Date Time Tick Count Process ID Thread ID Log Level Context Tag Function Name File Name Line Number Message 09/23/17 " 00:38:55.680" 1126794847 152c 1924 INFO LogController CLogController::Start "LogController.cpp" 86 "Started logging" 09/23/17 " 00:38:55.680" 1126794847 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 284 "Service Controller starting controller initialization" 09/23/17 " 00:38:55.680" 1126794847 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 285 "Product code MBAM-C" 09/23/17 " 00:38:55.680" 1126794847 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 286 "Product version 3.2.2.2029" 09/23/17 " 00:38:55.680" 1126794847 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 287 "Product build consumer" 09/23/17 " 00:38:55.680" 1126794847 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 288 "OS Version Windows 7 Service Pack 1" 09/23/17 " 00:38:55.790" 1126794956 152c 1924 WARNING PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::LoadConfig "PoliciesConfigHandler.cpp" 414 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\PoliciesConfig.json. Using default values." 09/23/17 " 00:38:55.977" 1126795143 152c 1924 INFO PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::ShellExtensionControl "PoliciesConfigHandler.cpp" 1177 "Shell extension registered." 09/23/17 " 00:38:55.977" 1126795143 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "ServiceControllerImplementation.cpp" 1870 "Policies Controller Started" 09/23/17 " 00:38:55.977" 1126795143 152c 1924 INFO LicenseControllerCOM CLicenseController::Start "LicenseController.cpp" 98 "CLicenseController::Start" 09/23/17 " 00:38:56.117" 1126795284 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "ServiceControllerImplementation.cpp" 1899 "License Controller Started" 09/23/17 " 00:38:56.258" 1126795424 152c 1924 ERROR UpdateControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json" 09/23/17 " 00:38:56.258" 1126795424 152c 1924 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ReadConfig "UpdateControllerImplHelper.cpp" 316 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json not found; using default values" 09/23/17 " 00:38:56.336" 1126795502 152c 1924 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "UpdateControllerImplHelper.cpp" 250 "COMPONENT PACKAGE VERSION: 1.0.0, DB PACKAGE VERSION: 1.0.0" 09/23/17 " 00:38:56.336" 1126795502 152c 1924 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 00:38:56.632" 1126795798 152c 1924 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 00:38:56.632" 1126795798 152c 1924 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 00:38:56.772" 1126795939 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "ServiceControllerImplementation.cpp" 1928 "Update Controller Started" 09/23/17 " 00:38:56.772" 1126795939 152c 1924 INFO CloudController CCloudController::Start "CloudController.cpp" 101 "CCloudController::Initialize" 09/23/17 " 00:38:57.053" 1126796220 152c 1924 INFO CloudCtrlImpl Initialize "CloudControllerImpl.cpp" 58 "CC Initialize called" 09/23/17 " 00:38:57.069" 1126796235 152c 1924 ERROR CloudCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json" 09/23/17 " 00:38:57.069" 1126796235 152c 1924 INFO CloudCtrlImpl CloudControllerImplHelper::ReadConfig "CloudControllerImplHelper.cpp" 2177 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CloudConfig.json not found; using default values" 09/23/17 " 00:38:57.272" 1126796438 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "ServiceControllerImplementation.cpp" 1958 "Cloud Controller Started" 09/23/17 " 00:38:57.303" 1126796469 152c 1924 INFO TelemController CTelemetryController::Start_impl "TelemetryController.cpp" 116 "::Initialize" 09/23/17 " 00:38:57.474" 1126796641 152c 1924 ERROR TelemCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\TelemCtrlConfig.json" 09/23/17 " 00:38:57.474" 1126796641 152c 1924 INFO TelemCtrlImpl TelemetryControllerImpl::ReadConfig "TelemetryControllerImplHelper.cpp" 375 "Config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\TelemCtrlConfig.json not found; using default values" 09/23/17 " 00:38:57.474" 1126796641 152c 1924 ERROR TelemCtrlImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\telemetry.json" 09/23/17 " 00:38:57.474" 1126796641 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartTelemetryController "ServiceControllerImplementation.cpp" 2017 "Telemetry Controller Started" 09/23/17 " 00:38:57.506" 1126796672 152c 1924 INFO CleanController CCleanController::Start "CleanController.cpp" 150 "Initializing CleanController" 09/23/17 " 00:38:57.662" 1126796828 152c 1924 INFO CleanControllerImpl CleanControllerImpl::Start "CleanControllerImpl.cpp" 86 "Starting Clean Controller Impl" 09/23/17 " 00:38:57.662" 1126796828 152c 1924 ERROR CleanControllerImpl mb::common::json::JSONUtilities::ReadJSONFromFile "JSONUtilities.h" 42 "Could not open file for reading C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CleanControllerConfig.json" 09/23/17 " 00:38:57.662" 1126796828 152c 1924 WARNING CleanControllerImpl CleanControllerImpl::ReadConfig "CleanControllerImpl.cpp" 275 "Failed to read config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\CleanControllerConfig.json" 09/23/17 " 00:38:57.662" 1126796828 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 800 "Initializing system paths and resolving DOR status" 09/23/17 " 00:38:57.677" 1126796844 152c 1924 INFO CleanController CCleanController::Start::::operator () "CleanController.cpp" 151 "CleanController initialization complete" 09/23/17 " 00:38:57.677" 1126796844 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartCleanController "ServiceControllerImplementation.cpp" 2078 "Clean Controller Started" 09/23/17 " 00:38:57.677" 1126796844 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 821 "Processing pending actions" 09/23/17 " 00:38:58.052" 1126797218 152c 1924 WARNING ScanControllerImpl mb::scancontrollerimpl::ScanConfigHandler::LoadConfig "ScanConfigHandler.cpp" 77 "Could not load config file C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ScanConfig.json. Using default values." 09/23/17 " 00:38:58.083" 1126797249 152c 0d34 INFO Actions ActionsManager::ProcessPendingActionsAfterReboot "ActionsManager.cpp" 962 "Executing pending post cleanup actions" 09/23/17 " 00:38:58.083" 1126797249 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 925 "Initializing CLS Engine" 09/23/17 " 00:38:58.130" 1126797296 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 960 "Initializing swiss army SDK" 09/23/17 " 00:38:59.736" 1126798903 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartScanController "ServiceControllerImplementation.cpp" 2107 "Scan Controller Started" 09/23/17 " 00:38:59.877" 1126799043 152c 0d34 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/23/17 " 00:38:59.892" 1126799059 152c 0d34 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 94 records." 09/23/17 " 00:38:59.892" 1126799059 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 988 "Loading Hubble cache" 09/23/17 " 00:38:59.908" 1126799074 152c 1924 WARNING RTPControllerImpl mb::rtpcontrollerimpl::RTPConfigHandler::LoadConfig "RTPConfigHandler.cpp" 137 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\RtpConfig.json. Using default values." 09/23/17 " 00:38:59.908" 1126799074 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartRtpController "ServiceControllerImplementation.cpp" 2136 "RTP Controller Started" 09/23/17 " 00:38:59.908" 1126799074 152c 1924 INFO MWACControllerCOM CMWACController::StartV2 "MWACController.cpp" 231 "Initializing MWAC Controller" 09/23/17 " 00:39:00.111" 1126799277 152c 1924 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacConfigHandler::CreateMwacConfigFile "MwacConfigHandler.cpp" 374 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\MwacControllerConfig.json. Using default values." 09/23/17 " 00:39:00.111" 1126799277 152c 1924 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::IsLicenseStateValid "MWACControllerImplHelper.cpp" 479 "license state is: Unknown" 09/23/17 " 00:39:00.111" 1126799277 152c 1924 INFO MWACControllerCOM CMWACController::StartV2::::operator () "MWACController.cpp" 232 "MWAC Controller initialization complete" 09/23/17 " 00:39:00.111" 1126799277 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartMWACController "ServiceControllerImplementation.cpp" 2166 "MWAC Controller Started" 09/23/17 " 00:39:00.220" 1126799386 152c 1924 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwConfigHandler::LoadConfig "ArwConfigHandler.cpp" 67 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwControllerConfig.json. Using default values." 09/23/17 " 00:39:00.220" 1126799386 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartArwController "ServiceControllerImplementation.cpp" 2198 "ARW Controller Started" 09/23/17 " 00:39:01.499" 1126800666 152c 1924 WARNING AEControllerImpl mb::aecontrollerimpl::AEConfigHandler::LoadConfig "AeConfigHandler.cpp" 117 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\AeConfig.json. Using default values." 09/23/17 " 00:39:01.515" 1126800681 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartAEController "ServiceControllerImplementation.cpp" 2227 "Anti-Exploit Controller Started" 09/23/17 " 00:39:01.515" 1126800681 152c 14b8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::InitializeV2::::operator () "AEControllerImplHelper.cpp" 183 "Anti-Exploit is not licensed. MbaeSdk will not be loaded (0)" 09/23/17 " 00:39:01.624" 1126800790 152c 14b8 ERROR AEControllerImpl mb::aecontrollerimpl::AEShimModuleLoader::AeShimSetExclusions "AEShimModuleLoader.cpp" 365 "Cannot set exclusions! AEShim is not loaded." 09/23/17 " 00:39:01.624" 1126800790 152c 14b8 ERROR AEControllerImpl mb::aecontrollerimpl::AeExclusionsHandler::InitializeExclusions "ExclusionsHandler.cpp" 64 "Could not configure exclusions in MbaeSdk (-1)" 09/23/17 " 00:39:01.686" 1126800853 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1015 "Starting white list manager" 09/23/17 " 00:39:01.686" 1126800853 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1027 "Starting restore engine" 09/23/17 " 00:39:01.686" 1126800853 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1042 "Entering into main loop" 09/23/17 " 00:39:01.936" 1126801102 152c 1924 WARNING SPControllerImpl mb::spcontrollerimpl::SpConfigHandler::LoadConfig "SpConfigHandler.cpp" 203 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\Config\SpConfigFile.json. Using default values." 09/23/17 " 00:39:01.936" 1126801102 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 1987 "Self-Protection Controller Started" 09/23/17 " 00:39:01.936" 1126801102 152c 1924 INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 1989 "Start Service Controller complete" 09/23/17 " 00:39:01.936" 1126801102 0000 1a38 INFO MBAMInstaller IService.cpp "MbamService::Initialize" 197 "Starting post install process." 09/23/17 " 00:39:01.952" 1126801118 152c 1fa0 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 68 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x1" 09/23/17 " 00:39:02.108" 1126801274 0000 1a38 INFO MBAMInstaller Mbam2xLicense.cpp "Mbam2xLicense::Save" 109 "Key is empty, don't need to Activate." 09/23/17 " 00:39:02.108" 1126801274 152c 11dc INFO ScanControllerImpl mb::scancontrollerimpl::ScanScheduler::UpdateScheduledScans "ScanScheduler.cpp" 1105 "License state changed from Unknown to Free. Removing existing scheduled scans and adding a default monthly scan." 09/23/17 " 00:39:02.108" 1126801274 152c 11dc INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/23/17 " 00:39:02.108" 1126801274 152c 0fdc WARNING RTPControllerImpl mb::rtpcontrollerimpl::RTPControllerImpl::Enable "RTPControllerImplHelper.cpp" 613 "RTP has not been started, current state = [4]. cannot enable it." 09/23/17 " 00:39:02.108" 1126801274 152c 0fdc ERROR RTPControllerCOM CRTPController::EnableProtection "RTPController.cpp" 550 "Failed to enable the RTP module!" 09/23/17 " 00:39:02.108" 1126801274 0000 1a38 INFO MBAMInstaller Mbam2xSettings.cpp "Mbam2xSettings::SaveRtpSettings" 205 "Enable/DisableProtection (rtp) failed." 09/23/17 " 00:39:02.108" 1126801274 152c 0fdc INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartInitializationThread "MWACControllerImplHelper.cpp" 918 "Web Access Controller is currently initializing" 09/23/17 " 00:39:02.108" 1126801274 152c 0fdc INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/23/17 " 00:39:02.123" 1126801290 152c 0fdc INFO PoliciesControllerImpl mb::policiescontrollerimpl::PoliciesConfigHandler::ShellExtensionControl "PoliciesConfigHandler.cpp" 1193 "Shell extension unregistered." 09/23/17 " 00:39:02.123" 1126801290 0000 1a38 INFO MBAMInstaller suhlpr.cpp "EP2" 629 "Migrated settings from MBAM 2.x" 09/23/17 " 00:39:02.123" 1126801290 0000 1a38 INFO MBAMInstaller suhlpr.cpp "EP2" 667 "Starting Trial" 09/23/17 " 00:39:02.123" 1126801290 152c 0fdc INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::GetInstallationToken "KeystoneImpl.cpp" 1070 "Unable to retreive the installation token data. Performing a register to receive a token from Keystone." 09/23/17 " 00:39:02.123" 1126801290 152c 0fdc INFO LicenseControllerImpl mb::licensecontrollerimpl::KeystoneImpl::GetInstallationToken "KeystoneImpl.cpp" 1084 "GetInstallationToken machineId is empty, calulating the machineId." 09/23/17 " 00:39:02.170" 1126801336 152c 14b8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::InitializeV2::::operator () "AEControllerImplHelper.cpp" 255 "Start with Anti-Exploit disabled." 09/23/17 " 00:39:04.198" 1126803364 152c 11dc INFO ScanControllerImpl mb::scancontrollerimpl::ScanScheduler::UpdateScheduledScans "ScanScheduler.cpp" 1119 "License state changed from Free to Trial. Removing existing scheduled scans and adding a default daily scan." 09/23/17 " 00:39:04.214" 1126803380 0000 1a38 INFO MBAMInstaller IService.cpp "MbamService::~MbamService" 136 "Post install process finished." 09/23/17 " 00:39:04.448" 1126803614 152c 11dc INFO RtpShim RtpShimImpl::Install "RtpShimImpl.cpp" 139 "rtp.dll was successfully loaded. rtpPath=." 09/23/17 " 00:39:06.242" 1126805408 152c 11dc INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/23/17 " 00:39:10.345" 1126809511 152c 11dc INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/23/17 " 00:39:10.361" 1126809526 152c 11dc INFO RtpSDK RtpUserImpl::Start "RtpUserImpl.cpp" 230 "Rtp driver started." 09/23/17 " 00:39:10.361" 1126809526 152c 11dc INFO RtpShim RtpShimImpl::Start "RtpShimImpl.cpp" 230 "Rtp successfully started." 09/23/17 " 00:39:10.361" 1126809526 152c 11dc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::LoadAeSdk "AEControllerImplHelper.cpp" 270 "Load and initialize the MbaeSdk" 09/23/17 " 00:39:10.735" 1126809901 152c 1b0c INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwRulesHandler::LoadConfig "RulesHandler.cpp" 39 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwRulesConfig.json. Using default values." 09/23/17 " 00:39:10.907" 1126810072 152c 11dc INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 205 "mbae-api-na.dll was successfully loaded. aePath=." 09/23/17 " 00:39:10.938" 1126810104 152c 11dc INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 220 "Successfully Initialized MBAE" 09/23/17 " 00:39:10.938" 1126810104 152c 11dc INFO AeShimImpl AeShimImpl::MbaeSetConfig "AeShimImpl.cpp" 249 "Successfully configured MBAE." 09/23/17 " 00:39:11.032" 1126810197 152c 11dc INFO AeShimImpl AeShimImpl::MbaeSetExclusions "AeShimImpl.cpp" 337 "Successfully set exclusion list" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winrar.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzip.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7z.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zFM.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zG.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (S7Z.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zextractor.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip32.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip64.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wzdisktools.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzipss.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cmd.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mshta.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winhlp32.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wscript.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (quicktimeplayer.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winamp.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (vlc.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mplayer2.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wmplayer.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (powerpnt.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excel.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excelc.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winword.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winwordc.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mspub.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (soffice.bin)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxitreader.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxit reader.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Foxit PhantomPDF.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FoxitPhantomPDF.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrord32.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrobat.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (java.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaw.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaws.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (dragon.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (waterfox.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tor.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tbb-firefox.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (palemoon.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cyberfox.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (icedragon.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (seamonkey.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (maxthon.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mxapploader.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_plugin_wrapper.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_wrapper_32.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (iexplore.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdge.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdgeCP.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (chrome.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (old_chrome.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (firefox.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (plugin-container.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FlashPlayerPlugin*.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (helpctr.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (fltldr.exe)" 09/23/17 " 00:39:11.047" 1126810213 152c 11dc INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mbae-test.exe)" 09/23/17 " 00:39:14.308" 1126813473 152c 106c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 696015 records." 09/23/17 " 00:39:17.240" 1126816406 152c 1b0c INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartArwProtection "ArwControllerImplHelper.cpp" 737 "Anti-Ransomware protection has been started." 09/23/17 " 00:39:20.423" 1126819588 152c 11dc INFO AeShimImpl AeShimImpl::MbaeStart "AeShimImpl.cpp" 358 "MBAE started." 09/23/17 " 00:39:20.423" 1126819588 152c 11dc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::StartProtectionImpl "AEControllerImplHelper.cpp" 527 "Protection Started" 09/23/17 " 00:39:20.423" 1126819588 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::StartProtection "SPControllerImplHelper.cpp" 879 "Enter StartProtection for SP controller." 09/23/17 " 00:39:21.172" 1126820337 152c 1868 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 00:39:21.172" 1126820337 152c 1868 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 00:39:21.187" 1126820353 152c 1e0c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 00:39:21.203" 1126820368 152c 11dc INFO SPSDK Install "SelfProtectionUser.cpp" 73 "SelfProtection driver was successfully installed. Path=." 09/23/17 " 00:39:21.562" 1126820727 152c 11dc INFO SPSDK Install "SelfProtectionUser.cpp" 109 "SelfProtection StartDriver was false - 1" 09/23/17 " 00:39:21.593" 1126820758 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MALWAREBYTES ANTI-MALWARE\." 09/23/17 " 00:39:21.593" 1126820758 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/23/17 " 00:39:21.593" 1126820758 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/23/17 " 00:39:21.593" 1126820758 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/23/17 " 00:39:21.608" 1126820774 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/23/17 " 00:39:21.608" 1126820774 152c 11dc ERROR SPSDK SetGpIfeoProtection "SelfProtectionUser.cpp" 817 "SelfProtection Failed add/remove hash LE=2 (0 - 1)" 09/23/17 " 00:39:21.608" 1126820774 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\assistant.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:39:21.608" 1126820774 152c 106c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/23/17 " 00:39:21.608" 1126820774 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\malwarebytes_assistant.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:39:21.655" 1126820821 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbam.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:39:21.655" 1126820821 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MbamPt.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:39:21.686" 1126820852 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMService.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:39:21.702" 1126820868 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:39:21.702" 1126820868 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamwow.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:39:21.718" 1126820883 152c 11dc INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMWsc.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:39:32.782" 1126831944 152c 1c54 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::StartScan "Scanner.cpp" 538 "Starting a Threat scan, clientID = MbamUI, clientType = MBClientFullUI." 09/23/17 " 00:39:32.798" 1126831959 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 00:39:33.104" 1126832271 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 00:39:33.104" 1126832271 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 00:39:33.104" 1126832271 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (manual)" 09/23/17 " 00:39:33.104" 1126832271 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[No], SDK/Ctlr=[No], DB/CLS=[Yes]" 09/23/17 " 00:39:34.683" 1126833847 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2785]" 09/23/17 " 00:39:34.975" 1126834128 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2866) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/23/17 " 00:39:34.976" 1126834143 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/23/17 " 00:39:41.430" 1126840586 152c 14f4 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\dbcls.64bit.full.7z" 09/23/17 " 00:39:41.806" 1126840961 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/23/17 " 00:39:42.816" 1126841975 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 00:39:43.155" 1126842318 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 00:39:43.798" 1126842957 152c 13e8 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/23/17 " 00:39:43.932" 1126843098 152c 13e8 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/23/17 " 00:39:43.936" 1126843098 152c 13e8 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/23/17 " 00:39:43.979" 1126843145 152c 13e8 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/23/17 " 00:39:44.223" 1126843379 152c 13e8 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/23/17 " 00:39:44.432" 1126843597 152c 13e8 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/23/17 " 00:39:48.595" 1126847762 152c 13e8 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/23/17 " 00:39:48.595" 1126847762 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1803 "DoFullUpdate was successful." 09/23/17 " 00:39:48.596" 1126847762 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2866" 09/23/17 " 00:39:48.597" 1126847762 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.23.01" 09/23/17 " 00:39:48.717" 1126847871 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 00:39:48.717" 1126847871 152c 11b0 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/23/17 " 00:39:48.718" 1126847871 152c 11b0 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/23/17 " 00:39:49.133" 1126848293 152c 106c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/23/17 " 00:39:49.134" 1126848293 152c 106c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/23/17 " 00:39:53.688" 1126852848 152c 106c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/23/17 " 00:39:57.072" 1126856233 152c 19e4 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 83649 records." 09/23/17 " 00:40:01.616" 1126860773 152c 106c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/23/17 " 00:40:01.624" 1126860788 152c 106c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/23/17 " 00:40:03.344" 1126862504 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.BrowserExtensions, FilePath=C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS\UNINSTALL.EXE" 09/23/17 " 00:40:03.347" 1126862504 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Init "Linker.cpp" 93 "Initializing linker" 09/23/17 " 00:40:11.293" 1126870460 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\CTREGRUN.