp" 1714 "Failed to open key opening key = HKLM\Software\WOW6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}, wow64 = 0x0, Das System kann die angegebene Datei nicht finden. (0x2)"
05/12/18 " 14:03:40.626" 795038390 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeHasher::GetChromeInstallationPath "ChromeHasher.cpp" 134 "Unable to read registry value HKLM\Software\WOW6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}|UninstallString"
05/12/18 " 14:03:40.627" 795038390 49d0 4bfc WARNING RegistryUtils mb::common::system::RegistryUtils::GetValueAsStringImpl "RegistryUtils.cpp" 1714 "Failed to open key opening key = HKLM\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}, wow64 = 0x0, Das System kann die angegebene Datei nicht finden. (0x2)"
05/12/18 " 14:03:40.627" 795038390 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeHasher::GetChromeInstallationPath "ChromeHasher.cpp" 134 "Unable to read registry value HKLM\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}|UninstallString"
05/12/18 " 14:03:40.627" 795038390 49d0 4bfc INFO BrowserSDK mb::browsersdk::chrome::ChromeHasher::GetInstallationPathFromAppPath "ChromeHasher.cpp" 222 "Chrome installation path='C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139'"
05/12/18 " 14:03:40.656" 795038421 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning chrome object 'C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences'"
05/12/18 " 14:03:40.656" 795038421 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences"
05/12/18 " 14:03:40.658" 795038421 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences'"
05/12/18 " 14:03:40.658" 795038421 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences"
05/12/18 " 14:03:40.658" 795038421 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateChromeObjectUsingSDK "RemovalEngine.cpp" 158 "Cleaning Chrome object C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences"
05/12/18 " 14:03:40.676" 795038437 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning chrome object 'C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences'"
05/12/18 " 14:03:40.676" 795038437 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences"
05/12/18 " 14:03:40.677" 795038437 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences'"
05/12/18 " 14:03:40.677" 795038437 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences"
05/12/18 " 14:03:40.677" 795038437 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateChromeObjectUsingSDK "RemovalEngine.cpp" 158 "Cleaning Chrome object C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences"
05/12/18 " 14:03:40.716" 795038484 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning chrome object 'C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences'"
05/12/18 " 14:03:40.716" 795038484 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\USERS\MARELRO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences"
05/12/18 " 14:03:40.718" 795038484 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\marelro\AppData\Local\Google\Chrome\User Data\Default\Preferences'"
05/12/18 " 14:03:40.718" 795038484 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\PROGRAM FILES (X86)\IOLO\SYSTEM CHECKUP"
05/12/18 " 14:03:40.719" 795038484 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\PROGRAM FILES (X86)\IOLO\SYSTEM CHECKUP"
05/12/18 " 14:03:40.719" 795038484 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Program Files (x86)\iolo\System Checkup' with no link targets"
05/12/18 " 14:03:41.750" 795039515 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Program Files (x86)\iolo\System Checkup'"
05/12/18 " 14:03:41.750" 795039515 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\PROGRAM FILES (X86)\IOLO\SYSTEM CHECKUP"
05/12/18 " 14:03:41.752" 795039515 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Program Files (x86)\iolo\System Checkup'"
05/12/18 " 14:03:41.752" 795039515 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegKey HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}"
05/12/18 " 14:03:41.753" 795039515 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateRegKey "RemovalEngine.cpp" 468 "Cleaning reg key HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}, anti - rootkit = false"
05/12/18 " 14:03:41.754" 795039515 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg key 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}'"
05/12/18 " 14:03:41.754" 795039515 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}"
05/12/18 " 14:03:41.756" 795039515 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}'"
05/12/18 " 14:03:41.756" 795039515 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx"
05/12/18 " 14:03:41.756" 795039515 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx', anti-rootkit = false"
05/12/18 " 14:03:41.797" 795039562 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx', resolved path = 'C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx'"
05/12/18 " 14:03:42.317" 795040078 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx'"
05/12/18 " 14:03:42.318" 795040078 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx"
05/12/18 " 14:03:42.320" 795040078 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx'"
05/12/18 " 14:03:42.320" 795040078 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of Folder C:\PROGRAM FILES (X86)\GREATDEALZ"
05/12/18 " 14:03:42.320" 795040078 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFolder "RemovalEngine.cpp" 541 "Cleaning folder C:\PROGRAM FILES (X86)\GREATDEALZ"
05/12/18 " 14:03:42.320" 795040078 49d0 4bfc INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 579 "Deleting folder 'C:\Program Files (x86)\GreatDealz' with no link targets"
05/12/18 " 14:03:43.309" 795041078 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning folder 'C:\Program Files (x86)\GreatDealz'"
05/12/18 " 14:03:43.309" 795041078 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\PROGRAM FILES (X86)\GREATDEALZ"
05/12/18 " 14:03:43.311" 795041078 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining Folder 'C:\Program Files (x86)\GreatDealz'"
05/12/18 " 14:03:43.311" 795041078 49d0 4bfc INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 14:03:43.311" 795041078 49d0 4bfc INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS', anti-rootkit = false"
05/12/18 " 14:03:43.311" 795041078 49d0 4bfc INFO CleanControllerImpl RemovalEngine::ReplaceFileText "RemovalEngine.cpp" 1406 "Replace file C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js text contents"
05/12/18 " 14:03:43.313" 795041078 49d0 4bfc INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning file 'C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js'"
05/12/18 " 14:03:43.313" 795041078 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9XUU7J7S.DEFAULT\PREFS.JS"
05/12/18 " 14:03:43.315" 795041078 49d0 4bfc INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining File 'C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\prefs.js'"
05/12/18 " 14:03:43.315" 795041078 49d0 4bfc INFO CleanControllerImpl Cleaner::RebuildSystemRegistryValues "Cleaner.cpp" 443 "Rebuilding system registry values."
05/12/18 " 14:03:43.316" 795041078 49d0 4bfc INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 426 "Successfully rebuilt registry value at HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit, from '' to 'C:\WINDOWS\system32\userinit.exe'."
05/12/18 " 14:03:43.317" 795041078 49d0 4bfc INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 426 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages, from 'scecli^^' to 'scecli'."
05/12/18 " 14:03:43.317" 795041078 49d0 4bfc INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 426 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages, from 'kerberos^msv1_0^schannel^wdigest^tspkg^pku2u^^' to 'kerberos^msv1_0^schannel^wdigest^tspkg^pku2u'."
05/12/18 " 14:03:43.318" 795041078 49d0 4bfc INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 426 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages, from 'msv1_0^^' to 'msv1_0'."
05/12/18 " 14:03:43.497" 795041265 49d0 4bfc INFO CleanControllerImpl Cleaner::ExecutePostCleanupActions "Cleaner.cpp" 570 "Executing post-cleanup actions"
05/12/18 " 14:03:43.646" 795041406 49d0 4bfc INFO Actions ActionsManager::ProcessThreatActionsV2 "ActionsManager.cpp" 845 "Executing post cleanup actions"
05/12/18 " 14:03:43.776" 795041531 49d0 4bfc INFO CleanControllerImpl Cleaner::Clean "Cleaner.cpp" 261 "Completed clean from client MbamUI, detection results C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\98c086ec-55da-11e8-b8f6-2c56dc97df15.json, status Complete"
05/12/18 " 14:03:53.033" 795050796 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 14:04:38.307" 795096078 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:38.793" 795096562 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:39.637" 795097406 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:40.471" 795098234 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:40.674" 795098437 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:40.953" 795098718 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:41.111" 795098875 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:43.996" 795101765 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:48.292" 795106062 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:49.223" 795106984 49d0 3604 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:50.031" 795107796 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:50.943" 795108703 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:51.612" 795109375 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:51.674" 795109437 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:53.541" 795111296 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:53.711" 795111468 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:54.158" 795111921 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:55.379" 795113140 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:56.933" 795114703 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:56.978" 795114734 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:04:59.892" 795117656 49d0 49fc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:00.099" 795117859 49d0 40b0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:00.334" 795118093 49d0 31e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:00.562" 795118328 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:01.006" 795118765 49d0 54c4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:01.360" 795119125 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:02.405" 795120171 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:02.775" 795120531 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:03.047" 795120812 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:03.761" 795121531 49d0 41c0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:04.717" 795122484 49d0 2454 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:04.919" 795122687 49d0 2454 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:05.156" 795122921 49d0 2454 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:05.387" 795123156 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:05.619" 795123375 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:06.509" 795124265 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:07.288" 795125046 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:09.105" 795126875 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:09.850" 795127609 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:12.433" 795130203 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:15.450" 795133218 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:17.824" 795135593 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:20.116" 795137875 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:21.528" 795139296 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:23.310" 795141078 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:25.235" 795143000 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:25.668" 795143437 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:05:27.725" 795145484 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:07:38.316" 795276078 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:07:43.298" 795281062 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:08:03.024" 795300781 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:08:04.545" 795302312 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:08:04.828" 795302593 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:10:57.363" 795475125 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 14:52:12.731" 797950500 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 14:52:14.300" 797952062 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 14:52:14.300" 797952062 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 14:52:14.300" 797952062 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 14:52:14.300" 797952062 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 14:52:14.300" 797952062 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 14:52:14.300" 797952062 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 14:52:14.300" 797952062 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5078]"
05/12/18 " 14:52:14.847" 797952609 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/12/18 " 14:52:14.847" 797952609 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 15:52:12.852" 801550609 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 15:52:14.276" 801552031 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 15:52:14.276" 801552031 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 15:52:14.276" 801552031 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 15:52:14.276" 801552031 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 15:52:14.276" 801552031 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 15:52:14.276" 801552031 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 15:52:14.276" 801552031 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5078]"