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:40:22.587" 1126881755 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\ATIBTMON.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:40:24.790" 1126883954 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:40:25.962" 1126885124 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS\UNINSTALL.EXE'" 09/23/17 " 00:40:25.963" 1126885124 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS\UNINSTALL.EXE' => None:Unknown" 09/23/17 " 00:40:25.963" 1126885124 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\MANNERPANNER\AppData\Roaming\BROWSEREXTENSIONS\UNINSTALL.EXE' => None:Unknown" 09/23/17 " 00:40:26.273" 1126885436 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): Folder 'C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS' => None:Unknown" 09/23/17 " 00:40:26.273" 1126885436 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions' => None:Unknown" 09/23/17 " 00:40:26.273" 1126885436 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:40:28.136" 1126887293 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\RESDEFE.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:40:28.388" 1126887543 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddDIRContents "PreCleanEngine.cpp" 511 "Traversing through dir 'C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS'" 09/23/17 " 00:40:28.390" 1126887543 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: Folder 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions' => None:Unknown" 09/23/17 " 00:40:32.151" 1126891318 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSWOW64\APOIM64.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:40:32.362" 1126891521 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe'" 09/23/17 " 00:40:32.362" 1126891521 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe' => None:Unknown" 09/23/17 " 00:40:32.854" 1126892020 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe'" 09/23/17 " 00:40:32.854" 1126892020 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe' => None:Unknown" 09/23/17 " 00:40:33.276" 1126892441 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe'" 09/23/17 " 00:40:33.276" 1126892441 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe' => None:Unknown" 09/23/17 " 00:40:33.865" 1126893018 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll'" 09/23/17 " 00:40:33.865" 1126893018 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll' => None:Unknown" 09/23/17 " 00:40:34.763" 1126893923 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll'" 09/23/17 " 00:40:34.763" 1126893923 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll' => None:Unknown" 09/23/17 " 00:40:34.873" 1126894032 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll'" 09/23/17 " 00:40:34.873" 1126894032 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll' => None:Unknown" 09/23/17 " 00:40:35.139" 1126894297 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll'" 09/23/17 " 00:40:35.139" 1126894297 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll' => None:Unknown" 09/23/17 " 00:40:35.139" 1126894297 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Uninstall.exe' => None:Unknown" 09/23/17 " 00:40:35.147" 1126894313 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:40:36.320" 1126895483 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSWOW64\ADDCAT.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:40:56.580" 1126915747 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:41:06.809" 1126925966 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\BIN\HPQSRMON.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:41:21.768" 1126940926 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:41:49.323" 1126968476 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}' => None:Unknown" 09/23/17 " 00:41:49.536" 1126968694 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}' => None:Unknown" 09/23/17 " 00:41:49.610" 1126968772 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS' => None:Unknown" 09/23/17 " 00:41:49.681" 1126968835 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS' => None:Unknown" 09/23/17 " 00:41:49.951" 1126969115 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:49.951" 1126969115 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:49.976" 1126969131 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:49.976" 1126969131 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:50.106" 1126969271 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:50.106" 1126969271 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:50.185" 1126969349 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:50.185" 1126969349 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:50.291" 1126969459 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:50.291" 1126969459 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:50.573" 1126969739 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:50.686" 1126969849 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:51.225" 1126970379 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:51.305" 1126970457 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}' => None:Unknown" 09/23/17 " 00:41:51.440" 1126970597 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32' => None:Unknown" 09/23/17 " 00:41:51.440" 1126970597 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32' => None:Unknown" 09/23/17 " 00:41:51.457" 1126970613 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32' => None:Unknown" 09/23/17 " 00:41:51.457" 1126970613 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32' => None:Unknown" 09/23/17 " 00:41:51.533" 1126970691 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32' => None:Unknown" 09/23/17 " 00:41:51.533" 1126970691 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: RegKey 'HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32' => None:Unknown" 09/23/17 " 00:41:52.388" 1126971549 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\SEARCHPLUGINS\YAHOO_FF.XML" 09/23/17 " 00:41:52.389" 1126971549 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:52.467" 1126971627 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\SEARCHPLUGINS\YAHOO_FF.XML'" 09/23/17 " 00:41:52.467" 1126971627 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\SEARCHPLUGINS\YAHOO_FF.XML' => None:Unknown" 09/23/17 " 00:41:52.467" 1126971627 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\SEARCHPLUGINS\yahoo_ff.xml' => None:Unknown" 09/23/17 " 00:41:52.468" 1126971627 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:41:52.468" 1126971627 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:41:52.471" 1126971627 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.BrowserExtensions, FilePath=HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017003952812\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_VER=2.9.0.4" 09/23/17 " 00:41:52.514" 1126971674 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:52.515" 1126971674 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_VER' => None:Unknown" 09/23/17 " 00:41:52.516" 1126971674 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_VER' => None:Unknown" 09/23/17 " 00:41:52.517" 1126971674 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS' => None:Unknown" 09/23/17 " 00:41:52.517" 1126971674 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS' => None:Unknown" 09/23/17 " 00:41:52.518" 1126971674 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:41:52.595" 1126971752 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:41:52.596" 1126971752 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017003952812\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE=https://search.yahoo.com/?type=313292&fr=spigot-yhp-ie" 09/23/17 " 00:41:52.715" 1126971877 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:52.817" 1126971970 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE' => None:Unknown" 09/23/17 " 00:41:52.819" 1126971986 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE' => None:Unknown" 09/23/17 " 00:41:52.820" 1126971986 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:41:52.820" 1126971986 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:41:52.821" 1126971986 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017003952812\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}|URL=https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=313292&p={searchTerms}" 09/23/17 " 00:41:52.821" 1126971986 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:52.823" 1126971986 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}|URL' => None:Unknown" 09/23/17 " 00:41:52.824" 1126971986 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}|URL' => None:Unknown" 09/23/17 " 00:41:52.825" 1126971986 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}' => None:Unknown" 09/23/17 " 00:41:52.825" 1126971986 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}' => None:Unknown" 09/23/17 " 00:41:52.825" 1126971986 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:41:52.826" 1126971986 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:41:53.005" 1126972157 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017003952812\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS=""C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe""" 09/23/17 " 00:41:53.005" 1126972157 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.006" 1126972173 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS and HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS" 09/23/17 " 00:41:53.007" 1126972173 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\SEARCHPLUGINS\YAHOO_FF.XML" 09/23/17 " 00:41:53.007" 1126972173 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.008" 1126972173 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\SEARCHPLUGINS\YAHOO_FF.XML and C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\SEARCHPLUGINS\yahoo_ff.xml" 09/23/17 " 00:41:53.010" 1126972173 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.BrowserExtensions, FilePath=HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}|=Browser Extensions" 09/23/17 " 00:41:53.010" 1126972173 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.010" 1126972173 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} and HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.011" 1126972173 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.BrowserExtensions, FilePath=HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}|=Browser Extensions" 09/23/17 " 00:41:53.011" 1126972173 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.012" 1126972173 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} and HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.012" 1126972173 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/23/17 " 00:41:53.012" 1126972173 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.624" 1126972781 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS'" 09/23/17 " 00:41:53.624" 1126972781 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS' => None:Unknown" 09/23/17 " 00:41:53.624" 1126972781 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js' => None:Unknown" 09/23/17 " 00:41:53.624" 1126972781 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:41:53.625" 1126972781 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:41:53.628" 1126972781 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/23/17 " 00:41:53.629" 1126972781 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.630" 1126972797 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS' => None:Unknown" 09/23/17 " 00:41:53.630" 1126972797 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js' => None:Unknown" 09/23/17 " 00:41:53.631" 1126972797 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:41:53.631" 1126972797 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:41:53.634" 1126972797 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.635" 1126972797 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.635" 1126972797 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} and HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.635" 1126972797 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017003952812\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.636" 1126972797 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.636" 1126972797 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} and HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.636" 1126972797 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.637" 1126972797 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.637" 1126972797 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} and HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.637" 1126972797 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.638" 1126972797 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.638" 1126972797 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} and HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.638" 1126972797 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.639" 1126972797 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.639" 1126972797 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} and HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.639" 1126972797 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.640" 1126972797 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.640" 1126972797 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} and HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.640" 1126972797 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017003952812\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:53.641" 1126972797 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:41:53.641" 1126972797 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} and HKU\S-1-5-21-2771466343-972908901-1180683727-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09232017004010151\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:41:56.764" 1126975917 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 00:42:17.828" 1126996993 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\938e2f70-a019-11e7-af4f-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:42:19.230" 1126998397 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 00:42:19.230" 1126998397 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 00:42:19.230" 1126998397 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 00:42:19.230" 1126998397 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 00:42:19.236" 1126998397 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 00:42:19.236" 1126998397 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 00:42:19.236" 1126998397 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2866]" 09/23/17 " 00:42:19.501" 1126998662 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|05630A6053652D7528572A662FD9C422EB0CAD2D91508CF85748AFE6802C027C' in Hubble cache, white list status = 'WhiteListed'" 09/23/17 " 00:42:19.501" 1126998662 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\94ca849c-a019-11e7-b153-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/23/17 " 00:42:19.501" 1126998662 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\94ca849c-a019-11e7-b153-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:42:19.564" 1126998724 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 00:42:19.564" 1126998724 152c 13e8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 00:42:19.862" 1126999021 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\95288484-a019-11e7-a035-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:42:20.202" 1126999364 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\95470972-a019-11e7-905c-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:42:21.593" 1127000752 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\963b3100-a019-11e7-a223-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:42:22.826" 1127001985 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\96473f22-a019-11e7-8763-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:42:23.577" 1127002734 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\9737bd26-a019-11e7-b609-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:42:24.050" 1127003217 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\97889d72-a019-11e7-81c6-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:42:24.373" 1127003529 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\97baf8d0-a019-11e7-a6c7-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:42:33.768" 1127012921 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE" 09/23/17 " 00:42:33.769" 1127012936 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:42:34.620" 1127013779 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE'" 09/23/17 " 00:42:34.620" 1127013779 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE' => None:Unknown" 09/23/17 " 00:42:34.620" 1127013779 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE' => None:Unknown" 09/23/17 " 00:42:34.620" 1127013779 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:42:34.621" 1127013779 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:43:42.395" 1127081561 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.BrowserExtensions, FilePath=C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS\UNINSTALL.EXE" 09/23/17 " 00:43:42.396" 1127081561 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:43:42.398" 1127081561 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS\UNINSTALL.EXE and C:\Users\MANNERPANNER\AppData\Roaming\BROWSEREXTENSIONS\UNINSTALL.EXE" 09/23/17 " 00:43:42.403" 1127081561 152c 11c4 INFO CleanControllerImpl PreCleanEngine::GetCleanItemsAndProcessedPaths "PreCleanEngine.cpp" 378 "Ignoring clean item because it is a duplicate, C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS and C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions" 09/23/17 " 00:44:19.412" 1127118564 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\PRG7297.TMP' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:44:43.995" 1127143150 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\eb08a794-a019-11e7-a676-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:45:19.464" 1127178625 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\DESKTOP\RESISTOR CALCULATOR.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:45:30.704" 1127189857 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\EXPRESSZIP-940-3\ZLIB1V2.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:45:39.631" 1127198796 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\{841A5B0E-F74F-4665-B2C7-A63B9B923D82}\SYSTEMADMIN.EXE' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:45:56.106" 1127215269 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\15e0fe94-a01a-11e7-8aa6-d43d7eb62193' (shuriken) => Hubble:BlackListed" 09/23/17 " 00:45:56.110" 1127215269 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:45:56.870" 1127216034 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE'" 09/23/17 " 00:45:56.870" 1127216034 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE' => None:Unknown" 09/23/17 " 00:45:56.870" 1127216034 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\MANNERPANNER\AppData\Local\Temp\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE' => None:Unknown" 09/23/17 " 00:45:56.870" 1127216034 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:45:56.871" 1127216034 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:45:56.898" 1127216065 152c 11c4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=Adware.Downloader, FilePath=C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\BDDE-B5A0-E1CA-0535.EXE" 09/23/17 " 00:45:56.899" 1127216065 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/23/17 " 00:45:57.584" 1127216751 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\BDDE-B5A0-E1CA-0535.EXE'" 09/23/17 " 00:45:57.584" 1127216751 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\BDDE-B5A0-E1CA-0535.EXE' => None:Unknown" 09/23/17 " 00:45:57.584" 1127216751 152c 11c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\MANNERPANNER\AppData\Local\Temp\BDDE-B5A0-E1CA-0535.EXE' => None:Unknown" 09/23/17 " 00:45:57.584" 1127216751 152c 11c4 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/23/17 " 00:45:57.584" 1127216751 152c 11c4 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/23/17 " 00:46:39.437" 1127258591 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2fe3da64-a01a-11e7-8e15-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:46:39.881" 1127259043 152c 049c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2ff343e6-a01a-11e7-9b59-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/23/17 " 00:48:04.788" 1127343955 152c 19e4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 144 "Shutting down linker, waiting for it to complete" 09/23/17 " 00:48:04.788" 1127343955 152c 19e4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::UnInit "Linker.cpp" 131 "Un-initializing linker" 09/23/17 " 00:48:05.312" 1127344469 152c 19e4 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 144 "Shutting down linker, waiting for it to complete" 09/23/17 " 00:48:05.885" 1127345047 152c 19e4 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::PerformScan "Scanner.cpp" 1017 "Scan completed." 09/23/17 " 00:48:05.885" 1127345047 152c 19e4 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/23/17 " 00:48:06.068" 1127345234 152c 19e4 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/23/17 " 00:48:06.112" 1127345265 152c 19e4 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/23/17 " 00:48:06.289" 1127345452 152c 19e4 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/23/17 " 00:48:10.543" 1127349695 152c 19e4 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/23/17 " 00:53:58.661" 1127697827 152c 0d34 INFO CleanControllerImpl Cleaner::Clean "Cleaner.cpp" 55 "Start of clean, client 'MbamUI', detection results 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\31c922cc-a019-11e7-bf1a-d43d7eb62193.json'" 09/23/17 " 00:53:58.803" 1127697968 152c 0d34 INFO CleanControllerImpl DOREngine::PreCleanIsRebootRequired "DOREngine.cpp" 119 "Must reboot, special file C:\Users\MANNERPANNER\AppData\Roaming\BROWSEREXTENSIONS\UNINSTALL.EXE" 09/23/17 " 00:53:58.803" 1127697968 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS\UNINSTALL.EXE" 09/23/17 " 00:53:58.812" 1127697968 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}" 09/23/17 " 00:53:59.385" 1127698545 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe" 09/23/17 " 00:53:59.394" 1127698561 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe" 09/23/17 " 00:53:59.397" 1127698561 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe" 09/23/17 " 00:53:59.399" 1127698561 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll" 09/23/17 " 00:53:59.402" 1127698561 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll" 09/23/17 " 00:53:59.405" 1127698561 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll" 09/23/17 " 00:53:59.410" 1127698576 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll" 09/23/17 " 00:53:59.415" 1127698576 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:53:59.587" 1127698748 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:53:59.707" 1127698873 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:53:59.816" 1127698982 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:53:59.927" 1127699091 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:00.026" 1127699185 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:00.137" 1127699294 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:00.234" 1127699387 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:00.333" 1127699497 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:00.428" 1127699590 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:00.516" 1127699684 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\SEARCHPLUGINS\YAHOO_FF.XML" 09/23/17 " 00:54:00.518" 1127699684 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS" 09/23/17 " 00:54:00.606" 1127699762 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineRegKey "QuarantineEngine.cpp" 513 "Quarantining HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}" 09/23/17 " 00:54:00.691" 1127699855 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/23/17 " 00:54:00.693" 1127699855 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/23/17 " 00:54:00.695" 1127699855 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE" 09/23/17 " 00:54:00.943" 1127700105 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE" 09/23/17 " 00:54:00.999" 1127700152 152c 0d34 INFO CleanControllerImpl QuarantineEngine::QuarantineFile "QuarantineEngine.cpp" 373 "Quarantining C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\BDDE-B5A0-E1CA-0535.EXE" 09/23/17 " 00:54:01.106" 1127700261 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS\UNINSTALL.EXE" 09/23/17 " 00:54:01.127" 1127700292 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS\UNINSTALL.EXE, anti-rootkit = false" 09/23/17 " 00:54:01.407" 1127700573 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MANNERPANNER\AppData\Roaming\BROWSEREXTENSIONS\UNINSTALL.EXE', resolved path = 'C:\Users\MANNERPANNER\AppData\Roaming\BROWSEREXTENSIONS\UNINSTALL.EXE'" 09/23/17 " 00:54:03.920" 1127703085 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MANNERPANNER\AppData\Roaming\BROWSEREXTENSIONS\UNINSTALL.EXE" 09/23/17 " 00:54:03.920" 1127703085 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS\UNINSTALL.EXE" 09/23/17 " 00:54:03.949" 1127703116 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MANNERPANNER\AppData\Roaming\BROWSEREXTENSIONS\UNINSTALL.EXE'" 09/23/17 " 00:54:03.949" 1127703116 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}" 09/23/17 " 00:54:03.955" 1127703116 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}, anti - rootkit = false" 09/23/17 " 00:54:03.956" 1127703116 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}" 09/23/17 " 00:54:03.956" 1127703116 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}" 09/23/17 " 00:54:03.959" 1127703116 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}'" 09/23/17 " 00:54:03.959" 1127703116 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe" 09/23/17 " 00:54:03.959" 1127703116 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe, anti-rootkit = false" 09/23/17 " 00:54:04.029" 1127703194 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe', resolved path = 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe'" 09/23/17 " 00:54:04.032" 1127703194 152c 0d34 ERROR CleanControllerImpl mb::common::io::NtFileSystemUtils::DeleteFileObject "NtFileSystemUtils.cpp" 216 "Error deleting '\??\C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe', error = 'Access is denied. ' (0xc0000121)" 09/23/17 " 00:54:04.552" 1127703709 152c 0d34 ERROR CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1397 "Verification of deleting file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe failed!" 09/23/17 " 00:54:04.552" 1127703709 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1499 "Scheduling DOR cleaning for file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe" 09/23/17 " 00:54:04.553" 1127703709 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe" 09/23/17 " 00:54:04.554" 1127703709 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 637 "Completed quarantining and DOR queueing File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe'" 09/23/17 " 00:54:04.554" 1127703709 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe" 09/23/17 " 00:54:04.555" 1127703709 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe, anti-rootkit = false" 09/23/17 " 00:54:04.603" 1127703771 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe', resolved path = 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe'" 09/23/17 " 00:54:04.943" 1127704099 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe" 09/23/17 " 00:54:04.943" 1127704099 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe" 09/23/17 " 00:54:04.945" 1127704099 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe'" 09/23/17 " 00:54:04.945" 1127704099 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe" 09/23/17 " 00:54:04.946" 1127704099 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe, anti-rootkit = false" 09/23/17 " 00:54:04.966" 1127704130 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe', resolved path = 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe'" 09/23/17 " 00:54:05.249" 1127704411 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe" 09/23/17 " 00:54:05.250" 1127704411 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe" 09/23/17 " 00:54:05.252" 1127704411 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe'" 09/23/17 " 00:54:05.252" 1127704411 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll" 09/23/17 " 00:54:05.252" 1127704411 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll, anti-rootkit = false" 09/23/17 " 00:54:05.279" 1127704442 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll', resolved path = 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll'" 09/23/17 " 00:54:05.507" 1127704660 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll" 09/23/17 " 00:54:05.507" 1127704660 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll" 09/23/17 " 00:54:05.509" 1127704676 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll'" 09/23/17 " 00:54:05.509" 1127704676 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll" 09/23/17 " 00:54:05.510" 1127704676 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll, anti-rootkit = false" 09/23/17 " 00:54:05.534" 1127704691 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll', resolved path = 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll'" 09/23/17 " 00:54:05.757" 1127704910 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll" 09/23/17 " 00:54:05.757" 1127704910 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll" 09/23/17 " 00:54:05.760" 1127704925 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll'" 09/23/17 " 00:54:05.760" 1127704925 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll" 09/23/17 " 00:54:05.760" 1127704925 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll, anti-rootkit = false" 09/23/17 " 00:54:05.799" 1127704957 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll', resolved path = 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll'" 09/23/17 " 00:54:06.065" 1127705222 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll" 09/23/17 " 00:54:06.065" 1127705222 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll" 09/23/17 " 00:54:06.067" 1127705222 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll'" 09/23/17 " 00:54:06.067" 1127705222 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll" 09/23/17 " 00:54:06.068" 1127705222 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll, anti-rootkit = false" 09/23/17 " 00:54:06.118" 1127705284 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll', resolved path = 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll'" 09/23/17 " 00:54:06.391" 1127705549 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll" 09/23/17 " 00:54:06.391" 1127705549 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll" 09/23/17 " 00:54:06.393" 1127705549 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll'" 09/23/17 " 00:54:06.393" 1127705549 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegValue HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS" 09/23/17 " 00:54:06.394" 1127705549 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegValue "RemovalEngine.cpp" 136 "Cleaning reg value HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS" 09/23/17 " 00:54:06.394" 1127705549 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg value HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS" 09/23/17 " 00:54:06.394" 1127705549 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS" 09/23/17 " 00:54:06.396" 1127705549 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS'" 09/23/17 " 00:54:06.396" 1127705549 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of Process C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe" 09/23/17 " 00:54:06.397" 1127705565 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 621 "Succeeded remediating (but did not quarantine) Process 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe'" 09/23/17 " 00:54:06.397" 1127705565 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of Module C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe" 09/23/17 " 00:54:06.397" 1127705565 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 621 "Succeeded remediating (but did not quarantine) Module 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe'" 09/23/17 " 00:54:06.397" 1127705565 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.397" 1127705565 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, anti - rootkit = false" 09/23/17 " 00:54:06.400" 1127705565 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.400" 1127705565 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.402" 1127705565 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:06.402" 1127705565 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.403" 1127705565 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, anti - rootkit = false" 09/23/17 " 00:54:06.404" 1127705565 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.405" 1127705565 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.407" 1127705565 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:06.407" 1127705565 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.408" 1127705565 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, anti - rootkit = false" 09/23/17 " 00:54:06.410" 1127705565 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.410" 1127705565 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.412" 1127705565 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:06.412" 1127705565 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.413" 1127705581 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, anti - rootkit = false" 09/23/17 " 00:54:06.414" 1127705581 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.414" 1127705581 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.416" 1127705581 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:06.416" 1127705581 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.417" 1127705581 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, anti - rootkit = false" 09/23/17 " 00:54:06.417" 1127705581 152c 0d34 WARNING Permissions mb::common::system::Permissions::ResetRegKeyPermissions "Permissions.cpp" 246 "Error opening reg key HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, Error = The system cannot find the file specified. (0x2)." 09/23/17 " 00:54:06.417" 1127705581 152c 0d34 WARNING RegistryUtils mb::common::system::RegistryUtils::DeleteKeyImpl "RegistryUtils.cpp" 1789 "Failed to open reg key HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, wow64 = 0x0, The system cannot find the file specified. (0x2)" 09/23/17 " 00:54:06.417" 1127705581 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.417" 1127705581 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.420" 1127705581 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:06.420" 1127705581 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.420" 1127705581 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, anti - rootkit = false" 09/23/17 " 00:54:06.421" 1127705581 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.421" 1127705581 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.423" 1127705581 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:06.423" 1127705581 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.423" 1127705581 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, anti - rootkit = false" 09/23/17 " 00:54:06.424" 1127705581 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.425" 1127705581 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" 09/23/17 " 00:54:06.427" 1127705581 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:06.427" 1127705581 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:06.427" 1127705581 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, anti - rootkit = false" 09/23/17 " 00:54:06.427" 1127705581 152c 0d34 WARNING Permissions mb::common::system::Permissions::ResetRegKeyPermissions "Permissions.cpp" 246 "Error opening reg key HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, Error = The system cannot find the file specified. (0x2)." 09/23/17 " 00:54:06.428" 1127705596 152c 0d34 WARNING RegistryUtils mb::common::system::RegistryUtils::DeleteKeyImpl "RegistryUtils.cpp" 1789 "Failed to open reg key HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, wow64 = 0x0, The system cannot find the file specified. (0x2)" 09/23/17 " 00:54:06.428" 1127705596 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:06.428" 1127705596 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:06.430" 1127705596 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32'" 09/23/17 " 00:54:06.430" 1127705596 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:06.431" 1127705596 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, anti - rootkit = false" 09/23/17 " 00:54:06.431" 1127705596 152c 0d34 WARNING Permissions mb::common::system::Permissions::ResetRegKeyPermissions "Permissions.cpp" 246 "Error opening reg key HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, Error = The system cannot find the file specified. (0x2)." 09/23/17 " 00:54:06.431" 1127705596 152c 0d34 WARNING RegistryUtils mb::common::system::RegistryUtils::DeleteKeyImpl "RegistryUtils.cpp" 1789 "Failed to open reg key HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, wow64 = 0x0, The system cannot find the file specified. (0x2)" 09/23/17 " 00:54:06.431" 1127705596 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:06.431" 1127705596 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:06.433" 1127705596 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32'" 09/23/17 " 00:54:06.434" 1127705596 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:06.434" 1127705596 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, anti - rootkit = false" 09/23/17 " 00:54:06.434" 1127705596 152c 0d34 WARNING Permissions mb::common::system::Permissions::ResetRegKeyPermissions "Permissions.cpp" 246 "Error opening reg key HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, Error = The system cannot find the file specified. (0x2)." 09/23/17 " 00:54:06.435" 1127705596 152c 0d34 WARNING RegistryUtils mb::common::system::RegistryUtils::DeleteKeyImpl "RegistryUtils.cpp" 1789 "Failed to open reg key HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, wow64 = 0x0, The system cannot find the file specified. (0x2)" 09/23/17 " 00:54:06.435" 1127705596 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:06.435" 1127705596 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32" 09/23/17 " 00:54:06.437" 1127705596 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32'" 09/23/17 " 00:54:06.437" 1127705596 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of Folder C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS" 09/23/17 " 00:54:06.438" 1127705596 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFolder "RemovalEngine.cpp" 455 "Cleaning folder C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS" 09/23/17 " 00:54:06.438" 1127705596 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 692 "Deleting folder 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions' with no link targets" 09/23/17 " 00:54:06.461" 1127705627 152c 0d34 ERROR CleanControllerImpl mb::common::io::NtFileSystemUtils::DeleteFileObject "NtFileSystemUtils.cpp" 216 "Error deleting '\??\C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe', error = 'Access is denied. ' (0xc0000121)" 09/23/17 " 00:54:06.854" 1127706017 152c 0d34 ERROR CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets::::operator () "RemovalEngine.cpp" 814 "Could not delete file 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe'" 09/23/17 " 00:54:06.863" 1127706017 152c 0d34 ERROR CleanControllerImpl mb::common::io::NtFileSystemUtils::DeleteFileObject "NtFileSystemUtils.cpp" 216 "Error deleting '\??\C:\Users\MANNER~1\AppData\Roaming\BROWSE~1\BEHelper.exe', error = 'Access is denied. ' (0xc0000121)" 09/23/17 " 00:54:07.152" 1127706314 152c 0d34 ERROR CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets::::operator () "RemovalEngine.cpp" 814 "Could not delete file 'C:\Users\MANNER~1\AppData\Roaming\BROWSE~1\BEHelper.exe'" 09/23/17 " 00:54:07.327" 1127706485 152c 0d34 ERROR CleanControllerImpl RemovalEngine::DeleteFolderNoLinkTargets "RemovalEngine.cpp" 933 "Verification of deleting folder 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions' failed!" 09/23/17 " 00:54:07.327" 1127706485 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1499 "Scheduling DOR cleaning for folder C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions" 09/23/17 " 00:54:07.327" 1127706485 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\USERS\MANNERPANNER\APPDATA\ROAMING\BROWSEREXTENSIONS" 09/23/17 " 00:54:07.329" 1127706485 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 637 "Completed quarantining and DOR queueing Folder 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions'" 09/23/17 " 00:54:07.329" 1127706485 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\SEARCHPLUGINS\YAHOO_FF.XML" 09/23/17 " 00:54:07.329" 1127706485 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\SEARCHPLUGINS\YAHOO_FF.XML, anti-rootkit = false" 09/23/17 " 00:54:07.445" 1127706610 152c 0d34 ERROR CleanControllerImpl mb::swissarmyclientutils::SwissArmyShimLoader::BreakFile "SwissArmyShimLoader.cpp" 247 "BreakFile failed for C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\SEARCHPLUGINS\yahoo_ff.xml; status=1" 09/23/17 " 00:54:07.445" 1127706610 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\SEARCHPLUGINS\yahoo_ff.xml', resolved path = 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\SEARCHPLUGINS\yahoo_ff.xml'" 09/23/17 " 00:54:07.707" 1127706860 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\SEARCHPLUGINS\yahoo_ff.xml" 09/23/17 " 00:54:07.708" 1127706875 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\SEARCHPLUGINS\YAHOO_FF.XML" 09/23/17 " 00:54:07.710" 1127706875 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\SEARCHPLUGINS\yahoo_ff.xml'" 09/23/17 " 00:54:07.710" 1127706875 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegValue HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_VER" 09/23/17 " 00:54:07.710" 1127706875 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegValue "RemovalEngine.cpp" 136 "Cleaning reg value HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_VER" 09/23/17 " 00:54:07.711" 1127706875 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg value HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_VER" 09/23/17 " 00:54:07.711" 1127706875 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_VER" 09/23/17 " 00:54:07.712" 1127706875 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_VER'" 09/23/17 " 00:54:07.712" 1127706875 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS" 09/23/17 " 00:54:07.713" 1127706875 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS, anti - rootkit = false" 09/23/17 " 00:54:07.715" 1127706875 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS" 09/23/17 " 00:54:07.715" 1127706875 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS" 09/23/17 " 00:54:07.717" 1127706875 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS'" 09/23/17 " 00:54:07.717" 1127706875 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegValue HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE" 09/23/17 " 00:54:07.718" 1127706875 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegValue "RemovalEngine.cpp" 136 "Cleaning reg value HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE" 09/23/17 " 00:54:07.718" 1127706875 152c 0d34 INFO CleanControllerImpl CommonCleanUtils::FixupSystemRegistryValues "CommonCleanUtils.cpp" 433 "Rebuilding system registry values." 09/23/17 " 00:54:07.719" 1127706875 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg value HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE" 09/23/17 " 00:54:07.719" 1127706875 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE" 09/23/17 " 00:54:07.721" 1127706875 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE'" 09/23/17 " 00:54:07.721" 1127706875 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegValue HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}|URL" 09/23/17 " 00:54:07.722" 1127706875 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegValue "RemovalEngine.cpp" 136 "Cleaning reg value HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}|URL" 09/23/17 " 00:54:07.722" 1127706875 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg value HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}|URL" 09/23/17 " 00:54:07.722" 1127706875 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}|URL" 09/23/17 " 00:54:07.724" 1127706891 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegValue 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}|URL'" 09/23/17 " 00:54:07.724" 1127706891 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of RegKey HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}" 09/23/17 " 00:54:07.724" 1127706891 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveRegKey "RemovalEngine.cpp" 382 "Cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}, anti - rootkit = false" 09/23/17 " 00:54:07.725" 1127706891 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning reg key HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}" 09/23/17 " 00:54:07.725" 1127706891 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}" 09/23/17 " 00:54:07.727" 1127706891 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining RegKey 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}'" 09/23/17 " 00:54:07.727" 1127706891 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/23/17 " 00:54:07.728" 1127706891 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS, anti-rootkit = false" 09/23/17 " 00:54:07.777" 1127706938 152c 0d34 ERROR CleanControllerImpl mb::swissarmyclientutils::SwissArmyShimLoader::BreakFile "SwissArmyShimLoader.cpp" 247 "BreakFile failed for C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js; status=1" 09/23/17 " 00:54:07.777" 1127706938 152c 0d34 INFO CleanControllerImpl RemovalEngine::ReplaceFileText "RemovalEngine.cpp" 1409 "Replace file C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js text contents" 09/23/17 " 00:54:07.780" 1127706938 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js" 09/23/17 " 00:54:07.780" 1127706938 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/23/17 " 00:54:07.782" 1127706938 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js'" 09/23/17 " 00:54:07.782" 1127706938 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/23/17 " 00:54:07.783" 1127706938 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS, anti-rootkit = false" 09/23/17 " 00:54:07.784" 1127706938 152c 0d34 ERROR CleanControllerImpl mb::swissarmyclientutils::SwissArmyShimLoader::BreakFile "SwissArmyShimLoader.cpp" 247 "BreakFile failed for C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js; status=1" 09/23/17 " 00:54:07.784" 1127706938 152c 0d34 INFO CleanControllerImpl RemovalEngine::ReplaceFileText "RemovalEngine.cpp" 1409 "Replace file C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js text contents" 09/23/17 " 00:54:07.787" 1127706953 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js" 09/23/17 " 00:54:07.787" 1127706953 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/23/17 " 00:54:07.790" 1127706953 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js'" 09/23/17 " 00:54:07.790" 1127706953 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE" 09/23/17 " 00:54:07.790" 1127706953 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE, anti-rootkit = false" 09/23/17 " 00:54:08.128" 1127707281 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE', resolved path = 'C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE'" 09/23/17 " 00:54:08.524" 1127707687 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE" 09/23/17 " 00:54:08.525" 1127707687 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE" 09/23/17 " 00:54:08.527" 1127707687 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE'" 09/23/17 " 00:54:08.527" 1127707687 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE" 09/23/17 " 00:54:08.527" 1127707687 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE, anti-rootkit = false" 09/23/17 " 00:54:08.663" 1127707827 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MANNERPANNER\AppData\Local\Temp\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE', resolved path = 'C:\Users\MANNERPANNER\AppData\Local\Temp\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE'" 09/23/17 " 00:54:09.203" 1127708357 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MANNERPANNER\AppData\Local\Temp\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE" 09/23/17 " 00:54:09.203" 1127708357 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE" 09/23/17 " 00:54:09.205" 1127708357 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MANNERPANNER\AppData\Local\Temp\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE'" 09/23/17 " 00:54:09.205" 1127708357 152c 0d34 INFO CleanControllerImpl Cleaner::RemediateAndWriteMetadata "Cleaner.cpp" 313 "Starting cleaning of File C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\BDDE-B5A0-E1CA-0535.EXE" 09/23/17 " 00:54:09.206" 1127708373 152c 0d34 INFO CleanControllerImpl RemovalEngine::RemoveFile "RemovalEngine.cpp" 1148 "Cleaning file C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\BDDE-B5A0-E1CA-0535.EXE, anti-rootkit = false" 09/23/17 " 00:54:09.520" 1127708685 152c 0d34 INFO CleanControllerImpl RemovalEngine::DeleteFileAPI "RemovalEngine.cpp" 1311 "Deleting file 'C:\Users\MANNERPANNER\AppData\Local\Temp\BDDE-B5A0-E1CA-0535.EXE', resolved path = 'C:\Users\MANNERPANNER\AppData\Local\Temp\BDDE-B5A0-E1CA-0535.EXE'" 09/23/17 " 00:54:09.813" 1127708966 152c 0d34 INFO CleanControllerImpl RemovalEngine::LogCleanResult "RemovalEngine.cpp" 1484 "Succeeded cleaning file C:\Users\MANNERPANNER\AppData\Local\Temp\BDDE-B5A0-E1CA-0535.EXE" 09/23/17 " 00:54:09.814" 1127708981 152c 0d34 INFO CleanControllerImpl QuarantineEngine::CopyMetadataToQuarantine "QuarantineEngine.cpp" 134 "Copying quarantine metadata for C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\BDDE-B5A0-E1CA-0535.EXE" 09/23/17 " 00:54:09.816" 1127708981 152c 0d34 INFO CleanControllerImpl QuarantineEngine::LogQuarantineResult "QuarantineEngine.cpp" 617 "Succeeded quarantining File 'C:\Users\MANNERPANNER\AppData\Local\Temp\BDDE-B5A0-E1CA-0535.EXE'" 09/23/17 " 00:54:09.816" 1127708981 152c 0d34 INFO CleanControllerImpl Cleaner::RebuildSystemRegistryValues "Cleaner.cpp" 442 "Rebuilding system registry values." 09/23/17 " 00:54:09.817" 1127708981 152c 0d34 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 425 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages, from 'scecli^^' to 'scecli'." 09/23/17 " 00:54:09.818" 1127708981 152c 0d34 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 425 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages, from 'kerberos^msv1_0^schannel^wdigest^tspkg^pku2u^^' to 'kerberos^msv1_0^schannel^wdigest^tspkg^pku2u'." 