05/12/18 " 15:52:14.796" 801552562 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/12/18 " 15:52:14.796" 801552562 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 16:52:12.808" 805150578 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 16:52:14.256" 805152015 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 16:52:14.256" 805152015 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 16:52:14.257" 805152015 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 16:52:14.257" 805152015 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 16:52:14.258" 805152015 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 16:52:14.258" 805152015 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 16:52:14.258" 805152015 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5078]"
05/12/18 " 16:52:14.813" 805152578 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5080) of pkg [mbam-c.dbcls.64bit] (FULL) is available"
05/12/18 " 16:52:14.813" 805152578 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5080) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/12/18 " 16:52:14.828" 805152593 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 640 "Available updates found - beginning download"
05/12/18 " 16:52:15.128" 805152890 49d0 552c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z"
05/12/18 " 16:52:15.366" 805153125 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/12/18 " 16:52:15.366" 805153125 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/12/18 " 16:52:15.528" 805153296 49d0 5258 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/12/18 " 16:52:15.765" 805153531 49d0 5258 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/12/18 " 16:52:15.765" 805153531 49d0 5258 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions"
05/12/18 " 16:52:15.765" 805153531 49d0 5258 INFO BrowserSDKShim BrowserSDKShim::PrepareUpdate "BrowserSDKShim.cpp" 125 "Starting update of browser sdk"
05/12/18 " 16:52:23.323" 805161093 49d0 5258 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions"
05/12/18 " 16:52:23.472" 805161234 49d0 5258 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/12/18 " 16:52:23.573" 805161343 49d0 5258 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/12/18 " 16:52:27.559" 805165328 49d0 5258 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/12/18 " 16:52:27.559" 805165328 49d0 5258 INFO BrowserSDKShim BrowserSDKShim::FinishUpdate "BrowserSDKShim.cpp" 154 "Finishing update of browser sdk"
05/12/18 " 16:52:27.659" 805165421 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/12/18 " 16:52:27.659" 805165421 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5080"
05/12/18 " 16:52:27.659" 805165421 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.12.03"
05/12/18 " 16:52:27.659" 805165421 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 16:52:29.076" 805166843 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 16:52:29.076" 805166843 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 16:52:29.161" 805166921 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 16:52:29.161" 805166921 49d0 4c6c INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/12/18 " 16:52:29.161" 805166921 49d0 4c6c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/12/18 " 16:52:29.523" 805167281 49d0 2388 INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/12/18 " 16:52:29.724" 805167484 49d0 2388 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
05/12/18 " 17:36:11.011" 807788781 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:17.489" 807795250 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:21.953" 807799718 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:28.231" 807806000 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:28.252" 807806015 49d0 5798 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:28.473" 807806234 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:36.784" 807814546 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:42.754" 807820515 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:54.898" 807832656 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:57.010" 807834765 49d0 4e38 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:57.223" 807834984 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:36:57.463" 807835218 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:40:04.487" 808022250 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:40:04.691" 808022453 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:40:05.226" 808022984 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:40:58.498" 808076265 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:49:19.181" 808576937 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:49:19.525" 808577281 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:49:20.444" 808578203 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:49:21.057" 808578828 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:49:23.473" 808581234 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:49:31.567" 808589328 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:52:12.165" 808749921 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 17:52:13.884" 808751640 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 17:52:13.884" 808751640 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 17:52:13.890" 808751656 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 17:52:13.890" 808751656 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 17:52:13.891" 808751656 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 17:52:13.892" 808751656 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 17:52:13.892" 808751656 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5080]"
05/12/18 " 17:52:14.410" 808752171 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/12/18 " 17:52:14.410" 808752171 49d0 5258 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 17:52:40.670" 808778437 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 17:53:30.095" 808827859 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 17:53:32.935" 808830703 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:00:46.556" 809264312 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:00:57.250" 809275015 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:00:59.736" 809277500 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:00:59.992" 809277750 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:01:01.213" 809278984 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:01:03.591" 809281359 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:13:07.711" 810005468 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 18:13:08.696" 810006453 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 18:13:10.774" 810008531 49d0 43e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 18:15:22.837" 810140593 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 452 "Stopping Service Controller"
05/12/18 " 18:15:22.852" 810140609 49d0 2c9c INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_190c30b26847c2b5a045142099028858>::operator () "ServiceControllerImplementation.cpp" 493 "Stopping Self Protection Controller"
05/12/18 " 18:15:23.680" 810141437 49d0 2f14 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:15:23.899" 810141656 49d0 2c9c INFO SPControllerModuleLoader SPControllerModuleLoader::UnloadImplementation "SPControllerModuleLoader.cpp" 100 "Unloaded the Self-Protection Controller implementation module."
05/12/18 " 18:15:23.899" 810141656 49d0 2c9c INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_190c30b26847c2b5a045142099028858>::operator () "ServiceControllerImplementation.cpp" 502 "Successfully stopped Self Protection Controller"
05/12/18 " 18:15:23.899" 810141656 49d0 37f4 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_b2422856f0c022b6288473137984fd73>::operator () "ServiceControllerImplementation.cpp" 510 "Stopping Anti-Exploit Controller"
05/12/18 " 18:15:23.899" 810141656 49d0 22d0 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_c10f67412ffbdf52fb2d97117ce6bb58>::operator () "ServiceControllerImplementation.cpp" 531 "Stopping ARW Controller"
05/12/18 " 18:15:23.899" 810141656 49d0 4258 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_3ab253b62c87d7dfeb39a2084d1a556f>::operator () "ServiceControllerImplementation.cpp" 549 "Stopping MWAC Controller"
05/12/18 " 18:15:23.899" 810141656 49d0 31e4 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f61b3d206481c2d666de473471a73387>::operator () "ServiceControllerImplementation.cpp" 568 "Stopping RTP Controller"
05/12/18 " 18:15:23.915" 810141671 49d0 31e4 INFO RtpSDK RtpUserImpl::Stop "RtpUserImpl.cpp" 299 "Rtp driver stopped."
05/12/18 " 18:15:23.915" 810141671 49d0 31e4 INFO RtpShim RtpShimImpl::Stop "RtpShimImpl.cpp" 245 "Rtp successfully stopped."
05/12/18 " 18:15:24.087" 810141843 49d0 31e4 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/12/18 " 18:15:24.087" 810141843 49d0 37f4 INFO AeShimImpl AeShimImpl::MbaeStop "AeShimImpl.cpp" 373 "MBAE stopped."
05/12/18 " 18:15:24.977" 810142734 49d0 4258 INFO MwacControllerCOM CMwacControllerModuleLoader::UnloadImplementation "MWACControllerModuleLoader.cpp" 90 "Unloaded the Web Access Controller implementation module."
05/12/18 " 18:15:24.977" 810142734 49d0 4258 INFO MWACControllerCOM CMWACController::Stop_impl "MWACController.cpp" 677 "The MWAC Controller impl is unloaded."
05/12/18 " 18:15:24.977" 810142734 49d0 4258 INFO MWACControllerCOM CMWACController::StopV2 "MWACController.cpp" 384 "MWAC Controller shutdown complete"
05/12/18 " 18:15:25.321" 810143078 49d0 37f4 INFO AEControllerModuleLoader CAeControllerModuleLoader::UnloadImplementation "AEControllerModuleLoader.cpp" 120 "Unloaded the Anti-Exploit Controller implementation module."
05/12/18 " 18:15:25.321" 810143078 49d0 4258 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_3ab253b62c87d7dfeb39a2084d1a556f>::operator () "ServiceControllerImplementation.cpp" 560 "Successfully stopped MWAC Controller"
05/12/18 " 18:15:25.321" 810143078 49d0 37f4 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_b2422856f0c022b6288473137984fd73>::operator () "ServiceControllerImplementation.cpp" 519 "Successfully stopped Anti-Exploit Controller"
05/12/18 " 18:15:26.243" 810144000 49d0 31e4 INFO RTPControllerCOM CRTPControllerModuleLoader::UnloadImplementation "RTPControllerModuleLoader.cpp" 114 "Unloaded the RTP Controller implementation module."
05/12/18 " 18:15:26.243" 810144000 49d0 31e4 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_f61b3d206481c2d666de473471a73387>::operator () "ServiceControllerImplementation.cpp" 577 "Successfully stopped RTP Controller"
05/12/18 " 18:15:26.243" 810144000 49d0 22d0 INFO ArwSDK "" 0 "ArwSdk: Logging stopped."
05/12/18 " 18:15:26.368" 810144125 49d0 22d0 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwShimModuleLoader::UnloadModule "ArwShimModuleLoader.cpp" 75 "Unloaded the Anti-Ransomware Sdk implementation module."
05/12/18 " 18:15:26.431" 810144187 49d0 22d0 INFO ArwControllerCOM CArwControllerModuleLoader::UnloadImplementation "ArwControllerModuleLoader.cpp" 90 "Unloaded the Anti-Ransomware Controller implementation module."
05/12/18 " 18:15:26.431" 810144187 49d0 22d0 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::<lambda_c10f67412ffbdf52fb2d97117ce6bb58>::operator () "ServiceControllerImplementation.cpp" 540 "Successfully stopped ARW Controller"
05/12/18 " 18:15:26.431" 810144187 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 619 "Stopping Scan Controller"
05/12/18 " 18:15:26.462" 810144218 49d0 1938 WARNING SwissarmyShim SwissarmyShimImpl::ValidateHandle "SwissarmyShimImpl.cpp" 1817 "DDA not installed."
05/12/18 " 18:15:26.462" 810144218 49d0 1938 WARNING SwissarmyShim SwissarmyShimImpl::IsInstalled "SwissarmyShimImpl.cpp" 155 "Invalid SwissarmyHandle (d5ed3240)"
05/12/18 " 18:15:26.477" 810144234 49d0 1938 INFO ScanControllerCOM CScanControllerModuleLoader::UnloadImplementation "ScanControllerModuleLoader.cpp" 205 "Unloaded the Scan Controller implementation module."
05/12/18 " 18:15:26.477" 810144234 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 628 "Successfully stopped Scan Controller"
05/12/18 " 18:15:26.477" 810144234 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 635 "Stopping Clean Controller"
05/12/18 " 18:15:26.477" 810144234 49d0 1938 INFO CleanController CCleanController::StopV2 "CleanController.cpp" 384 "Shutting down CleanController"
05/12/18 " 18:15:26.477" 810144234 49d0 1938 INFO CleanControllerImpl CleanControllerImpl::StopV2 "CleanControllerImpl.cpp" 165 "Stopping Clean Controller Impl"
05/12/18 " 18:15:26.477" 810144234 49d0 4bfc WARNING SwissarmyShim SwissarmyShimImpl::ValidateHandle "SwissarmyShimImpl.cpp" 1817 "DDA not installed."
05/12/18 " 18:15:26.477" 810144234 49d0 4bfc WARNING SwissarmyShim SwissarmyShimImpl::IsInstalled "SwissarmyShimImpl.cpp" 155 "Invalid SwissarmyHandle (d5ead900)"
05/12/18 " 18:15:26.556" 810144312 49d0 4bfc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop::<lambda_4375c5e3f6111d1e5b82059269c270c0>::operator () "CleanControllerImpl.cpp" 811 "Exiting CleanControllerImpl::ThreadLoop()"
05/12/18 " 18:15:26.618" 810144375 49d0 1938 INFO CleanController CCleanController::StopV2 "CleanController.cpp" 419 "CleanController shutdown complete"
05/12/18 " 18:15:26.618" 810144375 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 645 "Successfully stopped Clean Controller"
05/12/18 " 18:15:26.618" 810144375 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 664 "Stopping Telemetry Controller"
05/12/18 " 18:15:26.649" 810144406 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 673 "Successfully stopped Telemetry Controller"
05/12/18 " 18:15:26.649" 810144406 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 680 "Stopping Cloud Controller"
05/12/18 " 18:15:26.681" 810144437 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 689 "Successfully stopped Cloud Controller"
05/12/18 " 18:15:26.681" 810144437 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 696 "Stopping Update Controller"
05/12/18 " 18:15:26.712" 810144468 49d0 1938 INFO UpdateControllerCOM CUpdateControllerModuleLoader::UnloadImplementation "UpdateControllerModuleLoader.cpp" 139 "Unloaded the Update Controller implementation module."