09/23/17 " 00:54:09.818" 1127708981 152c 0d34 INFO CleanControllerImpl Cleaner::RebuildRegistryValueEx "Cleaner.cpp" 425 "Successfully rebuilt registry value at HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages, from 'msv1_0^^' to 'msv1_0'." 09/23/17 " 00:54:09.845" 1127708997 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MANNERPANNER\AppData\Roaming\BROWSEREXTENSIONS\UNINSTALL.EXE'" 09/23/17 " 00:54:10.258" 1127709418 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}'" 09/23/17 " 00:54:10.327" 1127709481 152c 0d34 ERROR CleanControllerImpl mb::swissarmyclientutils::SwissArmyShimLoader::BreakFile "SwissArmyShimLoader.cpp" 247 "BreakFile failed for C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe; status=1" 09/23/17 " 00:54:10.327" 1127709481 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\BEHelper.exe'" 09/23/17 " 00:54:10.330" 1127709496 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button.exe'" 09/23/17 " 00:54:10.334" 1127709496 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Button64.exe'" 09/23/17 " 00:54:10.338" 1127709496 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap.dll'" 09/23/17 " 00:54:10.343" 1127709496 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\ButtonWrap64.dll'" 09/23/17 " 00:54:10.348" 1127709512 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons.dll'" 09/23/17 " 00:54:10.352" 1127709512 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions\Coupons64.dll'" 09/23/17 " 00:54:10.356" 1127709512 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryValue "SwissArmySDKWrapper.cpp" 212 "Scheduling delete registry value: 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BROWSER EXTENSIONS'" 09/23/17 " 00:54:10.360" 1127709527 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:10.363" 1127709527 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:10.367" 1127709527 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:10.371" 1127709527 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:10.376" 1127709543 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:10.380" 1127709543 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:10.383" 1127709543 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}'" 09/23/17 " 00:54:10.387" 1127709543 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32'" 09/23/17 " 00:54:10.390" 1127709543 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32'" 09/23/17 " 00:54:10.393" 1127709559 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32'" 09/23/17 " 00:54:10.396" 1127709559 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteDirectory "SwissArmySDKWrapper.cpp" 196 "Scheduling delete directory: 'C:\Users\MannerPanner\AppData\Roaming\BrowserExtensions'" 09/23/17 " 00:54:10.516" 1127709683 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\SEARCHPLUGINS\yahoo_ff.xml'" 09/23/17 " 00:54:10.519" 1127709683 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryValue "SwissArmySDKWrapper.cpp" 212 "Scheduling delete registry value: 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_VER'" 09/23/17 " 00:54:10.523" 1127709683 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS'" 09/23/17 " 00:54:10.526" 1127709683 152c 0d34 INFO CleanControllerImpl CommonCleanUtils::FixupSystemRegistryValues "CommonCleanUtils.cpp" 433 "Rebuilding system registry values." 09/23/17 " 00:54:10.526" 1127709683 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleWriteRegistryValue "SwissArmySDKWrapper.cpp" 204 "Scheduling write registry value: 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE'" 09/23/17 " 00:54:10.529" 1127709683 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryValue "SwissArmySDKWrapper.cpp" 212 "Scheduling delete registry value: 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}|URL'" 09/23/17 " 00:54:10.533" 1127709699 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteRegistryKey "SwissArmySDKWrapper.cpp" 220 "Scheduling delete registry key: 'HKU\S-1-5-21-2771466343-972908901-1180683727-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BEEE778D-C358-4AE2-80FC-EB1C64FABAFF}'" 09/23/17 " 00:54:10.592" 1127709746 152c 0d34 ERROR CleanControllerImpl mb::swissarmyclientutils::SwissArmyShimLoader::BreakFile "SwissArmyShimLoader.cpp" 247 "BreakFile failed for C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js; status=1" 09/23/17 " 00:54:10.593" 1127709746 152c 0d34 ERROR CleanControllerImpl mb::swissarmyclientutils::SwissArmyShimLoader::BreakFile "SwissArmyShimLoader.cpp" 247 "BreakFile failed for C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js; status=1" 09/23/17 " 00:54:10.660" 1127709824 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\PROGRAMDATA\FLV.COM FLV DOWNLOADER\YTD_INSTALLER.EXE'" 09/23/17 " 00:54:10.668" 1127709824 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MANNERPANNER\AppData\Local\Temp\{6D29ED71-8E6D-4703-9061-782D8C916361}\BROWSEREXTENSIONSSETUP.EXE'" 09/23/17 " 00:54:10.677" 1127709839 152c 0d34 INFO CleanControllerImpl mb::swissarmyclientutils::SwissArmySDKWrapper::ScheduleDeleteFile "SwissArmySDKWrapper.cpp" 188 "Scheduling delete file: 'C:\Users\MANNERPANNER\AppData\Local\Temp\BDDE-B5A0-E1CA-0535.EXE'" 09/23/17 " 00:54:10.690" 1127709855 152c 0d34 INFO CleanControllerImpl Cleaner::ExecutePostCleanupActions "Cleaner.cpp" 569 "Executing post-cleanup actions" 09/23/17 " 00:54:10.697" 1127709855 152c 0d34 INFO Actions ActionsManager::ProcessThreatActionsV2 "ActionsManager.cpp" 835 "Executing post cleanup actions" 09/23/17 " 00:54:10.703" 1127709855 152c 0d34 INFO CleanControllerImpl Cleaner::Clean "Cleaner.cpp" 260 "Completed clean from client MbamUI, detection results C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\31c922cc-a019-11e7-bf1a-d43d7eb62193.json, status DORRequired" 09/23/17 " 00:54:11.432" 1127710588 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::SetAutoStartOverrideDueToDOR "CleanControllerImpl.cpp" 2516 "Service auto-start override was set" 09/23/17 " 00:54:53.868" 1127753020 152c 17ec ERROR HttpConnection mb::common::net::HttpConnection::SendRequest "HttpConnection.cpp" 390 "Network error." 09/23/17 " 00:54:53.868" 1127753020 152c 17ec ERROR HttpConnection mb::common::net::HttpConnection::LogExceptionDetails "HttpConnection.cpp" 1472 "Exception details: text=No message received" 09/23/17 " 00:54:53.868" 1127753020 152c 17ec ERROR CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 398 "Error code -9 returned in PUT to Hubble" 09/23/17 " 00:54:53.868" 1127753020 152c 17ec INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe' (shuriken) => Hubble:Error" 09/23/17 " 00:55:08.273" 1127767435 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 349 "Stopping Service Controller" 09/23/17 " 00:55:08.288" 1127767451 152c 1bbc INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 381 "Stopping Self Protection Controller" 09/23/17 " 00:55:08.819" 1127767981 152c 1bbc INFO SPControllerModuleLoader SPControllerModuleLoader::UnloadImplementation "SPControllerModuleLoader.cpp" 96 "Unloaded the Self-Protection Controller implementation module." 09/23/17 " 00:55:08.819" 1127767981 152c 1bbc INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 390 "Successfully stopped Self Protection Controller" 09/23/17 " 00:55:08.819" 1127767981 152c 15b8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 398 "Stopping Anti-Exploit Controller" 09/23/17 " 00:55:08.819" 1127767981 152c 1c5c INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 419 "Stopping ARW Controller" 09/23/17 " 00:55:08.834" 1127767997 152c 1e64 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 437 "Stopping MWAC Controller" 09/23/17 " 00:55:08.834" 1127767997 152c 10c8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 456 "Stopping RTP Controller" 09/23/17 " 00:55:08.834" 1127767997 152c 10c8 INFO RtpSDK RtpUserImpl::Stop "RtpUserImpl.cpp" 281 "Rtp driver stopped." 09/23/17 " 00:55:08.834" 1127767997 152c 10c8 INFO RtpShim RtpShimImpl::Stop "RtpShimImpl.cpp" 242 "Rtp successfully stopped." 09/23/17 " 00:55:09.380" 1127768543 152c 10c8 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/23/17 " 00:55:09.443" 1127768605 152c 1e64 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/23/17 " 00:55:09.848" 1127769011 152c 1c5c INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StopProtection "ArwControllerImplHelper.cpp" 849 "Anti-Ransomware protection has been stopped." 09/23/17 " 00:55:09.848" 1127769011 152c 1c5c INFO ArwSDK "" 0 "ArwSdk: Logging stopped." 09/23/17 " 00:55:09.989" 1127769151 152c 1e64 INFO MwacControllerCOM CMwacControllerModuleLoader::UnloadImplementation "MWACControllerModuleLoader.cpp" 88 "Unloaded the Web Access Controller implementation module." 09/23/17 " 00:55:09.989" 1127769151 152c 1e64 INFO MWACControllerCOM CMWACController::Stop_impl "MWACController.cpp" 530 "The MWAC Controller impl is unloaded." 09/23/17 " 00:55:09.989" 1127769151 152c 1e64 INFO MWACControllerCOM CMWACController::StopV2 "MWACController.cpp" 282 "MWAC Controller shutdown complete" 09/23/17 " 00:55:10.191" 1127769354 152c 1c5c INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwShimModuleLoader::UnloadModule "ArwShimModuleLoader.cpp" 73 "Unloaded the Anti-Ransomware Sdk implementation module." 09/23/17 " 00:55:10.191" 1127769354 152c 1e64 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 448 "Successfully stopped MWAC Controller" 09/23/17 " 00:55:10.410" 1127769572 152c 1c5c INFO ArwControllerCOM CArwControllerModuleLoader::UnloadImplementation "ArwControllerModuleLoader.cpp" 86 "Unloaded the Anti-Ransomware Controller implementation module." 09/23/17 " 00:55:10.535" 1127769697 152c 10c8 INFO RTPControllerCOM CRTPControllerModuleLoader::UnloadImplementation "RTPControllerModuleLoader.cpp" 107 "Unloaded the RTP Controller implementation module." 09/23/17 " 00:55:10.535" 1127769697 152c 1c5c INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 428 "Successfully stopped ARW Controller" 09/23/17 " 00:55:10.535" 1127769697 152c 10c8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 465 "Successfully stopped RTP Controller" 09/23/17 " 00:55:10.815" 1127769978 152c 15b8 INFO AeShimImpl AeShimImpl::MbaeStop "AeShimImpl.cpp" 373 "MBAE stopped." 09/23/17 " 00:55:11.112" 1127770274 152c 15b8 INFO AEControllerModuleLoader CAeControllerModuleLoader::UnloadImplementation "AEControllerModuleLoader.cpp" 112 "Unloaded the Anti-Exploit Controller implementation module." 09/23/17 " 00:55:11.112" 1127770274 152c 15b8 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 407 "Successfully stopped Anti-Exploit Controller" 09/23/17 " 00:55:11.112" 1127770274 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 507 "Stopping Scan Controller" 09/23/17 " 00:55:11.439" 1127770602 152c 143c INFO ScanControllerCOM CScanControllerModuleLoader::UnloadImplementation "ScanControllerModuleLoader.cpp" 192 "Unloaded the Scan Controller implementation module." 09/23/17 " 00:55:11.439" 1127770602 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 516 "Successfully stopped Scan Controller" 09/23/17 " 00:55:11.439" 1127770602 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 523 "Stopping Clean Controller" 09/23/17 " 00:55:11.439" 1127770602 152c 143c INFO CleanController CCleanController::StopV2 "CleanController.cpp" 364 "Shutting down CleanController" 09/23/17 " 00:55:11.439" 1127770602 152c 143c INFO CleanControllerImpl CleanControllerImpl::StopV2 "CleanControllerImpl.cpp" 161 "Stopping Clean Controller Impl" 09/23/17 " 00:55:11.720" 1127770883 152c 0d34 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop::::operator () "CleanControllerImpl.cpp" 786 "Exiting CleanControllerImpl::ThreadLoop()" 09/23/17 " 00:55:12.297" 1127771460 152c 143c INFO CleanController CCleanController::StopV2 "CleanController.cpp" 399 "CleanController shutdown complete" 09/23/17 " 00:55:12.297" 1127771460 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 533 "Successfully stopped Clean Controller" 09/23/17 " 00:55:12.297" 1127771460 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 552 "Stopping Telemetry Controller" 09/23/17 " 00:55:12.391" 1127771553 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 561 "Successfully stopped Telemetry Controller" 09/23/17 " 00:55:12.391" 1127771553 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 568 "Stopping Cloud Controller" 09/23/17 " 00:55:12.438" 1127771600 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 577 "Successfully stopped Cloud Controller" 09/23/17 " 00:55:12.438" 1127771600 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 584 "Stopping Update Controller" 09/23/17 " 00:55:12.469" 1127771631 152c 143c INFO UpdateControllerCOM CUpdateControllerModuleLoader::UnloadImplementation "UpdateControllerModuleLoader.cpp" 129 "Unloaded the Update Controller implementation module." 09/23/17 " 00:55:12.469" 1127771631 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 593 "Successfully stopped Update Controller" 09/23/17 " 00:55:12.469" 1127771631 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 600 "Stopping License Controller" 09/23/17 " 00:55:12.500" 1127771663 152c 143c INFO LicenseControllerCOM CLicenseControllerModuleLoader::UnloadImplementation "LicenseControllerModuleLoader.cpp" 142 "Unloaded the License Controller implementation module." 09/23/17 " 00:55:12.500" 1127771663 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 609 "Successfully stopped License Controller" 09/23/17 " 00:55:12.500" 1127771663 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 616 "Stopping Policies Controller" 09/23/17 " 00:55:12.578" 1127771741 152c 143c INFO PoliciesControllerCOM CPoliciesControllerModuleLoader::UnloadImplementation "PoliciesControllerModuleLoader.cpp" 112 "Unloaded the Policies Controller implementation module." 09/23/17 " 00:55:12.578" 1127771741 152c 143c INFO PoliciesControllerCOM CPoliciesController::Stop "PoliciesController.cpp" 132 "Policies Controller shutdown complete" 09/23/17 " 00:55:12.578" 1127771741 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 625 "Successfully stopped Policies Controller" 09/23/17 " 00:55:12.578" 1127771741 152c 143c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 638 "Service Controller stopped successfully in 4.292 seconds." 09/23/17 " 00:55:12.578" 1127771741 152c 143c INFO LogController CLogController::Stop "LogController.cpp" 178 "Stopping logging" 09/23/17 " 00:57:48.630" 122398 0838 087c INFO LogController CLogController::Start "LogController.cpp" 86 "Started logging" 09/23/17 " 00:57:48.911" 122679 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 284 "Service Controller starting controller initialization" 09/23/17 " 00:57:48.911" 122679 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 285 "Product code MBAM-C" 09/23/17 " 00:57:48.911" 122679 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 286 "Product version 3.2.2.2029" 09/23/17 " 00:57:48.911" 122679 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 287 "Product build consumer" 09/23/17 " 00:57:48.911" 122679 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 288 "OS Version Windows 7 Service Pack 1" 09/23/17 " 00:57:52.094" 125861 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "ServiceControllerImplementation.cpp" 1870 "Policies Controller Started" 09/23/17 " 00:57:52.094" 125861 0838 087c INFO LicenseControllerCOM CLicenseController::Start "LicenseController.cpp" 98 "CLicenseController::Start" 09/23/17 " 00:57:52.530" 126298 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "ServiceControllerImplementation.cpp" 1899 "License Controller Started" 09/23/17 " 00:57:52.952" 126719 0838 087c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "UpdateControllerImplHelper.cpp" 250 "COMPONENT PACKAGE VERSION: 1.0.188, DB PACKAGE VERSION: 1.0.2866" 09/23/17 " 00:57:53.139" 126906 0838 087c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 00:58:14.386" 148154 0838 087c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 00:58:14.386" 148154 0838 087c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 00:58:14.386" 148154 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "ServiceControllerImplementation.cpp" 1928 "Update Controller Started" 09/23/17 " 00:58:15.072" 148840 0838 087c INFO CloudController CCloudController::Start "CloudController.cpp" 101 "CCloudController::Initialize" 09/23/17 " 00:58:15.353" 149121 0838 087c INFO CloudCtrlImpl Initialize "CloudControllerImpl.cpp" 58 "CC Initialize called" 09/23/17 " 00:58:16.726" 150494 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "ServiceControllerImplementation.cpp" 1958 "Cloud Controller Started" 09/23/17 " 00:58:16.742" 150509 0838 087c INFO TelemController CTelemetryController::Start_impl "TelemetryController.cpp" 116 "::Initialize" 09/23/17 " 00:58:17.038" 150806 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartTelemetryController "ServiceControllerImplementation.cpp" 2017 "Telemetry Controller Started" 09/23/17 " 00:58:17.069" 150837 0838 087c INFO CleanController CCleanController::Start "CleanController.cpp" 150 "Initializing CleanController" 09/23/17 " 00:58:17.350" 151118 0838 087c INFO CleanControllerImpl CleanControllerImpl::Start "CleanControllerImpl.cpp" 86 "Starting Clean Controller Impl" 09/23/17 " 00:58:17.459" 151227 0838 01bc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 800 "Initializing system paths and resolving DOR status" 09/23/17 " 00:58:17.771" 151539 0838 087c INFO CleanController CCleanController::Start::::operator () "CleanController.cpp" 151 "CleanController initialization complete" 09/23/17 " 00:58:17.771" 151539 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartCleanController "ServiceControllerImplementation.cpp" 2078 "Clean Controller Started" 09/23/17 " 00:58:20.657" 154425 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartScanController "ServiceControllerImplementation.cpp" 2107 "Scan Controller Started" 09/23/17 " 00:58:21.016" 154784 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartRtpController "ServiceControllerImplementation.cpp" 2136 "RTP Controller Started" 09/23/17 " 00:58:21.016" 154784 0838 087c INFO MWACControllerCOM CMWACController::StartV2 "MWACController.cpp" 231 "Initializing MWAC Controller" 09/23/17 " 00:58:21.578" 155345 0838 087c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::IsLicenseStateValid "MWACControllerImplHelper.cpp" 487 "license state is: Trial" 09/23/17 " 00:58:21.578" 155345 0838 087c INFO MWACControllerCOM CMWACController::StartV2::::operator () "MWACController.cpp" 232 "MWAC Controller initialization complete" 09/23/17 " 00:58:21.578" 155345 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartMWACController "ServiceControllerImplementation.cpp" 2166 "MWAC Controller Started" 09/23/17 " 00:58:22.529" 156297 0838 0a78 INFO RtpShim RtpShimImpl::Install "RtpShimImpl.cpp" 139 "rtp.dll was successfully loaded. rtpPath=." 09/23/17 " 00:58:22.561" 156328 0838 0a78 INFO RtpSDK RtpUserImpl::Install "RtpUserImpl.cpp" 44 "MBAMProtector service is already installed. Remove it!" 09/23/17 " 00:58:22.561" 156328 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartArwController "ServiceControllerImplementation.cpp" 2198 "ARW Controller Started" 09/23/17 " 00:58:23.122" 156890 0838 0ab0 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwRulesHandler::LoadConfig "RulesHandler.cpp" 39 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwRulesConfig.json. Using default values." 09/23/17 " 00:58:24.448" 158216 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartAEController "ServiceControllerImplementation.cpp" 2227 "Anti-Exploit Controller Started" 09/23/17 " 00:58:24.448" 158216 0838 0bd4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::LoadAeSdk "AEControllerImplHelper.cpp" 270 "Load and initialize the MbaeSdk" 09/23/17 " 00:58:25.057" 158824 0838 0bd4 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 205 "mbae-api-na.dll was successfully loaded. aePath=." 09/23/17 " 00:58:25.587" 159355 0838 0bd4 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 220 "Successfully Initialized MBAE" 09/23/17 " 00:58:25.587" 159355 0838 0bd4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::InitializeV2::::operator () "AEControllerImplHelper.cpp" 236 "Start with Anti-Exploit enabled." 09/23/17 " 00:58:25.587" 159355 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeSetConfig "AeShimImpl.cpp" 249 "Successfully configured MBAE." 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeSetExclusions "AeShimImpl.cpp" 337 "Successfully set exclusion list" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winrar.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzip.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7z.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zFM.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zG.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (S7Z.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zextractor.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip32.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip64.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wzdisktools.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzipss.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cmd.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mshta.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winhlp32.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wscript.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (quicktimeplayer.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winamp.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (vlc.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mplayer2.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wmplayer.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (powerpnt.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excel.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excelc.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winword.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winwordc.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mspub.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (soffice.bin)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxitreader.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxit reader.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Foxit PhantomPDF.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FoxitPhantomPDF.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrord32.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrobat.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (java.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaw.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaws.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (dragon.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (waterfox.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tor.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tbb-firefox.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (palemoon.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cyberfox.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (icedragon.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (seamonkey.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (maxthon.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mxapploader.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_plugin_wrapper.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_wrapper_32.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (iexplore.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdge.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdgeCP.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (chrome.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (old_chrome.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (firefox.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (plugin-container.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FlashPlayerPlugin*.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (helpctr.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (fltldr.exe)" 09/23/17 " 00:58:25.634" 159401 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mbae-test.exe)" 09/23/17 " 00:58:29.003" 162771 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 119 "Verify Driver." 09/23/17 " 00:58:29.035" 162802 0838 087c INFO SPSDK VerifyDriver "SelfProtectionUser.cpp" 211 "Verifying SelfProtection driver." 09/23/17 " 00:58:29.035" 162802 0838 087c INFO CHAMCTRL CControlWatchdogDriver::VerifyDriver "ControlWatchdogDriver.cpp" 871 "Verifying Self Protection driver" 09/23/17 " 00:58:29.113" 162880 0838 087c INFO CHAMCTRL CControlWatchdogDriver::VerifyDriver "ControlWatchdogDriver.cpp" 1005 "SelfProtection driver is up to date!" 09/23/17 " 00:58:29.113" 162880 0838 087c INFO SPSDK VerifyDriver "SelfProtectionUser.cpp" 214 "SelfProtection driver was successfully Verified." 09/23/17 " 00:58:29.113" 162880 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 121 "Start SP protection." 09/23/17 " 00:58:29.113" 162880 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::StartProtection "SPControllerImplHelper.cpp" 879 "Enter StartProtection for SP controller." 09/23/17 " 00:59:17.941" 211708 0838 0bd4 INFO AeShimImpl AeShimImpl::MbaeStart "AeShimImpl.cpp" 358 "MBAE started." 09/23/17 " 00:59:17.941" 211708 0838 0bd4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::StartProtectionImpl "AEControllerImplHelper.cpp" 527 "Protection Started" 09/23/17 " 00:59:22.543" 216310 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\assistant.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:59:23.837" 217605 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/23/17 " 00:59:24.071" 217839 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\malwarebytes_assistant.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:59:27.051" 220819 0838 01bc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 821 "Processing pending actions" 09/23/17 " 00:59:27.644" 221412 0838 01bc INFO Actions ActionsManager::ProcessPendingActionsAfterReboot "ActionsManager.cpp" 962 "Executing pending post cleanup actions" 09/23/17 " 00:59:30.343" 224111 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbam.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:59:31.076" 224844 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/23/17 " 00:59:32.792" 226560 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MbamPt.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:59:35.085" 228853 0838 0a78 INFO RtpSDK RtpUserImpl::Start "RtpUserImpl.cpp" 230 "Rtp driver started." 09/23/17 " 00:59:35.085" 228853 0838 0a78 INFO RtpShim RtpShimImpl::Start "RtpShimImpl.cpp" 230 "Rtp successfully started." 09/23/17 " 00:59:35.085" 228853 0838 01bc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 906 "DOR has completed for 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\ScanResults\31c922cc-a019-11e7-bf1a-d43d7eb62193.json'" 09/23/17 " 00:59:35.085" 228853 0838 01bc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 925 "Initializing CLS Engine" 09/23/17 " 00:59:35.101" 228869 0838 01bc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 960 "Initializing swiss army SDK" 09/23/17 " 00:59:35.101" 228869 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMService.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:59:35.179" 228947 0838 01bc INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/23/17 " 00:59:35.179" 228947 0838 01bc INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/23/17 " 00:59:35.179" 228947 0838 01bc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 988 "Loading Hubble cache" 09/23/17 " 00:59:37.690" 231458 0838 01bc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1015 "Starting white list manager" 09/23/17 " 00:59:37.690" 231458 0838 01bc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1027 "Starting restore engine" 09/23/17 " 00:59:37.690" 231458 0838 01bc INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1042 "Entering into main loop" 09/23/17 " 00:59:37.768" 231536 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:59:38.377" 232145 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamwow.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:59:39.671" 233439 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMWsc.exe for GPEdit Ifeo Attacks." 09/23/17 " 00:59:39.671" 233439 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MALWAREBYTES ANTI-MALWARE\." 09/23/17 " 00:59:39.671" 233439 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/23/17 " 00:59:39.671" 233439 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/23/17 " 00:59:39.671" 233439 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/23/17 " 00:59:39.687" 233455 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/23/17 " 00:59:39.687" 233455 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MALWAREBYTES ANTI-MALWARE\." 09/23/17 " 00:59:39.687" 233455 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/23/17 " 00:59:39.687" 233455 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/23/17 " 00:59:39.687" 233455 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/23/17 " 00:59:39.687" 233455 0838 087c INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/23/17 " 00:59:39.687" 233455 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 1987 "Self-Protection Controller Started" 09/23/17 " 00:59:39.687" 233455 0838 087c INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 1989 "Start Service Controller complete" 09/23/17 " 00:59:39.703" 233471 0838 09f8 INFO ServiceControllerImpl ServiceControllerImplementation::SessionLogonNotificationImpl "ServiceControllerImplementation.cpp" 2457 "Notifying controllers of session logon" 09/23/17 " 00:59:39.703" 233471 0838 09f8 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 68 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe' in session 0x1" 09/23/17 " 00:59:39.703" 233471 0838 09f8 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 68 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x1" 09/23/17 " 00:59:53.602" 247370 0838 0ab0 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartArwProtection "ArwControllerImplHelper.cpp" 737 "Anti-Ransomware protection has been started." 09/23/17 " 01:00:45.169" 298944 0838 0a78 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe' (shuriken) => Hubble:WhiteListed" 09/23/17 " 01:00:54.763" 308538 0838 047c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|632825038F5975415D129CCB84682243360821857D250D7827E21A08DE855BCC' in Hubble cache, white list status = 'WhiteListed'" 09/23/17 " 01:00:54.763" 308538 0838 047c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe' in Hubble's cache, value = WhiteListed" 09/23/17 " 01:00:54.763" 308538 0838 047c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe' (shuriken) => Hubble:WhiteListed" 09/23/17 " 01:05:53.946" 607717 0838 04c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|D7A6092F0A2FECC08F19520A801084E821B4FCC4D588818A8D232AE9257E7EC0' in Hubble cache, white list status = 'WhiteListed'" 09/23/17 " 01:05:53.946" 607717 0838 04c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe' in Hubble's cache, value = WhiteListed" 09/23/17 " 01:05:53.946" 607717 0838 04c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe' (shuriken) => Hubble:WhiteListed" 09/23/17 " 01:06:27.299" 641070 0838 0a78 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|F2164C69C089E5F9A32207E6B36808861692FA923318BFF23447A34B2157CDEA' in Hubble cache, white list status = 'WhiteListed'" 09/23/17 " 01:06:27.299" 641070 0838 0a78 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe' in Hubble's cache, value = WhiteListed" 09/23/17 " 01:06:27.299" 641070 0838 0a78 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe' (shuriken) => Hubble:WhiteListed" 09/23/17 " 01:06:45.008" 658776 0838 047c ERROR HttpConnection mb::common::net::HttpConnection::SendRequest "HttpConnection.cpp" 390 "Network error." 09/23/17 " 01:06:45.008" 658776 0838 047c ERROR HttpConnection mb::common::net::HttpConnection::LogExceptionDetails "HttpConnection.cpp" 1472 "Exception details: text=No message received" 09/23/17 " 01:06:45.008" 658776 0838 047c ERROR CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::AreFilesWhiteListed "HubbleWhiteLister.cpp" 398 "Error code -9 returned in PUT to Hubble" 09/23/17 " 01:06:45.008" 658776 0838 047c INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe' (shuriken) => Hubble:Error" 09/23/17 " 01:09:52.959" 846726 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 01:09:53.271" 847038 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 01:09:53.271" 847038 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 01:09:53.271" 847038 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 01:09:53.271" 847038 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 01:09:54.894" 848661 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 01:09:54.894" 848661 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 01:09:54.894" 848661 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2866]" 09/23/17 " 01:09:55.190" 848957 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 01:09:55.190" 848957 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 01:14:58.221" 1151989 0838 1764 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 01:15:04.649" 1158416 0838 1114 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 01:15:07.550" 1161318 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 01:15:08.253" 1162020 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 01:25:00.292" 1754059 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Windows Media Player (wmplayer))" 09/23/17 " 01:46:57.109" 3070879 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:46:57.390" 3071160 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:47:00.167" 3073937 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:47:00.915" 3074686 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:47:05.729" 3079506 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:47:05.800" 3079568 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:47:06.564" 3080333 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:47:06.658" 3080426 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:47:06.824" 3080598 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:47:06.842" 3080614 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:47:46.622" 3120394 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 01:55:50.891" 3604668 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 02:08:00.234" 4334004 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 02:08:06.803" 4340571 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 02:08:07.644" 4341414 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 02:09:52.193" 4445966 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 02:09:52.521" 4446293 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 02:09:52.521" 4446293 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 02:09:52.521" 4446293 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 02:09:52.521" 4446293 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 02:09:52.525" 4446293 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 02:09:52.525" 4446293 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 02:09:52.526" 4446293 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2866]" 09/23/17 " 02:09:52.876" 4446652 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 02:09:52.876" 4446652 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 02:18:53.455" 4987227 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 03:09:52.885" 8046656 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 03:09:53.193" 8046968 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 03:09:53.193" 8046968 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 03:09:53.193" 8046968 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 03:09:53.193" 8046968 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 03:09:53.193" 8046968 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 03:09:53.193" 8046968 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 03:09:53.193" 8046968 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2866]" 09/23/17 " 03:09:53.498" 8047264 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 03:09:53.498" 8047264 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 04:09:52.513" 11646285 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 04:09:52.807" 11646582 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 04:09:52.807" 11646582 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 04:09:52.807" 11646582 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 04:09:52.807" 11646582 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 04:09:52.823" 11646597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 04:09:52.823" 11646597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 04:09:52.823" 11646597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2866]" 09/23/17 " 04:09:53.115" 11646894 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2867) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/23/17 " 04:09:53.115" 11646894 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2867) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/23/17 " 04:09:53.115" 11646894 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/23/17 " 04:09:53.415" 11647190 0838 16f4 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/23/17 " 04:09:53.620" 11647393 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/23/17 " 04:09:53.823" 11647596 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/23/17 " 04:09:53.979" 11647752 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/23/17 " 04:09:54.026" 11647799 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/23/17 " 04:10:02.204" 11655973 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/23/17 " 04:10:02.472" 11656238 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/23/17 " 04:10:02.713" 11656488 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/23/17 " 04:10:06.866" 11660637 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/23/17 " 04:10:06.866" 11660637 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/23/17 " 04:10:06.882" 11660653 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2867" 09/23/17 " 04:10:06.898" 11660669 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.23.02" 09/23/17 " 04:10:06.898" 11660669 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 04:10:07.221" 11660996 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 04:10:07.221" 11660996 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 04:10:07.317" 11661090 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 04:10:07.317" 11661090 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/23/17 " 04:10:07.317" 11661090 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/23/17 " 04:10:07.610" 11661386 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/23/17 " 04:10:07.611" 11661386 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/23/17 " 04:10:09.951" 11663726 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/23/17 " 04:10:17.255" 11671027 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/23/17 " 04:10:17.255" 11671027 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/23/17 " 04:22:37.570" 12411345 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 04:22:56.899" 12430674 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 04:23:42.781" 12476554 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 04:26:08.879" 12622649 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 04:28:26.014" 12759789 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 04:29:51.067" 12844841 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 04:59:59.305" 14653080 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:08:27.406" 15161175 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:09:52.325" 15246102 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 05:09:52.670" 15246445 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 05:09:52.670" 15246445 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 05:09:52.670" 15246445 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 05:09:52.670" 15246445 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 05:09:52.676" 15246445 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 05:09:52.676" 15246445 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 05:09:52.676" 15246445 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2867]" 09/23/17 " 05:09:53.053" 15246820 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2868) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/23/17 " 05:09:53.053" 15246820 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2868) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/23/17 " 05:09:53.053" 15246820 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/23/17 " 05:09:53.296" 15247069 0838 15a4 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/23/17 " 05:09:53.313" 15247085 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/23/17 " 05:09:53.651" 15247428 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/23/17 " 05:09:53.856" 15247631 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/23/17 " 05:09:53.861" 15247631 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/23/17 " 05:10:03.281" 15257053 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/23/17 " 05:10:03.580" 15257350 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/23/17 " 05:10:03.827" 15257599 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/23/17 " 05:10:08.592" 15262357 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/23/17 " 05:10:08.593" 15262357 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/23/17 " 05:10:08.593" 15262357 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2868" 09/23/17 " 05:10:08.595" 15262373 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.23.03" 09/23/17 " 05:10:08.599" 15262373 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 05:10:08.934" 15262701 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 05:10:08.934" 15262701 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 05:10:09.100" 15262872 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 05:10:09.100" 15262872 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/23/17 " 05:10:09.101" 15262872 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/23/17 " 05:10:09.477" 15263247 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/23/17 " 05:10:09.479" 15263247 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/23/17 " 05:10:11.973" 15265743 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/23/17 " 05:10:20.021" 15273792 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/23/17 " 05:10:20.035" 15273808 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/23/17 " 05:19:24.508" 15818282 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:25:25.391" 16179160 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:27:15.860" 16289624 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:27:33.987" 16307751 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:27:39.674" 16313445 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:27:46.086" 16319857 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:27:47.188" 16320965 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:27:48.170" 16321947 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 05:32:05.509" 16579287 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Windows Media Player (wmplayer))" 09/23/17 " 06:09:52.112" 18845887 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 06:09:52.422" 18846199 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 06:09:52.422" 18846199 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 06:09:52.422" 18846199 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 06:09:52.422" 18846199 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 06:09:52.422" 18846199 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 06:09:52.422" 18846199 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 06:09:52.422" 18846199 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2868]" 09/23/17 " 06:09:52.742" 18846511 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2869) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/23/17 " 06:09:52.742" 18846511 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2869) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/23/17 " 06:09:52.742" 18846511 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/23/17 " 06:09:53.032" 18846808 0838 165c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/23/17 " 06:09:53.282" 18847057 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/23/17 " 06:09:53.492" 18847260 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/23/17 " 06:09:53.632" 18847401 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/23/17 " 06:09:53.632" 18847401 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/23/17 " 06:10:01.822" 18855591 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/23/17 " 06:10:02.092" 18855856 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/23/17 " 06:10:02.322" 18856090 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/23/17 " 06:10:06.482" 18860255 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/23/17 " 06:10:06.482" 18860255 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/23/17 " 06:10:06.482" 18860255 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2869" 09/23/17 " 06:10:06.482" 18860255 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.23.04" 09/23/17 " 06:10:06.482" 18860255 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 06:10:06.792" 18860567 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 06:10:06.792" 18860567 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 06:10:06.912" 18860676 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 06:10:06.912" 18860676 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/23/17 " 06:10:06.912" 18860676 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/23/17 " 06:10:07.142" 18860910 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/23/17 " 06:10:07.142" 18860910 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/23/17 " 06:10:09.312" 18863079 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/23/17 " 06:10:16.612" 18870380 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/23/17 " 06:10:16.612" 18870380 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/23/17 " 06:32:17.174" 20190944 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 06:32:17.464" 20191240 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 06:32:19.144" 20192909 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 06:32:19.484" 20193253 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 06:32:20.014" 20193783 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 06:32:20.021" 20193799 0838 00d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 06:32:20.176" 20193955 0838 00d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 06:32:20.622" 20194391 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 06:32:20.990" 20194766 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 06:33:04.659" 20238430 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 07:09:52.948" 22446718 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 07:09:53.285" 22447061 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 07:09:53.285" 22447061 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 07:09:53.285" 22447061 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 07:09:53.285" 22447061 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 07:09:53.291" 22447061 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 07:09:53.291" 22447061 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 07:09:53.291" 22447061 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2869]" 09/23/17 " 07:09:53.661" 22447436 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 07:09:53.661" 22447436 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 07:56:09.863" 25223630 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 07:59:01.031" 25394809 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 07:59:01.970" 25395745 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:00:03.253" 25457023 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:09:52.665" 26046441 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 08:09:52.975" 26046753 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 08:09:52.975" 26046753 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 08:09:52.975" 26046753 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 08:09:52.975" 26046753 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 08:09:52.975" 26046753 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 08:09:52.975" 26046753 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 08:09:52.975" 26046753 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2869]" 09/23/17 " 08:09:53.285" 26047050 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 08:09:53.285" 26047050 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 08:39:46.195" 27839969 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:39:46.375" 27840141 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:39:46.735" 27840500 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:39:47.105" 27840874 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:39:47.800" 27841576 0838 16dc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:39:47.812" 27841576 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:39:48.072" 27841841 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:39:48.458" 27842231 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:39:49.101" 27842871 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:39:49.686" 27843464 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 08:40:32.424" 27886192 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 09:09:52.287" 29646055 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 09:09:52.597" 29646367 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 09:09:52.597" 29646367 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 09:09:52.597" 29646367 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 09:09:52.597" 29646367 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 09:09:52.597" 29646367 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 09:09:52.597" 29646367 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 09:09:52.597" 29646367 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2869]" 09/23/17 " 09:09:52.907" 29646679 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 09:09:52.907" 29646679 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 10:09:52.912" 33246683 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 10:09:53.212" 33246979 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 10:09:53.212" 33246979 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 10:09:53.212" 33246979 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 10:09:53.212" 33246979 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 10:09:53.222" 33246995 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 10:09:53.222" 33246995 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 10:09:53.222" 33246995 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2869]" 09/23/17 " 10:09:53.502" 33247276 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 10:09:53.502" 33247276 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 11:09:52.507" 36846281 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 11:09:52.807" 36846578 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 11:09:52.807" 