05/12/18 " 18:15:26.712" 810144468 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 705 "Successfully stopped Update Controller"
05/12/18 " 18:15:26.712" 810144468 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 719 "Stopping License Controller"
05/12/18 " 18:15:26.759" 810144515 49d0 1938 INFO LicenseControllerCOM CLicenseControllerModuleLoader::UnloadImplementation "LicenseControllerModuleLoader.cpp" 145 "Unloaded the License Controller implementation module."
05/12/18 " 18:15:26.774" 810144531 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 728 "Successfully stopped License Controller"
05/12/18 " 18:15:26.774" 810144531 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 735 "Stopping Policies Controller"
05/12/18 " 18:15:26.774" 810144531 49d0 1938 INFO PoliciesControllerCOM CPoliciesControllerModuleLoader::UnloadImplementation "PoliciesControllerModuleLoader.cpp" 114 "Unloaded the Policies Controller implementation module."
05/12/18 " 18:15:26.774" 810144531 49d0 1938 INFO PoliciesControllerCOM CPoliciesController::Stop "PoliciesController.cpp" 133 "Policies Controller shutdown complete"
05/12/18 " 18:15:26.774" 810144531 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 744 "Successfully stopped Policies Controller"
05/12/18 " 18:15:26.774" 810144531 49d0 1938 INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 757 "Service Controller stopped successfully in 3.937 seconds."
05/12/18 " 18:15:26.774" 810144531 49d0 1938 INFO LogController CLogController::Stop "LogController.cpp" 192 "Stopping logging"
05/12/18 " 18:18:03.186" 63937 11d4 15c8 INFO LogController CLogController::Start "LogController.cpp" 93 "Started logging"
05/12/18 " 18:18:03.186" 63937 11d4 15c8 INFO LogController CLogController::Start "LogController.cpp" 95 "Local time zone: 'Mitteleuropäische Sommerzeit' (UTC+02:00)"
05/12/18 " 18:18:03.310" 64062 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 371 "Service Controller starting controller initialization"
05/12/18 " 18:18:03.310" 64062 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 372 "Product code MBAM-C"
05/12/18 " 18:18:03.326" 64078 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 373 "Product version 3.5.1.2522"
05/12/18 " 18:18:03.326" 64078 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 374 "Product build consumer"
05/12/18 " 18:18:03.623" 64375 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 375 "OS Version Windows 10 (Build 16299.431)"
05/12/18 " 18:18:04.654" 65406 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "ServiceControllerImplementation.cpp" 2023 "Policies Controller Started"
05/12/18 " 18:18:04.826" 65578 11d4 15c8 INFO LicenseControllerCOM CLicenseController::Start "LicenseController.cpp" 98 "CLicenseController::Start"
05/12/18 " 18:18:05.232" 65984 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "ServiceControllerImplementation.cpp" 2053 "License Controller Started"
05/12/18 " 18:18:05.482" 66234 11d4 15c8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "UpdateControllerImplHelper.cpp" 324 "COMPONENT PACKAGE VERSION: 1.0.365, DB PACKAGE VERSION: 1.0.5080"
05/12/18 " 18:18:07.061" 67812 11d4 15c8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 18:18:16.692" 77453 11d4 15c8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 18:18:16.692" 77453 11d4 15c8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 18:18:16.739" 77500 11d4 15c8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::SetMinSupportedCULevel "UpdateControllerImplHelper.cpp" 5122 "Minimum supported Component (CU) package version is: 1.0.354"
05/12/18 " 18:18:16.739" 77500 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "ServiceControllerImplementation.cpp" 2110 "Update Controller Started"
05/12/18 " 18:18:16.739" 77500 11d4 15c8 INFO CloudController CCloudController::Start "CloudController.cpp" 101 "CCloudController::Initialize"
05/12/18 " 18:18:16.927" 77687 11d4 15c8 INFO CloudCtrlImpl Initialize "CloudControllerImpl.cpp" 58 "CC Initialize called"
05/12/18 " 18:18:17.333" 78093 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "ServiceControllerImplementation.cpp" 2141 "Cloud Controller Started"
05/12/18 " 18:18:17.427" 78187 11d4 15c8 INFO TelemController CTelemetryController::Start_impl "TelemetryController.cpp" 157 "::Initialize"
05/12/18 " 18:18:17.599" 78359 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartTelemetryController "ServiceControllerImplementation.cpp" 2202 "Telemetry Controller Started"
05/12/18 " 18:18:17.630" 78390 11d4 15c8 INFO CleanController CCleanController::StartV2 "CleanController.cpp" 155 "Initializing CleanController"
05/12/18 " 18:18:17.833" 78593 11d4 15c8 INFO CleanControllerImpl CleanControllerImpl::Start "CleanControllerImpl.cpp" 90 "Starting Clean Controller Impl"
05/12/18 " 18:18:17.833" 78593 11d4 15c8 INFO CleanController CCleanController::StartV2::<lambda_0c7e478e3a96988dedb44b6982b548fa>::operator () "CleanController.cpp" 156 "CleanController initialization complete"
05/12/18 " 18:18:17.833" 78593 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartCleanController "ServiceControllerImplementation.cpp" 2264 "Clean Controller Started"
05/12/18 " 18:18:17.833" 78593 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 825 "Initializing system paths and resolving DOR status"
05/12/18 " 18:18:19.052" 79812 11d4 15c8 INFO SwissarmyDDA DDAInstall "dda.cpp" 249 "Existing driver is not loaded."
|
|
14.05.2018, 14:13
| #14 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 10. Teil Code:
ATTFilter 05/12/18 " 18:18:19.255" 80015 11d4 15c8 INFO SwissarmyDDA DDAInstall "dda.cpp" 261 "Successfully installed swissarmy driver."
05/12/18 " 18:18:19.255" 80015 11d4 15c8 INFO SwissarmyShim SwissarmyShimImpl::InstallEx "SwissarmyShimImpl.cpp" 1715 "Swissarmy was successfully installed. DdaContext (000001542ECD5490), Mode (0), DriverName (MBAMSwissArmy), DeviceFileName (\\.\MBAMSwissArmy), LogFile (), BootStart (false)."
05/12/18 " 18:18:19.645" 80406 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartScanController "ServiceControllerImplementation.cpp" 2294 "Scan Controller Started"
05/12/18 " 18:18:19.802" 80562 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartRtpController "ServiceControllerImplementation.cpp" 2324 "RTP Controller Started"
05/12/18 " 18:18:19.817" 80578 11d4 15c8 INFO MWACControllerCOM CMWACController::InitializeV2 "MWACController.cpp" 315 "Initializing MWAC Controller"
05/12/18 " 18:18:19.817" 80578 11d4 15c8 INFO MWACControllerCOM CMWACController::InitializeV2::<lambda_643a76174211e62591089d2d15f087a3>::operator () "MWACController.cpp" 316 "MWAC Controller initialization complete"
05/12/18 " 18:18:20.224" 80984 11d4 1880 INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/12/18 " 18:18:20.646" 81406 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 846 "Processing pending actions"
05/12/18 " 18:18:20.755" 81515 11d4 1880 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
05/12/18 " 18:18:20.770" 81531 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartMWACController "ServiceControllerImplementation.cpp" 2355 "MWAC Controller Started"
05/12/18 " 18:18:20.942" 81703 11d4 0448 INFO Actions ActionsManager::ProcessPendingActionsAfterReboot "ActionsManager.cpp" 972 "Executing pending post cleanup actions"
05/12/18 " 18:18:20.942" 81703 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 951 "Initializing CLS Engine"
05/12/18 " 18:18:20.942" 81703 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 986 "Initializing swiss army SDK"
05/12/18 " 18:18:21.005" 81765 11d4 0448 INFO SwissarmyShim SwissarmyShimImpl::InstallEx "SwissarmyShimImpl.cpp" 1715 "Swissarmy was successfully installed. DdaContext (000001542FE8CA90), Mode (1), DriverName (MBAMSwissArmy), DeviceFileName (\\.\MBAMSwissArmy), LogFile (), BootStart (false)."
05/12/18 " 18:18:21.005" 81765 11d4 0448 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/12/18 " 18:18:21.020" 81781 11d4 0448 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/12/18 " 18:18:21.020" 81781 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1033 "Loading Hubble cache"
05/12/18 " 18:18:21.052" 81812 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartArwController "ServiceControllerImplementation.cpp" 2388 "ARW Controller Started"
05/12/18 " 18:18:21.317" 82078 11d4 18c8 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwRulesHandler::LoadConfig "RulesHandler.cpp" 39 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwRulesConfig.json. Using default values."
05/12/18 " 18:18:21.317" 82078 11d4 18d4 INFO ArwSDK "" 0 "{Thread: 0x000018C8, Tick: 0x0001409E} [ArwLib::Globals::Impl_SetRules] Rules received."
05/12/18 " 18:18:21.317" 82078 11d4 18d4 INFO ArwSDK "" 0 "{Thread: 0x000018C8, Tick: 0x0001409E} [ArwLib::Globals::Impl_SetRules] Rules applied correctly."
05/12/18 " 18:18:22.067" 82828 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartAEController "ServiceControllerImplementation.cpp" 2418 "Anti-Exploit Controller Started"
05/12/18 " 18:18:22.099" 82859 11d4 18f8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::LoadAeSdk "AEControllerImplHelper.cpp" 292 "Load and initialize the MbaeSdk"
05/12/18 " 18:18:22.567" 83328 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1060 "Starting white list manager"
05/12/18 " 18:18:22.567" 83328 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1079 "Starting restore engine"
05/12/18 " 18:18:22.567" 83328 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1103 "Initializing Browser SDK"
05/12/18 " 18:18:22.614" 83375 11d4 0448 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1135 "Entering into main loop"
05/12/18 " 18:18:22.786" 83546 11d4 15c8 INFO SPControllerImpl mb::spcontrollerimpl::SPShimModuleLoader::SPShimSetVerificationMode "SPShimModuleLoader.cpp" 445 "verification mode = 0 ."
05/12/18 " 18:18:22.786" 83546 11d4 15c8 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 153 "Verify Driver."