36846578 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 11:09:52.807" 36846578 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 11:09:52.807" 36846578 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 11:09:52.817" 36846593 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 11:09:52.817" 36846593 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 11:09:52.817" 36846593 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2869]" 09/23/17 " 11:09:53.107" 36846874 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 11:09:53.107" 36846874 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 12:09:52.112" 40445880 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 12:09:52.422" 40446192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 12:09:52.422" 40446192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 12:09:52.422" 40446192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 12:09:52.422" 40446192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 12:09:52.422" 40446192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 12:09:52.422" 40446192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 12:09:52.422" 40446192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2869]" 09/23/17 " 12:09:52.742" 40446519 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2870) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/23/17 " 12:09:52.742" 40446519 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2870) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/23/17 " 12:09:52.742" 40446519 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/23/17 " 12:09:52.972" 40446738 0838 0b54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/23/17 " 12:09:52.992" 40446769 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/23/17 " 12:09:53.052" 40446816 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/23/17 " 12:09:53.182" 40446956 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/23/17 " 12:09:53.192" 40446956 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/23/17 " 12:10:02.842" 40456612 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/23/17 " 12:10:03.622" 40457392 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/23/17 " 12:10:04.122" 40457892 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/23/17 " 12:10:08.262" 40462026 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/23/17 " 12:10:08.262" 40462026 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/23/17 " 12:10:08.262" 40462026 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2870" 09/23/17 " 12:10:08.262" 40462026 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.23.05" 09/23/17 " 12:10:08.262" 40462026 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 12:10:08.572" 40462338 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 12:10:08.572" 40462338 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 12:10:08.682" 40462447 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 12:10:08.682" 40462447 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/23/17 " 12:10:08.682" 40462447 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/23/17 " 12:10:08.912" 40462681 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/23/17 " 12:10:08.912" 40462681 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/23/17 " 12:10:11.142" 40464912 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/23/17 " 12:10:18.392" 40472166 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/23/17 " 12:10:18.402" 40472166 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/23/17 " 13:09:52.687" 44046461 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 13:09:52.997" 44046773 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 13:09:52.997" 44046773 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 13:09:52.997" 44046773 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 13:09:52.997" 44046773 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 13:09:52.997" 44046773 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 13:09:52.997" 44046773 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 13:09:52.997" 44046773 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2870]" 09/23/17 " 13:09:53.307" 44047085 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 13:09:53.307" 44047085 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 14:09:52.312" 47646090 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 14:09:52.622" 47646386 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 14:09:52.622" 47646386 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 14:09:52.622" 47646386 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 14:09:52.622" 47646386 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 14:09:52.622" 47646386 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 14:09:52.622" 47646386 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 14:09:52.622" 47646386 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2870]" 09/23/17 " 14:09:52.912" 47646683 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 14:09:52.912" 47646683 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 15:09:52.917" 51246687 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 15:09:53.227" 51246999 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 15:09:53.227" 51246999 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 15:09:53.227" 51246999 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 15:09:53.227" 51246999 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 15:09:53.227" 51246999 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 15:09:53.227" 51246999 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 15:09:53.227" 51246999 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2870]" 09/23/17 " 15:09:53.517" 51247295 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 15:09:53.517" 51247295 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 16:09:52.522" 54846301 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 16:09:52.822" 54846597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 16:09:52.822" 54846597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 16:09:52.822" 54846597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 16:09:52.822" 54846597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 16:09:52.832" 54846597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 16:09:52.832" 54846597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 16:09:52.832" 54846597 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2870]" 09/23/17 " 16:09:53.132" 54846909 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2871) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/23/17 " 16:09:53.132" 54846909 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2871) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/23/17 " 16:09:53.132" 54846909 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/23/17 " 16:09:53.372" 54847143 0838 1564 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/23/17 " 16:09:53.382" 54847159 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/23/17 " 16:09:53.442" 54847205 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/23/17 " 16:09:53.582" 54847346 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/23/17 " 16:09:53.582" 54847346 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/23/17 " 16:10:02.962" 54856737 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/23/17 " 16:10:03.562" 54857330 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/23/17 " 16:10:03.862" 54857626 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/23/17 " 16:10:08.032" 54861807 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/23/17 " 16:10:08.032" 54861807 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/23/17 " 16:10:08.032" 54861807 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2871" 09/23/17 " 16:10:08.032" 54861807 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.23.06" 09/23/17 " 16:10:08.042" 54861807 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 16:10:08.352" 54862119 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 16:10:08.352" 54862119 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 16:10:08.452" 54862228 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 16:10:08.462" 54862228 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/23/17 " 16:10:08.462" 54862228 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/23/17 " 16:10:08.712" 54862478 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/23/17 " 16:10:08.712" 54862478 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/23/17 " 16:10:10.912" 54864678 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/23/17 " 16:10:18.172" 54871947 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/23/17 " 16:10:18.172" 54871947 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/23/17 " 17:09:52.467" 58446242 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 17:09:52.777" 58446554 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 17:09:52.777" 58446554 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 17:09:52.777" 58446554 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 17:09:52.777" 58446554 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 17:09:52.777" 58446554 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 17:09:52.777" 58446554 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 17:09:52.777" 58446554 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2871]" 09/23/17 " 17:09:53.047" 58446819 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 17:09:53.047" 58446819 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 18:01:19.311" 61533081 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:01:19.611" 61533377 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:01:20.071" 61533845 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:01:20.691" 61534469 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:01:21.070" 61534843 0838 13e4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:01:21.204" 61534968 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:01:21.579" 61535343 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:01:21.875" 61535639 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:01:22.562" 61536341 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:02:05.797" 61579569 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:04:18.486" 61712263 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:09:52.049" 62045825 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 18:09:52.361" 62046137 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 18:09:52.361" 62046137 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 18:09:52.361" 62046137 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 18:09:52.361" 62046137 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 18:09:52.365" 62046137 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 18:09:52.365" 62046137 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 18:09:52.365" 62046137 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2871]" 09/23/17 " 18:09:52.673" 62046449 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 18:09:52.673" 62046449 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 18:15:41.797" 62395563 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 18:15:45.211" 62398980 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 18:15:45.725" 62399495 0838 16a8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 18:15:46.409" 62400181 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 18:15:48.314" 62402084 0838 04dc ERROR ArwSDK "" 0 "{Thread: 0x000008F8, Tick: 0x03B82E24} [ARDE::SessionState::DoProcess] ERROR handling indicator. {Action:6; Current:{2056:6172}; Parent:{0:0}; Index:0;}" 09/23/17 " 18:15:48.314" 62402084 0838 04dc ERROR ArwSDK "" 0 "{Thread: 0x000008F8, Tick: 0x03B82E24} [ARDE::SessionState::DoProcess] {EXCEPTION} ==> {Thread: 0x000008F8, Tick: 0x03B82E24} [ARDE::ThreadInfo::get_indicators(152)] Post-condition not held." 09/23/17 " 18:58:55.138" 64988908 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:58:55.348" 64989127 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:58:55.728" 64989501 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:58:56.270" 64990047 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:58:56.436" 64990203 0838 192c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:58:56.983" 64990749 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:58:57.061" 64990827 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:58:57.279" 64991046 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:58:57.317" 64991092 0838 1524 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:58:58.364" 64992138 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 18:59:01.707" 64995476 0838 1e2c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 18:59:02.915" 64996693 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 18:59:04.099" 64997863 0838 1a88 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 18:59:05.004" 64998768 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 18:59:41.302" 65035069 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 19:09:52.675" 65646453 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 19:09:52.998" 65646765 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 19:09:52.998" 65646765 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 19:09:52.998" 65646765 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 19:09:52.998" 65646765 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 19:09:53.002" 65646780 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 19:09:53.002" 65646780 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 19:09:53.002" 65646780 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2871]" 09/23/17 " 19:09:53.331" 65647108 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 19:09:53.331" 65647108 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 19:11:41.361" 65755139 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 19:11:49.144" 65762923 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 19:33:29.949" 67063722 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 19:33:32.478" 67066249 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 20:09:52.333" 69246098 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 20:09:52.650" 69246425 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 20:09:52.650" 69246425 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 20:09:52.650" 69246425 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 20:09:52.650" 69246425 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 20:09:52.654" 69246425 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 20:09:52.654" 69246425 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 20:09:52.654" 69246425 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2871]" 09/23/17 " 20:09:53.015" 69246784 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 20:09:53.015" 69246784 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 21:04:10.773" 72504537 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 21:04:17.713" 72511479 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 21:04:18.619" 72512384 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 21:04:44.799" 72538577 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 21:05:07.129" 72560901 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 21:06:21.793" 72635563 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 21:09:52.023" 72845790 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 21:09:52.329" 72846102 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 21:09:52.329" 72846102 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 21:09:52.329" 72846102 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 21:09:52.329" 72846102 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 21:09:52.339" 72846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 21:09:52.339" 72846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 21:09:52.339" 72846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2871]" 09/23/17 " 21:09:52.641" 72846414 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2872) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/23/17 " 21:09:52.641" 72846414 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2872) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/23/17 " 21:09:52.641" 72846414 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/23/17 " 21:09:52.872" 72846648 0838 1ff4 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/23/17 " 21:09:52.906" 72846679 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/23/17 " 21:09:52.996" 72846772 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/23/17 " 21:09:53.128" 72846897 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/23/17 " 21:09:53.138" 72846913 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/23/17 " 21:10:03.533" 72857302 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/23/17 " 21:10:03.995" 72857770 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/23/17 " 21:10:04.337" 72858114 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/23/17 " 21:10:08.486" 72862263 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/23/17 " 21:10:08.486" 72862263 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/23/17 " 21:10:08.486" 72862263 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2872" 09/23/17 " 21:10:08.486" 72862263 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.24.01" 09/23/17 " 21:10:08.486" 72862263 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 21:10:08.798" 72862575 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 21:10:08.798" 72862575 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 21:10:08.918" 72862684 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 21:10:08.918" 72862684 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/23/17 " 21:10:08.918" 72862684 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/23/17 " 21:10:09.178" 72862950 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/23/17 " 21:10:09.178" 72862950 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/23/17 " 21:10:11.403" 72865180 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/23/17 " 21:10:18.647" 72872419 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/23/17 " 21:10:18.647" 72872419 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/23/17 " 22:09:52.922" 76446698 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 22:09:53.232" 76447010 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 22:09:53.232" 76447010 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 22:09:53.232" 76447010 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 22:09:53.232" 76447010 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 22:09:53.232" 76447010 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 22:09:53.232" 76447010 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 22:09:53.232" 76447010 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2872]" 09/23/17 " 22:09:53.542" 76447307 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 22:09:53.542" 76447307 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 22:45:18.465" 78572243 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:45:18.775" 78572539 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:45:19.235" 78573007 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:45:19.635" 78573413 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:45:20.138" 78573912 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:45:20.244" 78574021 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:45:20.603" 78574380 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:45:21.126" 78574895 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:45:21.333" 78575098 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:45:22.275" 78576049 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:46:04.975" 78618747 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 22:51:41.412" 78955179 0838 1da8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 22:51:43.161" 78956926 0838 00d8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 22:51:43.321" 78957098 0838 14b4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 22:51:44.159" 78957924 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 22:58:42.649" 79376428 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:02:46.718" 79620492 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:09:52.549" 80046328 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/23/17 " 23:09:52.859" 80046624 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/23/17 " 23:09:52.859" 80046624 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/23/17 " 23:09:52.859" 80046624 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/23/17 " 23:09:52.859" 80046624 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/23/17 " 23:09:52.869" 80046640 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/23/17 " 23:09:52.869" 80046640 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/23/17 " 23:09:52.869" 80046640 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2872]" 09/23/17 " 23:09:53.189" 80046967 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/23/17 " 23:09:53.189" 80046967 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/23/17 " 23:47:37.262" 82311025 0838 18ec INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 23:47:38.053" 82311821 0838 1550 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 23:47:38.703" 82312476 0838 1ee8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 23:47:39.104" 82312882 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/23/17 " 23:55:17.832" 82771603 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:55:18.012" 82771790 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:55:18.362" 82772133 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:55:18.672" 82772445 0838 11bc INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:55:19.330" 82773100 0838 1434 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:55:19.733" 82773506 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:55:19.830" 82773600 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:55:19.954" 82773724 0838 0d00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:55:20.375" 82774146 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:55:21.222" 82774988 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/23/17 " 23:56:03.883" 82817654 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 00:02:32.099" 83205878 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 00:08:30.430" 83564197 0838 1eec INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 00:08:31.263" 83565039 0838 0e74 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 00:08:32.523" 83566287 0838 16f0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 00:08:32.859" 83566631 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 00:09:52.194" 83645973 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 00:09:52.504" 83646269 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 00:09:52.504" 83646269 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 00:09:52.504" 83646269 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 00:09:52.504" 83646269 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 00:09:52.504" 83646269 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 00:09:52.504" 83646269 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 00:09:52.504" 83646269 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2872]" 09/24/17 " 00:09:52.814" 83646581 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 00:09:52.814" 83646581 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 00:23:36.882" 84470656 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 00:23:53.921" 84487692 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 00:23:54.788" 84488565 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 00:24:58.350" 84552120 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 00:25:44.603" 84598374 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 00:26:41.738" 84655502 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 00:29:42.705" 84836479 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 00:37:19.444" 85293219 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 01:06:40.704" 87060304 0838 0a9c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 01:06:41.476" 87061069 0838 15b8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 01:06:42.653" 87062254 0838 16a8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 01:06:42.995" 87062597 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 01:09:46.992" 87246585 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 01:09:47.310" 87246913 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 01:09:47.310" 87246913 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 01:09:47.310" 87246913 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 01:09:47.310" 87246913 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 01:09:47.314" 87246913 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 01:09:47.314" 87246913 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 01:09:47.314" 87246913 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2872]" 09/24/17 " 01:09:47.642" 87247240 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 01:09:47.642" 87247240 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 01:10:32.428" 87292028 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 01:55:45.081" 90004683 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 02:01:29.095" 90348696 0838 0a24 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::StartScan "Scanner.cpp" 538 "Starting a Threat scan, clientID = 20bd2adc-a019-11e7-a252-d43d7eb62193, clientType = MBClientScheduler." 09/24/17 " 02:01:29.125" 90348727 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 02:01:29.436" 90349039 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 02:01:29.436" 90349039 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 02:01:29.436" 90349039 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (manual)" 09/24/17 " 02:01:29.436" 90349039 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[No], SDK/Ctlr=[No], DB/CLS=[Yes]" 09/24/17 " 02:01:29.436" 90349039 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2872]" 09/24/17 " 02:01:29.744" 90349336 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 02:01:29.744" 90349336 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 02:01:37.845" 90357448 0838 1bac INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 83654 records." 09/24/17 " 02:02:35.301" 90414903 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|05630A6053652D7528572A662FD9C422EB0CAD2D91508CF85748AFE6802C027C' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:02:35.301" 90414903 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\CTREGRUN.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:02:35.301" 90414903 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\CTREGRUN.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:02:35.703" 90415293 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|E0B8566CA192327A05FDC9C8271689827D7E0693B1CE528D58D594474656C6B4' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:02:35.703" 90415293 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\RESDEFE.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:02:35.703" 90415293 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\RESDEFE.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:02:37.180" 90416775 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|D82049156621BC18787FB0746B2CA0A7C78E3AB75D4318DB92795F0A781792F1' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:02:37.180" 90416775 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSTEM32\ATIBTMON.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:02:37.180" 90416775 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSTEM32\ATIBTMON.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:02:47.517" 90427118 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|AF42407EC1FC1BC5B4FB88A4919CB8E4BACA17A77AE0F22A40065EA382A14F0D' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:02:47.517" 90427118 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSWOW64\ADDCAT.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:02:47.517" 90427118 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSWOW64\ADDCAT.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:02:47.947" 90427539 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|D58EC956951A2D8E75010C4DAB252F98F6C214D93E58E479FF521650F65561DC' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:02:47.947" 90427539 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\WINDOWS\SYSWOW64\APOIM64.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:02:47.947" 90427539 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\WINDOWS\SYSWOW64\APOIM64.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:02:58.646" 90438241 0838 1614 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/24/17 " 02:02:58.656" 90438256 0838 1614 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Init "Linker.cpp" 93 "Initializing linker" 09/24/17 " 02:03:06.080" 90445682 0838 1614 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/24/17 " 02:03:06.523" 90446119 0838 1614 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 139 "Hubble disabled for non-Shuriken/scan detections, path='C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS'" 09/24/17 " 02:03:06.523" 90446119 0838 1614 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS' => None:Unknown" 09/24/17 " 02:03:06.523" 90446119 0838 1614 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js' => None:Unknown" 09/24/17 " 02:03:06.523" 90446119 0838 1614 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/24/17 " 02:03:06.523" 90446119 0838 1614 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/24/17 " 02:03:10.865" 90450456 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|632825038F5975415D129CCB84682243360821857D250D7827E21A08DE855BCC' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:03:10.865" 90450456 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\BIN\HPQSRMON.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:03:10.865" 90450456 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\BIN\HPQSRMON.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:03:15.551" 90455151 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|D7A6092F0A2FECC08F19520A801084E821B4FCC4D588818A8D232AE9257E7EC0' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:03:15.551" 90455151 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:03:15.551" 90455151 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:03:17.530" 90457132 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|F2164C69C089E5F9A32207E6B36808861692FA923318BFF23447A34B2157CDEA' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:03:17.530" 90457132 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:03:17.530" 90457132 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:03:17.812" 90457413 0838 1614 INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::ProcessClassificationResult "Scanner.cpp" 3460 "Threat detected: ThreatName=PUP.Optional.Spigot, FilePath=C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS" 09/24/17 " 02:03:17.812" 90457413 0838 1614 INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::FindLinkedTraces "Linker.cpp" 207 "Finding linked traces" 09/24/17 " 02:03:17.812" 90457413 0838 1614 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\USERS\MANNERPANNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QM9NWSUA.DEFAULT\PREFS.JS' => None:Unknown" 09/24/17 " 02:03:17.812" 90457413 0838 1614 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManagerCache::LogWhiteListStatus "WhiteListManagerCache.cpp" 129 "White list status from cache: File 'C:\Users\MANNERPANNER\AppData\Roaming\Mozilla\Firefox\Profiles\QM9NWSUA.DEFAULT\prefs.js' => None:Unknown" 09/24/17 " 02:03:17.812" 90457413 0838 1614 INFO Actions ActionsManager::GetDetectedThreatsV2 "ActionsManager.cpp" 457 "Getting detected threats from actions" 09/24/17 " 02:03:17.812" 90457413 0838 1614 INFO CleanControllerImpl PreCleanEngine::AddLinkedTraces "PreCleanEngine.cpp" 743 "Getting linked traces" 09/24/17 " 02:03:55.758" 90495353 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|94CF3E4B6F14B5AF5CC88F98A122B8CCC6E298D5F3ADDC9F11E7563762080E92' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:03:55.758" 90495353 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\25eeebb4-a0ee-11e7-b3e5-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:03:55.758" 90495353 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\25eeebb4-a0ee-11e7-b3e5-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:03:57.095" 90496694 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|05630A6053652D7528572A662FD9C422EB0CAD2D91508CF85748AFE6802C027C' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:03:57.095" 90496694 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\26bdfe90-a0ee-11e7-ba9d-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:03:57.095" 90496694 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\26bdfe90-a0ee-11e7-ba9d-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:03:57.221" 90496819 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|731FF1D2F8EFA24A8E1B9FBCB383EDF0F86BCB88058206F2E23E960AAD56BA66' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:03:57.221" 90496819 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\26c3a3f4-a0ee-11e7-a4fa-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:03:57.221" 90496819 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\26c3a3f4-a0ee-11e7-a4fa-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:03:57.408" 90497006 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|C07D4AB17775FE1775D151564D51947B4ABEE45F6ABBF6EBC9F765ED00FC1445' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:03:57.408" 90497006 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\26e228e2-a0ee-11e7-bcaa-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:03:57.408" 90497006 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\26e228e2-a0ee-11e7-bcaa-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:04:02.498" 90502092 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|76A19042297C39E9A1D45EF48275B8D1D1A611CE6878846C497D53DF4315B69D' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:04:02.498" 90502092 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\29f82702-a0ee-11e7-a453-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:04:02.498" 90502092 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\29f82702-a0ee-11e7-a453-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:04:02.685" 90502279 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|47EA52ED38243C7A31D371E28ACFF2050A395B7CBF389A14D010B254645B40BA' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:04:02.685" 90502279 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2a043524-a0ee-11e7-a303-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:04:02.685" 90502279 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2a043524-a0ee-11e7-a303-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:04:03.242" 90502841 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|E00515C16051B33E91ACB8C4DA268FC4F1FA504F7B3522A4BDB10BBB79CE914B' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:04:03.242" 90502841 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2a63bbac-a0ee-11e7-8599-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:04:03.242" 90502841 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2a63bbac-a0ee-11e7-8599-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:04:03.512" 90503106 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|D88F306671F0FFFAA20D5D74A9DC8E368772D57D2AAB1A136CF0564FC7E19258' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:04:03.512" 90503106 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2a8d3d42-a0ee-11e7-a6e6-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:04:03.512" 90503106 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2a8d3d42-a0ee-11e7-a6e6-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:04:03.702" 90503293 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|7422F5B551ED1C08B2A7B14472706034F0F6214C956B1A549ECDDBEAC5F61A15' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:04:03.702" 90503293 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2aa99f50-a0ee-11e7-a1d0-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:04:03.702" 90503293 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2aa99f50-a0ee-11e7-a1d0-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:09:12.300" 90811894 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\DESKTOP\RESISTOR CALCULATOR.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:09:46.755" 90846355 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 02:09:47.063" 90846651 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 02:09:47.063" 90846651 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 02:09:47.063" 90846651 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 02:09:47.063" 90846651 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 02:09:47.073" 90846667 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 02:09:47.073" 90846667 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 02:09:47.073" 90846667 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2872]" 09/24/17 " 02:09:47.385" 90846979 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 02:09:47.385" 90846979 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 02:09:56.707" 90856308 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|2117E938319486535A7BC7A0F38D6C16FE4809D5A5C415D3BDBC39E36E53556F' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:09:56.707" 90856308 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\EXPRESSZIP-940-3\ZLIB1V2.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:09:56.707" 90856308 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\EXPRESSZIP-940-3\ZLIB1V2.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:10:06.155" 90865746 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|1AA85C1A148955D08A6729F416C371B4985020E5757CC3D03865AA5CC5D57347' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:10:06.155" 90865746 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\{841A5B0E-F74F-4665-B2C7-A63B9B923D82}\SYSTEMADMIN.EXE' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:10:06.155" 90865746 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\{841A5B0E-F74F-4665-B2C7-A63B9B923D82}\SYSTEMADMIN.EXE' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:10:22.113" 90881705 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|941A444835A18747907DF172F39BAFA688812CF38CBC82D774139D2E42ECB9A1' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:10:22.113" 90881705 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\PRG7297.TMP' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:10:22.113" 90881705 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\USERS\MANNERPANNER\APPDATA\LOCAL\TEMP\PRG7297.TMP' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:10:46.338" 90905932 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|30BF82ABFE5436186BD400238270733A120F73B0E65690AFBC061525221F026F' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:10:46.338" 90905932 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\1aa2b960-a0ef-11e7-ac84-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:10:46.338" 90905932 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\1aa2b960-a0ef-11e7-ac84-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:10:46.455" 90906057 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|C377EA6C55EA65C4A39793BA8E16B9B9FF3D90F897C12F6C7734115F36D049B0' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:10:46.455" 90906057 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\1ab11172-a0ef-11e7-83b0-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:10:46.455" 90906057 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\1ab11172-a0ef-11e7-83b0-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:11:21.604" 90941204 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|D7448B2054618FF3CDC861FDBDECF18AEDE5305A73A6ACE8C3E71B5BBEFB353D' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 02:11:21.604" 90941204 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2f90f350-a0ef-11e7-a1f1-d43d7eb62193' in Hubble's cache, value = WhiteListed" 09/24/17 " 02:11:21.604" 90941204 0838 06a8 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\2f90f350-a0ef-11e7-a1f1-d43d7eb62193' (shuriken) => Hubble:WhiteListed" 09/24/17 " 02:14:17.697" 91117297 0838 1bac INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 144 "Shutting down linker, waiting for it to complete" 09/24/17 " 02:14:17.697" 91117297 0838 1bac INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::UnInit "Linker.cpp" 131 "Un-initializing linker" 09/24/17 " 02:14:18.025" 91117625 0838 1bac INFO CleanControllerImpl mb::cleanctlrimpl::linker::Linker::Shutdown "Linker.cpp" 144 "Shutting down linker, waiting for it to complete" 09/24/17 " 02:14:18.451" 91118046 0838 1bac INFO ScanControllerImpl mb::scancontrollerimpl::Scanner::PerformScan "Scanner.cpp" 1017 "Scan completed." 09/24/17 " 02:14:18.451" 91118046 0838 1bac INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/24/17 " 02:14:18.711" 91118311 0838 1bac INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/24/17 " 02:14:18.736" 91118327 0838 1bac INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/24/17 " 02:14:18.940" 91118530 0838 1bac INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/24/17 " 02:14:23.590" 91123179 0838 1bac INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/24/17 " 03:02:10.714" 93990305 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:02:29.913" 94009509 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:02:30.835" 94010430 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:03:25.563" 94065155 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:06:49.034" 94268627 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:08:07.269" 94346861 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:09:03.318" 94402913 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:09:19.338" 94418934 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:09:46.394" 94445984 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 03:09:46.705" 94446296 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 03:09:46.705" 94446296 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 03:09:46.705" 94446296 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 03:09:46.705" 94446296 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 03:09:46.705" 94446296 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 03:09:46.705" 94446296 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 03:09:46.705" 94446296 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2872]" 09/24/17 " 03:09:46.986" 94446577 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 03:09:46.986" 94446577 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 03:09:47.821" 94447420 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:09:55.060" 94454658 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:10:58.428" 94518026 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:11:38.863" 94558461 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:11:39.825" 94559428 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:12:07.440" 94587041 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:12:29.457" 94609052 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:12:32.022" 94611611 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:13:19.990" 94659581 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:14:13.949" 94713542 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 03:18:05.244" 94944844 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:54.141" 97753736 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:54.351" 97753954 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:54.771" 97754360 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:55.592" 97755187 0838 1a80 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:56.184" 97755780 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:56.271" 97755873 0838 1a78 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:56.522" 97756123 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:57.834" 97757433 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:57.866" 97757464 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:04:58.897" 97758494 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:05:10.497" 97770101 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:05:22.814" 97782409 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:05:23.905" 97783501 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:05:25.100" 97784702 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:05:40.600" 97800193 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 04:09:46.989" 98046581 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 04:09:47.346" 98046940 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 04:09:47.346" 98046940 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 04:09:47.346" 98046940 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 04:09:47.346" 98046940 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 04:09:47.351" 98046940 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 04:09:47.351" 98046940 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 04:09:47.351" 98046940 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2872]" 09/24/17 " 04:09:47.696" 98047299 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2873) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/24/17 " 04:09:47.696" 98047299 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2873) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/24/17 " 04:09:47.697" 98047299 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/24/17 " 04:09:47.937" 98047533 0838 1b00 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/24/17 " 04:09:47.955" 98047548 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/24/17 " 04:09:48.172" 98047767 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/24/17 " 04:09:48.324" 98047923 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/24/17 " 04:09:48.327" 98047923 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/24/17 " 04:09:58.420" 98058016 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/24/17 " 04:09:59.002" 98058593 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/24/17 " 04:09:59.617" 98059217 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/24/17 " 04:10:04.354" 98063944 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/24/17 " 04:10:04.355" 98063944 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/24/17 " 04:10:04.356" 98063960 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2873" 09/24/17 " 04:10:04.358" 98063960 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.24.02" 09/24/17 " 04:10:04.362" 98063960 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 04:10:04.688" 98064287 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 04:10:04.688" 98064287 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 04:10:04.875" 98064474 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 04:10:04.875" 98064474 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/24/17 " 04:10:04.876" 98064474 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/24/17 " 04:10:05.258" 98064849 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/24/17 " 04:10:05.259" 98064849 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/24/17 " 04:10:07.994" 98067594 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/24/17 " 04:10:15.713" 98075301 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/24/17 " 04:10:15.722" 98075316 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/24/17 " 04:11:38.329" 98157919 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:09:46.880" 101646476 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 05:09:47.190" 101646788 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 05:09:47.190" 101646788 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 05:09:47.190" 101646788 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 05:09:47.190" 101646788 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 05:09:47.200" 101646803 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 05:09:47.200" 101646803 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 05:09:47.200" 101646803 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2873]" 09/24/17 " 05:09:47.500" 101647100 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 05:09:47.500" 101647100 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 05:19:27.151" 102226753 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:19:27.351" 102226940 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:19:27.821" 102227423 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:19:28.181" 102227782 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:19:28.944" 102228547 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:19:29.051" 102228640 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:19:29.070" 102228671 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:19:29.232" 102228827 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:19:30.497" 102230091 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:19:43.364" 102242961 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:20:13.584" 102273179 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:20:59.580" 102319183 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:21:08.075" 102327670 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 05:21:08.929" 102328528 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:09:46.509" 105246105 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 06:09:46.819" 105246417 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 06:09:46.819" 105246417 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 06:09:46.819" 105246417 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 06:09:46.819" 105246417 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 06:09:46.819" 105246417 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 06:09:46.819" 105246417 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 06:09:46.819" 105246417 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2873]" 09/24/17 " 06:09:47.109" 105246698 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2874) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/24/17 " 06:09:47.109" 105246698 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2874) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/24/17 " 06:09:47.109" 105246698 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/24/17 " 06:09:47.339" 105246932 0838 1fc8 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/24/17 " 06:09:47.369" 105246963 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/24/17 " 06:09:47.549" 105247150 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/24/17 " 06:09:47.679" 105247275 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/24/17 " 06:09:47.689" 105247291 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/24/17 " 06:09:55.759" 105255356 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/24/17 " 06:09:56.139" 105255730 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/24/17 " 06:09:56.399" 105255996 