05/12/18 " 18:18:22.786" 83546 11d4 15c8 INFO SPSDK VerifyDriver "SelfProtectionUser.cpp" 236 "Verifying SelfProtection driver."
05/12/18 " 18:18:22.786" 83546 11d4 15c8 INFO SPSDK VerifyDriver "SelfProtectionUser.cpp" 239 "SelfProtection driver was successfully Verified."
05/12/18 " 18:18:22.786" 83546 11d4 15c8 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 160 "Start SP protection."
05/12/18 " 18:18:22.786" 83546 11d4 15c8 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::StartProtection "SPControllerImplHelper.cpp" 1100 "Enter StartProtection for SP controller."
05/12/18 " 18:18:22.802" 83562 11d4 18f8 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 205 "mbae-api-na.dll was successfully loaded. aePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbae-api-na.dll>."
05/12/18 " 18:18:22.802" 83562 11d4 15c8 INFO SPSDK AnalyzeDriverState "SelfProtectionUser.cpp" 537 "AnalyzeDriverState returns 0x9"
05/12/18 " 18:18:22.802" 83562 11d4 15c8 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::StartProtection "SPControllerImplHelper.cpp" 1199 "Current driver state is (9)."
05/12/18 " 18:18:22.974" 83734 11d4 18f8 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 220 "Successfully Initialized MBAE"
05/12/18 " 18:18:22.974" 83734 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeSetConfig "AeShimImpl.cpp" 249 "Successfully configured MBAE."
05/12/18 " 18:18:23.067" 83828 11d4 18c8 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartArwProtection "ArwControllerImplHelper.cpp" 746 "Anti-Ransomware protection has been started."
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeSetExclusions "AeShimImpl.cpp" 337 "Successfully set exclusion list"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winrar.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzip.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7z.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zFM.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zG.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (S7Z.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zextractor.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip32.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip64.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wzdisktools.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzipss.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cmd.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mshta.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winhlp32.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wscript.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (quicktimeplayer.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winamp.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (vlc.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mplayer2.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wmplayer.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (powerpnt.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excel.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excelc.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winword.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winwordc.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mspub.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (eqnedt32.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (soffice.bin)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxitreader.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxit reader.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Foxit PhantomPDF.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FoxitPhantomPDF.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrord32.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrobat.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (java.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaw.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaws.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (dragon.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (waterfox.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tor.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tbb-firefox.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (palemoon.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cyberfox.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (icedragon.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (seamonkey.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (maxthon.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mxapploader.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_plugin_wrapper.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_wrapper_32.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (iexplore.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdge.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdgeCP.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (chrome.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (old_chrome.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (firefox.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (plugin-container.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FlashPlayerPlugin*.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (helpctr.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (fltldr.exe)"
05/12/18 " 18:18:23.130" 83890 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mbae-test.exe)"
05/12/18 " 18:18:25.177" 85937 11d4 186c INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/12/18 " 18:18:25.817" 86578 11d4 186c INFO RtpShim RtpShimImpl::Install "RtpShimImpl.cpp" 139 "rtp.dll was successfully loaded. rtpPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\rtp.dll>."
05/12/18 " 18:18:25.849" 86609 11d4 186c WARNING RtpSDK RtpUserImpl::Install "RtpUserImpl.cpp" 53 "MBAMProtector already installed! Remove this instance."
05/12/18 " 18:18:26.536" 87296 11d4 186c INFO RtpSDK RtpUserImpl::Start "RtpUserImpl.cpp" 256 "Rtp driver started."
05/12/18 " 18:18:26.536" 87296 11d4 186c INFO RtpShim RtpShimImpl::Start "RtpShimImpl.cpp" 233 "Rtp successfully started."
05/12/18 " 18:18:26.927" 87687 11d4 15c8 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 171 "Successfully initialized the SPControllerImpl, spFolderPath=[C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE]."
05/12/18 " 18:18:26.927" 87687 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 2171 "Self-Protection Controller Started"
05/12/18 " 18:18:26.927" 87687 11d4 15c8 INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 2173 "Start Service Controller complete"
05/12/18 " 18:18:30.599" 91359 11d4 18f8 INFO AeShimImpl AeShimImpl::MbaeStart "AeShimImpl.cpp" 358 "MBAE started."
05/12/18 " 18:18:30.599" 91359 11d4 18f8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::StartProtectionImpl "AEControllerImplHelper.cpp" 591 "Protection Started"
05/12/18 " 18:18:36.911" 97671 11d4 1798 INFO IrisImpl mb::updatecontrollerimpl::IrisScheduler::run "IrisImpl.cpp" 654 "Calling check for updates from Iris"
05/12/18 " 18:18:36.911" 97671 11d4 1798 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "IrisImpl.cpp" 85 "Entering IrisCheck. Checking with Iris for messages."
05/12/18 " 18:18:38.661" 99421 11d4 1798 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::ProcessMessages "IrisImpl.cpp" 255 "JSON response has a messages collection. Processing messages."
05/12/18 " 18:18:52.942" 113703 11d4 1438 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:15.552" 136312 11d4 059c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:15.568" 136328 11d4 1438 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:15.568" 136328 11d4 059c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:15.568" 136328 11d4 1210 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:15.568" 136328 11d4 1224 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:15.849" 136609 11d4 059c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:19.068" 139828 11d4 1438 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:19.083" 139843 11d4 059c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:19.099" 139859 11d4 1438 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:19.114" 139875 11d4 059c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:19.130" 139890 11d4 1438 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:19.146" 139906 11d4 059c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:19.224" 139984 11d4 1438 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:19:42.052" 162812 11d4 059c INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:20:24.755" 205515 11d4 198c INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/12/18 " 18:20:24.771" 205531 11d4 1990 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x1"
05/12/18 " 18:20:30.490" 211250 11d4 198c INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/12/18 " 18:20:36.021" 216781 11d4 1600 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/12/18 " 18:20:36.021" 216781 11d4 1600 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/12/18 " 18:20:56.115" 236875 11d4 1438 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 18:21:34.618" 275375 11d4 186c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 18:21:34.618" 275375 11d4 186c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' in Hubble's cache, value = WhiteListed"
05/12/18 " 18:21:34.618" 275375 11d4 186c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' (shuriken) => Hubble:WhiteListed"
05/12/18 " 18:21:38.846" 279609 11d4 1864 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|24AAB8C944A6420E901E3D08AB37FE4081279B982D315515F5F21AC479FCAC0A' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 18:21:38.846" 279609 11d4 1864 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' in Hubble's cache, value = WhiteListed"
05/12/18 " 18:21:38.846" 279609 11d4 1864 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' (shuriken) => Hubble:WhiteListed"
05/12/18 " 18:21:44.018" 284781 11d4 186c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3AC3D29B89616421F2F92743A9FA32CC14C7D309D0898AC3A73E8668B04B8199' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 18:21:44.018" 284781 11d4 186c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' in Hubble's cache, value = WhiteListed"
05/12/18 " 18:21:44.018" 284781 11d4 186c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' (shuriken) => Hubble:WhiteListed"
05/12/18 " 18:23:06.907" 367671 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 18:23:08.329" 369093 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 18:23:08.329" 369093 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 18:23:08.329" 369093 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 18:23:08.329" 369093 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 18:23:08.329" 369093 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 18:23:08.329" 369093 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 18:23:08.329" 369093 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5080]"
05/12/18 " 18:23:08.829" 369593 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/12/18 " 18:23:08.829" 369593 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 18:26:29.954" 570718 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:26:32.095" 572859 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:26:32.579" 573343 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:26:33.657" 574421 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:26:34.986" 575750 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:26:45.876" 586640 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:26:55.939" 596703 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:45:06.797" 1687562 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:46:35.720" 1776484 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 18:53:02.502" 2163265 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 19:01:49.929" 2690687 11d4 2f3c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 19:04:20.063" 2840828 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:04:20.438" 2841203 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:04:21.219" 2841984 11d4 3d28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:04:21.899" 2842656 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:04:21.938" 2842703 11d4 2cf0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:04:22.071" 2842828 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:04:22.266" 2843031 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:04:25.137" 2845890 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:04:29.599" 2850359 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:05:06.797" 2887562 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:05:37.671" 2918421 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:09:08.239" 3129000 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:09:37.478" 3158234 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:10:19.374" 3200125 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:10:20.041" 3200796 11d4 1a28 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:11:35.938" 3276703 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:15:08.693" 3489453 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:15:13.355" 3494109 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:16:54.421" 3595171 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:16:59.944" 3600703 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:17:00.127" 3600890 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:17:21.464" 3622218 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:18:09.749" 3670500 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:23:06.837" 3967593 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 19:23:08.243" 3969000 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 19:23:08.243" 3969000 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 19:23:08.243" 3969000 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 19:23:08.243" 3969000 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 19:23:08.243" 3969000 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 19:23:08.243" 3969000 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 19:23:08.243" 3969000 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5080]"
05/12/18 " 19:23:08.774" 3969531 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/12/18 " 19:23:08.774" 3969531 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 19:26:19.862" 4160625 11d4 3d20 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 19:29:24.078" 4344828 11d4 2464 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 19:30:38.449" 4419203 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 19:42:02.286" 5103046 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:42:08.421" 5109171 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:42:10.255" 5111015 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:42:10.823" 5111578 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:42:39.252" 5140015 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:42:42.620" 5143375 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:45:19.340" 5300093 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 19:45:20.977" 5301734 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 20:12:27.832" 6928593 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 20:23:06.778" 7567531 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 20:23:08.189" 7568953 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 20:23:08.189" 7568953 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 20:23:08.189" 7568953 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 20:23:08.189" 7568953 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 20:23:08.191" 7568953 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 20:23:08.191" 7568953 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 20:23:08.191" 7568953 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5080]"
05/12/18 " 20:23:08.749" 7569500 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/12/18 " 20:23:08.749" 7569500 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 20:23:57.863" 7618625 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 20:35:29.143" 8309906 11d4 42f8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 20:35:56.909" 8337671 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 20:38:22.382" 8483140 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 20:43:59.177" 8819937 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 20:51:10.252" 9251015 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 20:51:22.197" 9262953 11d4 3158 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 20:52:53.745" 9354500 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 20:53:05.214" 9365968 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 20:59:53.806" 9774562 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:00:24.680" 9805437 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:00:36.982" 9817734 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:03:38.402" 9999156 11d4 45a0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 21:04:05.244" 10026000 11d4 4720 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 21:06:25.779" 10166531 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:07:21.720" 10222484 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:08:18.931" 10279687 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:10:51.666" 10432421 11d4 198c INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/12/18 " 21:10:51.681" 10432437 11d4 1990 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x2"
05/12/18 " 21:10:54.553" 10435312 11d4 3e48 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/12/18 " 21:10:54.553" 10435312 11d4 3e48 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/12/18 " 21:11:22.122" 10462875 11d4 1868 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A69D37C34713A16210D3A325418DF1ACAAA0CD252BCEB41ABDE91775FE193FC9' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 21:11:22.122" 10462875 11d4 1868 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\WordExpander\WordExpander.exe' in Hubble's cache, value = WhiteListed"
05/12/18 " 21:11:22.122" 10462875 11d4 1868 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\WordExpander\WordExpander.exe' (shuriken) => Hubble:WhiteListed"
05/12/18 " 21:18:46.220" 10906984 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:21:40.852" 11081609 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:21:55.700" 11096453 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:22:48.905" 11149656 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:23:06.759" 11167515 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 21:23:08.132" 11168890 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 21:23:08.132" 11168890 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 21:23:08.132" 11168890 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 21:23:08.132" 11168890 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 21:23:08.132" 11168890 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 21:23:08.132" 11168890 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 21:23:08.132" 11168890 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5080]"
05/12/18 " 21:23:08.660" 11169421 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/12/18 " 21:23:08.660" 11169421 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 21:23:44.262" 11205015 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:24:53.043" 11273796 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:24:53.215" 11273968 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:25:32.125" 11312890 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:25:45.463" 11326218 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:27:10.731" 11411484 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:27:21.233" 11421984 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:27:36.451" 11437203 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:29:08.231" 11528984 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:30:04.624" 11585375 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:31:45.696" 11686453 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:32:05.777" 11706531 11d4 4bd4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 21:34:58.247" 11879000 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:35:08.252" 11889015 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:35:42.060" 11922812 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:35:53.289" 11934046 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:36:18.282" 11959046 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:36:26.460" 11967218 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:37:49.682" 12050437 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:37:54.467" 12055218 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:38:25.028" 12085781 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:39:03.307" 12124062 11d4 46bc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 21:39:57.196" 12177953 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 21:39:57.678" 12178437 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 21:40:40.176" 12220937 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 21:41:44.650" 12285406 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (LibreOffice)"
05/12/18 " 21:42:09.522" 12310281 11d4 49e8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 21:42:58.118" 12358875 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 21:42:58.587" 12359343 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 21:43:33.090" 12393843 11d4 5520 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 21:45:42.735" 12523500 11d4 1868 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|C091E5E6769D23C37746C8E636B6644B8FE7D973986E86BB385BE2601EEE2B51' in Hubble cache, white list status = 'WhiteListed'"
05/12/18 " 21:45:42.735" 12523500 11d4 1868 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\TV-Browser\tvbrowser.exe' in Hubble's cache, value = WhiteListed"
05/12/18 " 21:45:42.735" 12523500 11d4 1868 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\TV-Browser\tvbrowser.exe' (shuriken) => Hubble:WhiteListed"
05/12/18 " 21:48:51.674" 12712437 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 21:53:04.481" 12965234 11d4 4600 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Microsoft Office Word)"
05/12/18 " 22:08:36.886" 13897640 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Foxit Reader)"
05/12/18 " 22:16:38.349" 14379109 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:16:44.449" 14385203 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:16:46.161" 14386921 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:16:52.299" 14393062 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:16:56.231" 14396984 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:20:34.263" 14615015 11d4 09f8 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 22:20:34.263" 14615015 11d4 0fbc INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 22:20:34.278" 14615031 11d4 0f84 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 22:20:34.278" 14615031 11d4 0fbc INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 22:20:34.278" 14615031 11d4 0f84 INFO RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::WscChangeCallback "RTPControllerImplHelper.cpp" 2767 "WscChangeCallback"
05/12/18 " 22:20:49.060" 14629812 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:20:55.178" 14635937 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:21:04.355" 14645109 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:21:08.917" 14649671 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:21:12.106" 14652859 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:21:45.713" 14686468 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:21:51.642" 14692406 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:21:59.141" 14699906 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:22:03.322" 14704078 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:22:05.414" 14706171 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:22:52.926" 14753687 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:23:06.664" 14767421 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 22:23:07.998" 14768750 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 22:23:07.998" 14768750 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 22:23:07.998" 14768750 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 22:23:07.998" 14768750 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 22:23:08.000" 14768750 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 22:23:08.000" 14768750 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 22:23:08.000" 14768750 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5080]"
05/12/18 " 22:23:08.533" 14769296 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5082) of pkg [mbam-c.dbcls.64bit] (FULL) is available"
05/12/18 " 22:23:08.534" 14769296 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5082) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/12/18 " 22:23:08.535" 14769296 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 640 "Available updates found - beginning download"
05/12/18 " 22:23:08.855" 14769609 11d4 2460 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z"
05/12/18 " 22:23:09.039" 14769796 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/12/18 " 22:23:09.059" 14769812 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/12/18 " 22:23:09.266" 14770031 11d4 1794 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/12/18 " 22:23:09.413" 14770171 11d4 1794 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/12/18 " 22:23:09.415" 14770171 11d4 1794 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions"
05/12/18 " 22:23:09.416" 14770171 11d4 1794 INFO BrowserSDKShim BrowserSDKShim::PrepareUpdate "BrowserSDKShim.cpp" 125 "Starting update of browser sdk"
05/12/18 " 22:23:16.751" 14777515 11d4 1794 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions"
05/12/18 " 22:23:16.893" 14777656 11d4 1794 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/12/18 " 22:23:16.967" 14777718 11d4 1794 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/12/18 " 22:23:20.903" 14781656 11d4 1794 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/12/18 " 22:23:20.904" 14781656 11d4 1794 INFO BrowserSDKShim BrowserSDKShim::FinishUpdate "BrowserSDKShim.cpp" 154 "Finishing update of browser sdk"
05/12/18 " 22:23:21.000" 14781765 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/12/18 " 22:23:21.001" 14781765 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5082"
05/12/18 " 22:23:21.002" 14781765 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.12.04"
05/12/18 " 22:23:21.008" 14781765 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 22:23:22.356" 14783109 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 22:23:22.356" 14783109 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 22:23:22.453" 14783203 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/12/18 " 22:23:22.453" 14783203 11d4 0444 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/12/18 " 22:23:22.455" 14783218 11d4 0444 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/12/18 " 22:23:22.802" 14783562 11d4 1880 INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/12/18 " 22:23:22.997" 14783750 11d4 1880 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
|
|
14.05.2018, 14:15
| #15 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads MBAM 11. Teil Code:
ATTFilter 05/12/18 " 22:23:43.320" 14804078 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 22:23:44.488" 14805250 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 22:23:44.711" 14805468 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 22:23:45.911" 14806671 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 22:23:47.135" 14807890 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/12/18 " 22:24:09.623" 14830375 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:24:55.237" 14876000 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:01.404" 14882156 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:08.190" 14888953 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:12.334" 14893093 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:13.567" 14894328 11d4 4af8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:13.675" 14894437 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:14.365" 14895125 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:14.573" 14895328 11d4 082c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:15.008" 14895765 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:17.005" 14897765 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:18.600" 14899359 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:25:21.607" 14902359 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:34:54.511" 15475265 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:34:58.365" 15479125 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:34:58.529" 15479281 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:35:24.285" 15505046 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:38:58.826" 15719578 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:40:04.989" 15785750 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 22:41:01.033" 15841796 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 23:20:45.947" 18226703 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 23:21:09.952" 18250703 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 23:21:57.466" 18298218 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 23:22:42.472" 18343234 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 23:22:59.530" 18360281 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Google Chrome (and plug-ins))"
05/12/18 " 23:23:06.457" 18367218 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/12/18 " 23:23:08.871" 18369625 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/12/18 " 23:23:08.872" 18369625 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/12/18 " 23:23:08.890" 18369640 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/12/18 " 23:23:08.890" 18369640 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/12/18 " 23:23:08.894" 18369656 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/12/18 " 23:23:08.894" 18369656 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/12/18 " 23:23:08.894" 18369656 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5082]"
05/12/18 " 23:23:09.511" 18370265 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/12/18 " 23:23:09.511" 18370265 11d4 1794 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 00:12:27.145" 21327906 11d4 198c INFO ServiceControllerImpl ServiceControllerImplementation::PowerSuspendNotificationImpl "ServiceControllerImplementation.cpp" 2563 "Notifying controllers of power suspend"
05/13/18 " 05:57:20.472" 42021234 11d4 198c INFO ServiceControllerImpl ServiceControllerImplementation::PowerResumeNotificationImpl "ServiceControllerImplementation.cpp" 2595 "Notifying controllers of power resume"
05/13/18 " 05:57:24.023" 42024781 11d4 198c INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/13/18 " 05:57:24.023" 42024781 11d4 1990 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 87 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x4"
05/13/18 " 05:57:26.726" 42027484 11d4 198c INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2660 "Notifying controllers of session logon"
05/13/18 " 05:57:33.710" 42034468 11d4 472c INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/13/18 " 05:57:33.710" 42034468 11d4 472c INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/13/18 " 05:57:50.476" 42051234 11d4 1f58 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::IrisCheck "IrisImpl.cpp" 85 "Entering IrisCheck. Checking with Iris for messages."
05/13/18 " 05:57:50.960" 42051718 11d4 1f58 INFO IrisImpl mb::updatecontrollerimpl::IrisImpl::ProcessMessages "IrisImpl.cpp" 255 "JSON response has a messages collection. Processing messages."
05/13/18 " 05:57:55.413" 42056171 11d4 1864 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 05:57:55.413" 42056171 11d4 1864 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 05:57:55.413" 42056171 11d4 1864 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 05:57:59.126" 42059890 11d4 1864 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|24AAB8C944A6420E901E3D08AB37FE4081279B982D315515F5F21AC479FCAC0A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 05:57:59.126" 42059890 11d4 1864 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 05:57:59.126" 42059890 11d4 1864 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 05:58:03.563" 42064328 11d4 1868 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3AC3D29B89616421F2F92743A9FA32CC14C7D309D0898AC3A73E8668B04B8199' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 05:58:03.563" 42064328 11d4 1868 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' in Hubble's cache, value = WhiteListed"
05/13/18 " 05:58:03.563" 42064328 11d4 1868 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe' (shuriken) => Hubble:WhiteListed"
05/13/18 " 05:58:20.790" 42081546 11d4 3ac0 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::StartScan "Scanner.cpp" 613 "Starting a Threat scan, clientID = 831d796c-55da-11e8-93d4-2c56dc97df15, clientType = MBClientScheduler."
05/13/18 " 05:58:20.805" 42081562 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 05:58:24.743" 42085500 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 05:58:24.743" 42085500 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 05:58:24.743" 42085500 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (manual)"
05/13/18 " 05:58:24.743" 42085500 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[No], SDK/Ctlr=[No], DB/CLS=[Yes]"
05/13/18 " 05:58:24.743" 42085500 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5082]"
05/13/18 " 05:58:25.258" 42086015 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5086) of pkg [mbam-c.dbcls.64bit] (FULL) is available"
05/13/18 " 05:58:25.258" 42086015 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5084) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/13/18 " 05:58:25.258" 42086015 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5086) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/13/18 " 05:58:25.258" 42086015 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 640 "Available updates found - beginning download"
05/13/18 " 05:58:25.586" 42086343 11d4 1128 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z"
05/13/18 " 05:58:25.774" 42086531 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/13/18 " 05:58:25.774" 42086531 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/13/18 " 05:58:25.852" 42086609 11d4 1128 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta2\dbcls.64bit.incr.7z"
05/13/18 " 05:58:26.040" 42086796 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/13/18 " 05:58:26.040" 42086796 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/13/18 " 05:58:26.602" 42087359 11d4 0638 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/13/18 " 05:58:26.805" 42087562 11d4 0638 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/13/18 " 05:58:26.820" 42087578 11d4 0638 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions"
05/13/18 " 05:58:26.867" 42087625 11d4 0638 INFO BrowserSDKShim BrowserSDKShim::PrepareUpdate "BrowserSDKShim.cpp" 125 "Starting update of browser sdk"
05/13/18 " 05:58:29.393" 42090156 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/13/18 " 05:58:29.393" 42090156 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5084"
05/13/18 " 05:58:29.393" 42090156 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.12.05"
05/13/18 " 05:58:35.721" 42096484 11d4 0638 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions"
05/13/18 " 05:58:36.065" 42096828 11d4 0638 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/13/18 " 05:58:36.190" 42096953 11d4 0638 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/13/18 " 05:58:40.034" 42100796 11d4 0638 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/13/18 " 05:58:40.034" 42100796 11d4 0638 INFO BrowserSDKShim BrowserSDKShim::FinishUpdate "BrowserSDKShim.cpp" 154 "Finishing update of browser sdk"
05/13/18 " 05:58:40.440" 42101203 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/13/18 " 05:58:40.440" 42101203 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5086"
05/13/18 " 05:58:40.440" 42101203 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.12.06"
05/13/18 " 05:58:40.440" 42101203 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 05:58:41.893" 42102656 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 05:58:41.893" 42102656 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 05:58:42.034" 42102796 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 05:58:42.034" 42102796 11d4 0444 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/13/18 " 05:58:42.034" 42102796 11d4 0444 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/13/18 " 05:58:42.831" 42103593 11d4 1880 INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/13/18 " 05:58:43.128" 42103890 11d4 1880 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
05/13/18 " 05:58:45.268" 42106031 11d4 385c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 68583 records."
05/13/18 " 06:00:32.020" 42212781 11d4 4bb4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.ChipDe, ObjectPath=HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\chip1click"
05/13/18 " 06:00:32.035" 42212796 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Init "Linker.cpp" 94 "Initializing linker"
05/13/18 " 06:00:33.301" 42214062 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/13/18 " 06:00:33.317" 42214078 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK' => None:Unknown"
05/13/18 " 06:00:33.317" 42214078 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK' => None:Unknown"
05/13/18 " 06:00:33.332" 42214093 11d4 4bb4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/13/18 " 06:00:33.332" 42214093 11d4 4bb4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/13/18 " 06:00:33.332" 42214093 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::LinkingEngine "LinkingEngine.cpp" 76 "Start of LinkingEngine constructor"
05/13/18 " 06:00:33.332" 42214093 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitHotspots "LinkingEngine.cpp" 268 "Start of InitHotspots"
05/13/18 " 06:00:33.332" 42214093 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitHotKeys "LinkingEngine.cpp" 134 "Start of InitHotKeys"
05/13/18 " 06:00:33.332" 42214093 11d4 3c20 INFO CleanControllerImpl LinkingEngine::TraverseHotspots "LinkingEngine.cpp" 294 "Start of TraverseHotspots"
05/13/18 " 06:00:33.332" 42214093 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitHotValues "LinkingEngine.cpp" 216 "Start of InitHotValues"
05/13/18 " 06:00:33.332" 42214093 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::EnumerateProcesses "LinkingEngine.cpp" 352 "Start of EnumerateProcesses"
05/13/18 " 06:00:33.629" 42214390 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitMaps "LinkingEngine.cpp" 372 "Start of InitMaps"
05/13/18 " 06:00:50.473" 42231234 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitMaps "LinkingEngine.cpp" 398 "End of InitMaps"
05/13/18 " 06:00:50.473" 42231234 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitFileToRunKeysValuesMap "LinkingEngine.cpp" 485 "Start of InitFileToRunKeysValuesMap"
05/13/18 " 06:00:50.489" 42231250 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitFileToAutoRunValuesMap "LinkingEngine.cpp" 539 "Start of InitFileToAutoRunValuesMap"
05/13/18 " 06:00:50.489" 42231250 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitHKCRSubKeys "LinkingEngine.cpp" 624 "Start of InitHKCRSubKeys"
05/13/18 " 06:00:50.567" 42231328 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitSSODLKeyValues "LinkingEngine.cpp" 646 "Start of InitSSODLKeyValues"
05/13/18 " 06:00:50.567" 42231328 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitBHOSubKeys "LinkingEngine.cpp" 669 "Start of InitBHOSubKeys"
05/13/18 " 06:00:50.567" 42231328 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::InitTypeLibraryInterfaces "LinkingEngine.cpp" 692 "Start of InitTypeLibraryInterfaces"
05/13/18 " 06:01:02.661" 42243421 11d4 3c20 INFO CleanControllerImpl LinkingEngine::TraverseHotspots::<lambda_d638330b458f0892c23ac451252ac39f>::operator () "LinkingEngine.cpp" 296 "End of TraverseHotspots"
05/13/18 " 06:01:02.661" 42243421 11d4 3c20 INFO CleanControllerImpl LinkingEngine::InitTasksDataStructures "LinkingEngine.cpp" 726 "Start of InitTasksDataStructures"
05/13/18 " 06:01:03.989" 42244750 11d4 3c20 INFO CleanControllerImpl LinkingEngine::InitTasksDataStructures "LinkingEngine.cpp" 754 "End of InitTasksDataStructures"
05/13/18 " 06:01:03.989" 42244750 11d4 4bb4 INFO CleanControllerImpl LinkingEngine::LinkingEngine "LinkingEngine.cpp" 119 "End of LinkingEngine constructor"
05/13/18 " 06:01:04.051" 42244812 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 142 "Hubble disabled for non-Shuriken/scan detections, path='C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE'"
05/13/18 " 06:01:04.051" 42244812 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE' => None:Unknown"
05/13/18 " 06:01:04.051" 42244812 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE' => None:Unknown"
05/13/18 " 06:01:04.051" 42244812 11d4 4bb4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3883 "Threat detected: ThreatName=PUP.Optional.ChipDe, ObjectPath=HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\chip 1-click download service"
05/13/18 " 06:01:04.067" 42244828 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 209 "Finding linked traces"
05/13/18 " 06:01:04.067" 42244828 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE' => None:Unknown"
05/13/18 " 06:01:04.067" 42244828 11d4 4bb4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE' => None:Unknown"
05/13/18 " 06:01:04.067" 42244828 11d4 4bb4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 467 "Getting detected threats from actions"
05/13/18 " 06:01:04.067" 42244828 11d4 4bb4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 795 "Getting linked traces"
05/13/18 " 06:01:09.879" 42250640 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|95B2916EE68375E982E2647FDF9EA85AC7EC478C0109309567982DF1DBB572B6' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:01:09.879" 42250640 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:01:09.879" 42250640 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:02:20.036" 42320796 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 06:02:21.458" 42322218 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 06:02:21.458" 42322218 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 06:02:21.458" 42322218 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 06:02:21.458" 42322218 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 06:02:21.458" 42322218 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 06:02:21.458" 42322218 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 06:02:21.458" 42322218 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5086]"
05/13/18 " 06:02:21.958" 42322718 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 665 "Checked for updates - no updates available"
05/13/18 " 06:02:21.958" 42322718 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 06:03:31.770" 42392531 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:03:31.770" 42392531 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:03:31.770" 42392531 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:03:32.224" 42392984 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:03:32.224" 42392984 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:03:32.224" 42392984 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:03:32.286" 42393046 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:03:32.286" 42393046 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:03:32.286" 42393046 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:03:59.724" 42420484 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:03:59.724" 42420484 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\AMDUSB3DEVICEDETECTOR\NUSB3MON.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:03:59.724" 42420484 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\AMDUSB3DEVICEDETECTOR\NUSB3MON.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:04:01.239" 42422000 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|24AAB8C944A6420E901E3D08AB37FE4081279B982D315515F5F21AC479FCAC0A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:04:01.239" 42422000 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\SCIROCCO\SCIROCCO TAKE A BREAK\TAKEABREAK.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:04:01.239" 42422000 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\SCIROCCO\SCIROCCO TAKE A BREAK\TAKEABREAK.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:04:05.349" 42426109 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3AC3D29B89616421F2F92743A9FA32CC14C7D309D0898AC3A73E8668B04B8199' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:04:05.349" 42426109 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\BROTHER\BROTHER HELP\BROTHERHELP.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:04:05.349" 42426109 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\BROTHER\BROTHER HELP\BROTHERHELP.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:04:08.349" 42429109 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|271F3DEB0CC6828BD894DC9462D30C4D440A96E1D82927C92CCD8A99D48FA14D' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:04:08.349" 42429109 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\BROWNY02\BRYNSVC.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:04:08.349" 42429109 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\BROWNY02\BRYNSVC.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:04:12.286" 42433046 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:04:12.286" 42433046 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\COMMON FILES\SONY SHARED\FSK\SONYSCSIHELPERSERVICE.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:04:12.286" 42433046 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\COMMON FILES\SONY SHARED\FSK\SONYSCSIHELPERSERVICE.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:04:18.896" 42439656 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A69D37C34713A16210D3A325418DF1ACAAA0CD252BCEB41ABDE91775FE193FC9' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:04:18.896" 42439656 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\WORDEXPANDER\WORDEXPANDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:04:18.896" 42439656 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\WORDEXPANDER\WORDEXPANDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:20.927" 42621687 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3D77947C6FBDF1A23B8059829CF15B2687420D299BAA0BC47DFDAC26F5B00905' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:20.927" 42621687 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2212704e-5663-11e8-8ce2-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:20.927" 42621687 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2212704e-5663-11e8-8ce2-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:20.990" 42621750 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|8B0DB0DDFAFF4686A9FD22B15934AC51DB6465982656E93A79BC78B4E5C818ED' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:20.990" 42621750 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\221bf9b6-5663-11e8-9e53-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:20.990" 42621750 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\221bf9b6-5663-11e8-9e53-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:21.037" 42621796 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7C2959935B02B92B9D1E721CDD4265E846EE46994DDD951EF171781160CA4670' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:21.037" 42621796 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\222a47d2-5663-11e8-9572-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:21.037" 42621796 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\222a47d2-5663-11e8-9572-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:21.084" 42621843 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|DC88CB30BC97CDCEA675F57B2154280529E84BE0AE43AA220FD6490E8A1F3EE8' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:21.084" 42621843 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\DESKTOP\WINDOWS LIZENZSCHLüSSEL.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:21.084" 42621843 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\DESKTOP\WINDOWS LIZENZSCHLüSSEL.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:30.990" 42631750 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|85CBE3F2BD61316543023DFD03984B79BFE7E9E43DB9A7886FCF040A48C84C8C' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:30.990" 42631750 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\ANKI\ANKI.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:30.990" 42631750 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ANKI\ANKI.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:35.678" 42636437 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|2CF4F78EC4BE99258BC91F5D94A9AF261F0DBDFD55D0100DCA2CA88813AAD4B4' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:35.678" 42636437 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCBOOT.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:35.678" 42636437 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCBOOT.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:38.896" 42639656 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7496F86C82C6AAA97A0EF8925FC5F197ECCD8E944CE88D8D2A3E35141C64F58E' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:38.896" 42639656 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCUXSYS.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:38.896" 42639656 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCCUXSYS.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:38.959" 42639718 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3FA2C24B32E01C88EDD94DABF8A20FDDA99D26E7D1E753BA0A62F62CF92D2A5C' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:38.959" 42639718 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCTRLCNTR.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:38.959" 42639718 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRCTRLCNTR.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:39.146" 42639906 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3D042B08E1F07D16CE48FFB012FBFEB83A3B1C777E32D5DFC2ECDCE6E1113EA9' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:39.146" 42639906 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRMAPISEND.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:39.146" 42639906 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRMAPISEND.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:39.334" 42640093 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|06FE230D5474FF988D9AF5292F562707A725E0843941A2AFBB30223BED2755A0' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:39.334" 42640093 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRTWNACCS.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:39.334" 42640093 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\CONTROLCENTER4\BRTWNACCS.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:47.303" 42648062 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|1C436467BB14AD031B46747547B7E747041AE73F38F44767B3ED23CAB1AB796E' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:47.303" 42648062 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\GMAILDEFAULTMAKER\GMAILDEFAULTMAKER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:47.303" 42648062 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\GMAILDEFAULTMAKER\GMAILDEFAULTMAKER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:47.818" 42648578 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|2B3D9CEE0B5C88482E7F802EF110EC50BD848DE79C0E5A64167EEDF932E09167' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:47.818" 42648578 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\JL SEASIDE CALENDAR\JL SEASIDE CALENDAR.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:47.818" 42648578 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\JL SEASIDE CALENDAR\JL SEASIDE CALENDAR.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:49.146" 42649906 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|79515ACD2F85B95E12495A55EDC0EFE52454559C63A661FF9A74DA0AFD010D75' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:49.146" 42649906 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\JUTOH\JUTOH_LAUNCHER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:49.146" 42649906 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\JUTOH\JUTOH_LAUNCHER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:57.474" 42658234 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7A8ACE1744B8CF940609A35CCE6A3C0A01CF5C7880CD3A8614D71AD9354B8E1A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:57.474" 42658234 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\PC-FAXRECEIVE\PCFAXRX.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:57.474" 42658234 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\PC-FAXRECEIVE\PCFAXRX.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:57.740" 42658500 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|022F11D78E3E6F8651DDEB3E7E4E195A6EA2E28CC57A92B518AB00355AE10D91' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:57.740" 42658500 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRLOGRX.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:57.740" 42658500 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRLOGRX.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:57.959" 42658718 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|3D34D47BCA2A6705A643EF914D6C669F99877050B7466C13F350868694653A06' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:57.959" 42658718 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRMFRMSS.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:57.959" 42658718 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\REMOTESETUP\BRMFRMSS.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:07:58.381" 42659140 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|1D9FBAF080FF3B9FC552809B08A15A1F039D44F5B4EB9B25EC336E7CD6087B0F' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:07:58.381" 42659140 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\SCRIVENER\CLIPBOARD.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:07:58.381" 42659140 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\SCRIVENER\CLIPBOARD.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:27.178" 42687937 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|CFDA8654934AA0936A0865AE30DF3F52FC98D5ACA5CE1E549DC6F944606E5ED5' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:27.178" 42687937 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\TINYPIC\TINYPIC.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:27.178" 42687937 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\TINYPIC\TINYPIC.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:27.318" 42688078 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|C091E5E6769D23C37746C8E636B6644B8FE7D973986E86BB385BE2601EEE2B51' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:27.318" 42688078 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:27.318" 42688078 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:28.178" 42688937 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|E902C3C853E8B7C5C91A8EB6086210DAB56E8571F047632A3D5EAACF7649DB36' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:28.178" 42688937 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER_NODD.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:28.178" 42688937 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\TV-BROWSER\TVBROWSER_NODD.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:35.537" 42696296 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 06:08:37.662" 42698421 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|1E1DA6511886A623DD2A41250A08B02EBDB374F3CB556C95B58A59A058FEE9B1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:37.662" 42698421 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\4fb0375c-5663-11e8-ac92-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:37.662" 42698421 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\4fb0375c-5663-11e8-ac92-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:38.662" 42699421 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 06:08:39.115" 42699875 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 06:08:39.849" 42700609 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 06:08:40.099" 42700859 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 06:08:41.068" 42701828 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 06:08:43.631" 42704390 11d4 0b30 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2386 "App Injected (Mozilla Firefox (and add-ons))"
05/13/18 " 06:08:47.959" 42708718 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|4338ACA3F0BFC8F164930427162592E5C0B072DF7F5A46457FA4789909B0B6FF' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:47.959" 42708718 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\55f4c754-5663-11e8-85ec-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:47.959" 42708718 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\55f4c754-5663-11e8-85ec-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:48.053" 42708812 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|CCA93CF0B2BD40E440DC34160FECBFA0016A3FBC6F603CA7C5442568735A96B1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:48.053" 42708812 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\560c9eec-5663-11e8-8428-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:48.053" 42708812 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\560c9eec-5663-11e8-8428-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:48.396" 42709156 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|38A4E59FE4913AAB87C06A358A290A5F9CDB0D17D8077F90E4137E6E3F94C6D7' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:48.396" 42709156 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5639eba4-5663-11e8-ac71-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:48.396" 42709156 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5639eba4-5663-11e8-ac71-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:48.412" 42709171 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|8E2C3A0087D584DDCEDDA2CFBA7A8DB1ACCBF378A0D9A0BADA7F5891E270CD54' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:48.412" 42709171 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\564112bc-5663-11e8-acd2-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:48.412" 42709171 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\564112bc-5663-11e8-acd2-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:49.850" 42710609 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|85DF17AEC997EA769BD5FA56EA78164F123B6337CFDAB619735C64B58F8791C7' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:49.850" 42710609 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\571a08ba-5663-11e8-8fcd-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:49.850" 42710609 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\571a08ba-5663-11e8-8fcd-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:51.365" 42712125 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|F65E80A15F41E8A9EA3384EA68507C6D30FEA5954DBE5026C5156A1C5C1E3CDA' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:51.365" 42712125 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\57fc8870-5663-11e8-86c4-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:51.365" 42712125 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\57fc8870-5663-11e8-86c4-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:51.412" 42712171 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|D7E8B5D18CF3946C0FAB9FBA957A47EF92DD752EE24A52D366A8C18D61E2DCF1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:51.412" 42712171 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\580613b8-5663-11e8-b457-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:51.412" 42712171 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\580613b8-5663-11e8-b457-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:52.553" 42713312 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7B8795A2FB328442378D56B67D2C85BCE86B0E40B0DCA1B4113F553CBBD906AB' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:52.553" 42713312 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\58b6800e-5663-11e8-b021-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:52.553" 42713312 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\58b6800e-5663-11e8-b021-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:55.147" 42715906 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|5D759CF2CDAF9A66763323F342A462A9BE141E74D6A43F6C7C6AD41C18F0674E' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:55.147" 42715906 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5a3fe460-5663-11e8-8f27-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:55.147" 42715906 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5a3fe460-5663-11e8-8f27-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:55.193" 42715953 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A731D5993B9864D829FF0E0144572CD816E9998797902D1A6307549213508A18' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:55.193" 42715953 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5a470f4c-5663-11e8-b83d-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:55.193" 42715953 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5a470f4c-5663-11e8-b83d-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:08:56.271" 42717031 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|22CED8BEFD5EC9BD8DF58CA6FECB27EB1EC289BAAA1350459488CC4691CC16F8' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:08:56.271" 42717031 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5af0525a-5663-11e8-8513-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:08:56.271" 42717031 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\5af0525a-5663-11e8-8513-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:09:10.568" 42731328 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A0ADA2DB30EE5CD575246B4D1271C84F5540B776B3992954070DE6C520518D83' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:09:10.568" 42731328 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\63711734-5663-11e8-b012-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:09:10.568" 42731328 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\63711734-5663-11e8-b012-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:09:10.678" 42731437 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|E8DEA40EB60BBA7D43E59768AFA00D9486300BFD8A2F7BA9576BD1B01B595AD5' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:09:10.678" 42731437 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\6388eea4-5663-11e8-b268-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:09:10.678" 42731437 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\6388eea4-5663-11e8-b268-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:09:25.475" 42746234 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|95B2916EE68375E982E2647FDF9EA85AC7EC478C0109309567982DF1DBB572B6' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:09:25.475" 42746234 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:09:25.475" 42746234 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\OXPSCONVERTER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:10:24.334" 42805093 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|11B4AD54831D7062DFBB38A13A37BCED9C46D28F0DD11A9EAFBC31282632826A' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:10:24.334" 42805093 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\8f7004d0-5663-11e8-8ed4-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:10:24.334" 42805093 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\8f7004d0-5663-11e8-8ed4-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:10:25.834" 42806593 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|7D277AB2CAC293A6CD3C8E2E92F0EF720E1257764FCC1CA9BB210EC7E9A2884F' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:10:25.834" 42806593 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9054eaf0-5663-11e8-9bf0-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:10:25.834" 42806593 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9054eaf0-5663-11e8-9bf0-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:10:26.131" 42806890 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|CF8FE678EB7EE4D74089E1975B94CB364C8C43FBDE43BB12612FD69EE3B234F5' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:10:26.131" 42806890 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\907fd116-5663-11e8-ab35-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:10:26.131" 42806890 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\907fd116-5663-11e8-ab35-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:10:48.397" 42829156 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|A0ADA2DB30EE5CD575246B4D1271C84F5540B776B3992954070DE6C520518D83' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:10:48.397" 42829156 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9dc54aea-5663-11e8-9787-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:10:48.397" 42829156 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9dc54aea-5663-11e8-9787-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:10:48.553" 42829312 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|4E73515C7004AC747CD129A2372621B4348D9C6185EAA299CF51A8AD75B0F49F' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:10:48.553" 42829312 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9ddd2264-5663-11e8-b009-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:10:48.553" 42829312 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9ddd2264-5663-11e8-b009-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:10:48.725" 42829484 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|8D44F5F10D6AA32F87D3A1B7D13AD35108BEFB20360A96CC502A4FA6703A5EE5' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:10:48.725" 42829484 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9df4fe02-5663-11e8-9116-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:10:48.725" 42829484 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9df4fe02-5663-11e8-9116-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:10:48.803" 42829562 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|4CCE814DD613B765456E23123DD64D5EC7090EA3849C171A232783982ECBA43E' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:10:48.803" 42829562 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9dfc20ec-5663-11e8-8f13-2c56dc97df15' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:10:48.803" 42829562 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9dfc20ec-5663-11e8-8f13-2c56dc97df15' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:11:19.819" 42860578 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:11:19.819" 42860578 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:11:19.819" 42860578 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:11:20.506" 42861265 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 237 "Found hash 'shuriken|35C15E57F1BC8F72A712FA3313A0333EA84D2C4D52F176CE23B4505B3D10CAB1' in Hubble cache, white list status = 'WhiteListed'"
05/13/18 " 06:11:20.506" 42861265 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 198 "Found hash of file 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' in Hubble's cache, value = WhiteListed"
05/13/18 " 06:11:20.506" 42861265 11d4 2ce4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\ADMIN\APPDATA\LOCAL\NO23 RECORDER.EXE' (shuriken) => Hubble:WhiteListed"
05/13/18 " 06:12:33.881" 42934640 11d4 385c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 146 "Shutting down linker, waiting for it to complete"
05/13/18 " 06:12:33.881" 42934640 11d4 385c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::UnInit "Linker.cpp" 133 "Un-initializing linker"
05/13/18 " 06:12:34.444" 42935203 11d4 385c INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 146 "Shutting down linker, waiting for it to complete"
05/13/18 " 06:12:35.069" 42935828 11d4 385c INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::PerformScan "Scanner.cpp" 938 "Scan completed."
05/13/18 " 06:12:35.069" 42935828 11d4 385c INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/13/18 " 06:12:35.225" 42935984 11d4 385c INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/13/18 " 06:12:35.225" 42935984 11d4 385c INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/13/18 " 06:12:35.288" 42936046 11d4 385c INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/13/18 " 06:12:36.072" 42936828 11d4 1738 ERROR CleanController CCleanController::FireHistoryLogAdded "CleanController.cpp" 1978 "Firing history log added, 0x800706ba"
05/13/18 " 06:12:39.237" 42940000 11d4 385c INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/13/18 " 07:02:20.967" 45921718 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 07:02:22.373" 45923125 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 07:02:22.373" 45923125 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 07:02:22.373" 45923125 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 626 "DoUpdate - Starting check for updates (automatic)"
05/13/18 " 07:02:22.373" 45923125 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 634 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]"
05/13/18 " 07:02:22.373" 45923125 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1262 "Installer package --> [mbam-c.installer.consumer], current version: [3.5.1]"
05/13/18 " 07:02:22.373" 45923125 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1295 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.365]"
05/13/18 " 07:02:22.373" 45923125 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1329 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.5086]"
05/13/18 " 07:02:22.982" 45923734 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5088) of pkg [mbam-c.dbcls.64bit] (FULL) is available"
05/13/18 " 07:02:22.982" 45923734 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1185 "A New version (1.0.5088) of pkg [mbam-c.dbcls.64bit] (INCR) is available"
05/13/18 " 07:02:22.998" 45923750 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 640 "Available updates found - beginning download"
05/13/18 " 07:02:23.279" 45924031 11d4 60a8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 3289 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z"
05/13/18 " 07:02:23.529" 45924281 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1599 "[UpdCtlrEvent] downloaded pkg. Type: DB / current_CU: 1.0.365 / machine_id: f07d03d49bca65e70b4706307d02abac29862e29"
05/13/18 " 07:02:23.545" 45924296 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1612 "Successfully downloaded: mbam-c.dbcls.64bit"
05/13/18 " 07:02:23.732" 45924484 11d4 0638 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update"
05/13/18 " 07:02:23.904" 45924656 11d4 0638 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown."
05/13/18 " 07:02:23.904" 45924656 11d4 0638 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions"
05/13/18 " 07:02:23.904" 45924656 11d4 0638 INFO BrowserSDKShim BrowserSDKShim::PrepareUpdate "BrowserSDKShim.cpp" 125 "Starting update of browser sdk"
05/13/18 " 07:02:31.170" 45931921 11d4 0638 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions"
05/13/18 " 07:02:31.310" 45932062 11d4 0638 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update"
05/13/18 " 07:02:31.388" 45932140 11d4 0638 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll>."
05/13/18 " 07:02:35.248" 45936000 11d4 0638 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE>. DefsFolderPath=<C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE>."
05/13/18 " 07:02:35.248" 45936000 11d4 0638 INFO BrowserSDKShim BrowserSDKShim::FinishUpdate "BrowserSDKShim.cpp" 154 "Finishing update of browser sdk"
05/13/18 " 07:02:35.357" 45936109 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1999 "DoIncrementalUpdate was successful."
05/13/18 " 07:02:35.357" 45936109 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2802 "Successfully updated DB/ClsEng package version to: 1.0.5088"
05/13/18 " 07:02:35.357" 45936109 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2810 "Set DB version to: 2018.05.13.01"
05/13/18 " 07:02:35.357" 45936109 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4524 "Signature successfully validated"
05/13/18 " 07:02:36.732" 45937484 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 4528 "DB manifest successfully validated"
05/13/18 " 07:02:36.732" 45937484 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4885 "Validated DB manifest - success"
05/13/18 " 07:02:36.826" 45937578 11d4 0638 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 681 "Update check is complete."
05/13/18 " 07:02:36.826" 45937578 11d4 0444 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb"
05/13/18 " 07:02:36.826" 45937578 11d4 0444 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2978 "Successfully parsed 196 records."
05/13/18 " 07:02:37.170" 45937921 11d4 1880 INFO MWACShimImpl MwacShimImpl::InitializeInternal "MWACShimImpl.cpp" 98 "MWAC dll was successfully loaded. MWACFilePath=<C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll>."
05/13/18 " 07:02:37.326" 45938078 11d4 1880 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 924 "Initialization succeeded"
05/13/18 " 07:25:39.785" 47320546 11d4 4dd8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1070 "Entering GetMessageIDList in the Service."
05/13/18 " 07:25:39.785" 47320546 11d4 4dd8 INFO UpdateControllerCOM CUpdateController::GetMessageIDList "UpdateController.cpp" 1091 "GetNumMessages returned 0 messages available. Nothing to do here."
05/13/18 " 07:39:35.755" 48156515 11d4 0448 INFO CleanControllerImpl Cleaner::Clean "Cleaner.cpp" 56 "Start of clean, client 'MbamUI', detection results 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\e030a797-5661-11e8-ad41-2c56dc97df15.json'"
05/13/18 " 07:39:35.791" 48156546 11d4 1738 ERROR CleanController CCleanController::FireCleanStateChanged "CleanController.cpp" 1593 "Firing clean state changed failed, 0x800706ba"
05/13/18 " 07:39:35.964" 48156718 11d4 0448 INFO CleanControllerImpl DOREngine::PreCleanIsRebootRequired "DOREngine.cpp" 165 "Must reboot, process found C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE"
05/13/18 " 07:39:35.964" 48156718 11d4 0448 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 560 "Quarantining HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK"
05/13/18 " 07:39:36.152" 48156906 11d4 0448 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 420 "Quarantining C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE"
05/13/18 " 07:39:36.154" 48156906 11d4 0448 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 560 "Quarantining HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHIP 1-CLICK DOWNLOAD SERVICE"
05/13/18 " 07:39:36.275" 48157031 11d4 0448 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of RegKey HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK"
05/13/18 " 07:39:36.276" 48157031 11d4 0448 INFO CleanControllerImpl RemovalEngine::RemediateRegKey "RemovalEngine.cpp" 468 "Cleaning reg key HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK, anti - rootkit = false"
05/13/18 " 07:39:36.277" 48157031 11d4 0448 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1481 "Succeeded cleaning reg key 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK'"
05/13/18 " 07:39:36.277" 48157031 11d4 0448 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 152 "Copying quarantine metadata for HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK"
05/13/18 " 07:39:36.279" 48157031 11d4 0448 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 664 "Succeeded quarantining RegKey 'HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHIP1CLICK'"
05/13/18 " 07:39:36.279" 48157031 11d4 0448 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 314 "Starting cleaning of File C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE"
05/13/18 " 07:39:36.279" 48157031 11d4 0448 INFO CleanControllerImpl RemovalEngine::RemediateFile "RemovalEngine.cpp" 1035 "Cleaning file 'C:\PROGRAM FILES (X86)\CHIP DIGITAL GMBH\CHIP1CLICK\CHIP 1-CLICK INSTALLER.EXE', anti-rootkit = false"
05/13/18 " 07:39:36.285" 48157046 11d4 1738 ERROR CleanController CCleanController::FireQuarantineItemAdded "CleanController.cpp" 1638 "Firing quarantine item added failed, 0x800706ba"
05/13/18 " 07:39:36.287" 48157046 11d4 1738 ERROR CleanController CCleanController::FireItemRemediated "CleanController.cpp" 2042 "Firing quarantine item added failed, 0x800706ba"
05/13/18 " 07:39:36.352" 48157109 11d4 0448 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1308 "Deleting file 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE', resolved path = 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE'"
05/13/18 " 07:39:36.376" 48157140 11d4 0448 WARNING CleanControllerImpl mb::common::io::NtFileSystemUtils::DeleteFileObject "NtFileSystemUtils.cpp" 216 "Error deleting '\??\C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP 1-CLICK INSTALLER.EXE', error = 'Zugriff verweigert ' (0xc0000121)"
|
|
| Themen zu Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads |
| aktualisieren, anderes, anweisung, avast, benutzerkonten, erfolgreich, escan, fenster, folge, gen, jahre, laptop, logfile, mbam, meldungen, neue, neuen, nichts, plagegeister, probleme, quarantäne, rechner, scan, scans, sekunden, win, win7, windows 10 |
Linear-Darstellung