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/24/17 " 06:10:00.589" 105260192 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/24/17 " 06:10:00.589" 105260192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/24/17 " 06:10:00.589" 105260192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2874" 09/24/17 " 06:10:00.589" 105260192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.24.03" 09/24/17 " 06:10:00.589" 105260192 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 06:10:00.899" 105260489 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 06:10:00.899" 105260489 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 06:10:01.009" 105260598 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 06:10:01.009" 105260598 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/24/17 " 06:10:01.009" 105260598 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/24/17 " 06:10:01.259" 105260847 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/24/17 " 06:10:01.259" 105260847 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/24/17 " 06:10:03.469" 105263063 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/24/17 " 06:10:10.709" 105270301 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/24/17 " 06:10:10.719" 105270317 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/24/17 " 06:40:12.041" 107071645 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:12.341" 107071941 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:12.831" 107072425 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:13.291" 107072893 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:14.085" 107073688 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:14.264" 107073860 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:14.312" 107073907 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:14.841" 107074437 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:15.190" 107074780 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:16.174" 107075763 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 06:40:58.507" 107118102 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 07:00:25.136" 108284739 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 07:00:26.988" 108286580 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 07:00:27.836" 108287438 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 07:09:46.015" 108845610 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 07:09:46.329" 108845922 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 07:09:46.329" 108845922 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 07:09:46.329" 108845922 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 07:09:46.329" 108845922 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 07:09:46.333" 108845922 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 07:09:46.333" 108845922 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 07:09:46.333" 108845922 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2874]" 09/24/17 " 07:09:46.637" 108846234 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 07:09:46.637" 108846234 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 08:09:46.642" 112446238 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 08:09:46.952" 112446550 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 08:09:46.952" 112446550 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 08:09:46.952" 112446550 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 08:09:46.952" 112446550 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 08:09:46.952" 112446550 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 08:09:46.952" 112446550 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 08:09:46.952" 112446550 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2874]" 09/24/17 " 08:09:47.262" 112446862 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2875) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/24/17 " 08:09:47.262" 112446862 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2875) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/24/17 " 08:09:47.262" 112446862 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/24/17 " 08:09:47.462" 112447065 0838 1d64 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/24/17 " 08:09:47.512" 112447111 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/24/17 " 08:09:47.602" 112447205 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/24/17 " 08:09:47.742" 112447330 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/24/17 " 08:09:47.742" 112447330 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/24/17 " 08:09:55.952" 112455551 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/24/17 " 08:09:56.242" 112455832 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/24/17 " 08:09:56.522" 112456113 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/24/17 " 08:10:00.682" 112460278 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/24/17 " 08:10:00.682" 112460278 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/24/17 " 08:10:00.682" 112460278 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2875" 09/24/17 " 08:10:00.682" 112460278 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.24.04" 09/24/17 " 08:10:00.692" 112460293 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 08:10:01.002" 112460590 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 08:10:01.002" 112460590 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 08:10:01.102" 112460699 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 08:10:01.102" 112460699 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/24/17 " 08:10:01.112" 112460715 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/24/17 " 08:10:01.342" 112460933 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/24/17 " 08:10:01.342" 112460933 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/24/17 " 08:10:03.562" 112463164 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 717972 records." 09/24/17 " 08:10:10.832" 112470434 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/24/17 " 08:10:10.842" 112470434 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/24/17 " 09:09:46.116" 116045711 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 09:09:46.426" 116046023 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 09:09:46.426" 116046023 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 09:09:46.426" 116046023 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 09:09:46.426" 116046023 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 09:09:46.426" 116046023 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 09:09:46.426" 116046023 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 09:09:46.426" 116046023 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2875]" 09/24/17 " 09:09:46.726" 116046320 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 09:09:46.726" 116046320 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 10:09:46.731" 119646324 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 10:09:47.041" 119646636 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 10:09:47.041" 119646636 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 10:09:47.041" 119646636 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 10:09:47.041" 119646636 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 10:09:47.041" 119646636 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 10:09:47.041" 119646636 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 10:09:47.041" 119646636 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2875]" 09/24/17 " 10:09:47.321" 119646916 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 10:09:47.321" 119646916 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 11:09:46.326" 123245922 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 11:09:46.636" 123246234 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 11:09:46.636" 123246234 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 11:09:46.636" 123246234 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 11:09:46.636" 123246234 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 11:09:46.636" 123246234 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 11:09:46.636" 123246234 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 11:09:46.636" 123246234 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2875]" 09/24/17 " 11:09:46.936" 123246530 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 11:09:46.936" 123246530 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 12:09:46.941" 126846534 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 12:09:47.241" 126846830 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 12:09:47.241" 126846830 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 12:09:47.241" 126846830 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 12:09:47.241" 126846830 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 12:09:47.251" 126846846 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 12:09:47.251" 126846846 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 12:09:47.251" 126846846 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2875]" 09/24/17 " 12:09:47.581" 126847174 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 12:09:47.581" 126847174 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 13:09:46.586" 130446179 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 13:09:46.886" 130446476 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 13:09:46.886" 130446476 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 13:09:46.886" 130446476 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 13:09:46.886" 130446476 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 13:09:46.896" 130446491 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 13:09:46.896" 130446491 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 13:09:46.896" 130446491 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2875]" 09/24/17 " 13:09:47.166" 130446756 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 13:09:47.166" 130446756 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 14:09:46.171" 134045762 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 14:09:46.481" 134046074 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 14:09:46.481" 134046074 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 14:09:46.481" 134046074 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 14:09:46.481" 134046074 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 14:09:46.481" 134046074 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 14:09:46.481" 134046074 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 14:09:46.481" 134046074 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2875]" 09/24/17 " 14:09:46.781" 134046370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2876) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/24/17 " 14:09:46.781" 134046370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2876) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/24/17 " 14:09:46.781" 134046370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/24/17 " 14:09:47.121" 134046713 0838 0100 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/24/17 " 14:09:47.291" 134046885 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/24/17 " 14:09:47.461" 134047057 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/24/17 " 14:09:47.601" 134047197 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/24/17 " 14:09:47.601" 134047197 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/24/17 " 14:09:57.781" 134057384 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/24/17 " 14:09:58.121" 134057711 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/24/17 " 14:09:58.411" 134058008 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/24/17 " 14:10:02.541" 134062142 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/24/17 " 14:10:02.541" 134062142 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/24/17 " 14:10:02.541" 134062142 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2876" 09/24/17 " 14:10:02.541" 134062142 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.24.05" 09/24/17 " 14:10:02.541" 134062142 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 14:10:02.851" 134062454 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 14:10:02.851" 134062454 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 14:10:02.961" 134062563 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 14:10:02.961" 134062563 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/24/17 " 14:10:02.961" 134062563 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/24/17 " 14:10:03.191" 134062782 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/24/17 " 14:10:03.191" 134062782 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/24/17 " 14:10:05.401" 134064997 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 719204 records." 09/24/17 " 14:10:12.691" 134072282 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/24/17 " 14:10:12.691" 134072282 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/24/17 " 15:09:46.966" 137646561 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 15:09:47.276" 137646873 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 15:09:47.276" 137646873 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 15:09:47.276" 137646873 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 15:09:47.276" 137646873 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 15:09:47.276" 137646873 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 15:09:47.276" 137646873 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 15:09:47.276" 137646873 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2876]" 09/24/17 " 15:09:47.606" 137647201 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 15:09:47.606" 137647201 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 16:09:46.611" 141246206 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 16:09:46.921" 141246518 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 16:09:46.921" 141246518 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 16:09:46.921" 141246518 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 16:09:46.921" 141246518 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 16:09:46.921" 141246518 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 16:09:46.921" 141246518 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 16:09:46.921" 141246518 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2876]" 09/24/17 " 16:09:47.211" 141246799 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 16:09:47.211" 141246799 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 17:09:46.216" 144845805 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 17:09:46.526" 144846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 17:09:46.526" 144846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 17:09:46.526" 144846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 17:09:46.526" 144846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 17:09:46.526" 144846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 17:09:46.526" 144846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 17:09:46.526" 144846117 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2876]" 09/24/17 " 17:09:46.806" 144846397 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2877) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/24/17 " 17:09:46.806" 144846397 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2877) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/24/17 " 17:09:46.806" 144846397 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/24/17 " 17:09:47.016" 144846616 0838 1e5c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/24/17 " 17:09:47.056" 144846647 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/24/17 " 17:09:47.126" 144846725 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/24/17 " 17:09:47.266" 144846865 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/24/17 " 17:09:47.266" 144846865 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/24/17 " 17:09:56.266" 144855867 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/24/17 " 17:09:56.596" 144856194 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/24/17 " 17:09:56.846" 144856444 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/24/17 " 17:10:01.026" 144860625 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/24/17 " 17:10:01.026" 144860625 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/24/17 " 17:10:01.026" 144860625 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2877" 09/24/17 " 17:10:01.026" 144860625 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.24.06" 09/24/17 " 17:10:01.036" 144860625 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 17:10:01.346" 144860937 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 17:10:01.346" 144860937 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 17:10:01.456" 144861046 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 17:10:01.456" 144861046 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/24/17 " 17:10:01.456" 144861046 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/24/17 " 17:10:01.706" 144861296 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/24/17 " 17:10:01.706" 144861296 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/24/17 " 17:10:03.896" 144863495 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 719204 records." 09/24/17 " 17:10:11.246" 144870843 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/24/17 " 17:10:11.256" 144870858 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/24/17 " 17:48:21.169" 147160766 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:48:21.479" 147161078 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:48:21.949" 147161546 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:48:22.538" 147162139 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:48:23.061" 147162653 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:48:23.124" 147162716 0838 1b00 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:48:23.356" 147162950 0838 1d84 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:48:24.049" 147163652 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:48:24.204" 147163792 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:48:25.096" 147164697 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:49:07.528" 147207129 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:49:42.136" 147241730 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:59:18.331" 147817920 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:59:28.339" 147827935 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 17:59:29.274" 147828871 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:02:37.062" 148016665 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:02:59.426" 148039020 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:04:27.167" 148126755 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:05:21.507" 148181106 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:09:46.462" 148446058 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 18:09:46.777" 148446370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 18:09:46.777" 148446370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 18:09:46.777" 148446370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 18:09:46.777" 148446370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 18:09:46.780" 148446370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 18:09:46.780" 148446370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 18:09:46.780" 148446370 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2877]" 09/24/17 " 18:09:47.095" 148446698 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2878) of pkg [mbam-c.dbcls.64bit] (FULL) is available" 09/24/17 " 18:09:47.095" 148446698 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessAvailablePackages "UpdateControllerImplHelper.cpp" 1036 "A New version (1.0.2878) of pkg [mbam-c.dbcls.64bit] (INCR) is available" 09/24/17 " 18:09:47.096" 148446698 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 532 "Available updates found - beginning download" 09/24/17 " 18:09:47.354" 148446947 0838 1e1c INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadComplete "UpdateControllerImplHelper.cpp" 2854 "Download Complete (Successful) for: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\dbcls.64bit.incr.7z" 09/24/17 " 18:09:47.604" 148447197 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DownloadUpdates "UpdateControllerImplHelper.cpp" 1396 "Successfully downloaded: mbam-c.dbcls.64bit" 09/24/17 " 18:09:47.687" 148447275 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::PrepareUpdate "MBAMShimImpl.cpp" 95 "MBAMCore preparing update" 09/24/17 " 18:09:47.860" 148447462 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/24/17 " 18:09:47.862" 148447462 0838 0b10 INFO ActionsShim ActionsShim::PrepareUpdate "ActionsShim.cpp" 118 "Starting update of actions" 09/24/17 " 18:09:56.722" 148456323 0838 0b10 INFO ActionsShim ActionsShim::FinishUpdate "ActionsShim.cpp" 129 "Finishing update of actions" 09/24/17 " 18:09:57.016" 148456619 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "MBAMShimImpl.cpp" 131 "MBAMCore finishing update" 09/24/17 " 18:09:57.297" 148456900 0838 0b10 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/24/17 " 18:10:01.574" 148461175 0838 0b10 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/24/17 " 18:10:01.574" 148461175 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ProcessDbClsEngUpdates "UpdateControllerImplHelper.cpp" 1765 "DoIncrementalUpdate was successful." 09/24/17 " 18:10:01.575" 148461175 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2391 "Successfully updated DB/ClsEng package version to: 1.0.2878" 09/24/17 " 18:10:01.576" 148461175 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::UpdateInstalledPkgVersion "UpdateControllerImplHelper.cpp" 2399 "Set DB version to: 2017.09.24.07" 09/24/17 " 18:10:01.580" 148461175 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 18:10:01.895" 148461487 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 18:10:01.895" 148461487 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 18:10:02.044" 148461643 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 18:10:02.045" 148461643 0838 0304 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/24/17 " 18:10:02.046" 148461643 0838 0304 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/24/17 " 18:10:02.332" 148461923 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/24/17 " 18:10:02.333" 148461923 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StopProtection "MWACControllerImplHelper.cpp" 1580 "Web Access protection has been stopped." 09/24/17 " 18:10:04.617" 148464217 0838 072c INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 719204 records." 09/24/17 " 18:10:12.016" 148471611 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/24/17 " 18:10:12.023" 148471611 0838 072c INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::StartProtection "MWACControllerImplHelper.cpp" 1539 "Web Access protection is starting..." 09/24/17 " 18:15:34.146" 148793738 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:15:52.258" 148811849 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:16:25.987" 148845577 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:17:08.753" 148888352 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:17:37.156" 148916744 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:18:03.092" 148942687 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:18:31.461" 148971064 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:19:15.696" 149015290 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:20:07.010" 149066599 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:23:08.828" 149248418 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:23:26.556" 149266155 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:23:27.505" 149267107 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:23:45.619" 149285219 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:24:18.655" 149318244 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:24:19.735" 149319336 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:24:20.816" 149320412 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:25:21.570" 149381159 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:25:28.867" 149388460 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:25:29.766" 149389365 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:25:47.412" 149407009 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:29:33.963" 149633553 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:29:46.401" 149646002 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:29:47.307" 149646907 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:30:54.196" 149713785 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:31:39.726" 149759321 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:32:13.187" 149792784 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:35:33.282" 149992870 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:35:53.608" 150013197 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:36:15.336" 150034928 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:37:49.893" 150129496 0838 1bf0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 18:37:51.766" 150131368 0838 1250 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 18:37:52.514" 150132117 0838 1da0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 18:37:52.998" 150132600 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Mozilla Firefox (and add-ons))" 09/24/17 " 18:47:29.511" 150709102 0838 04c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Windows\ERUNT.exe' (shuriken) => Hubble:WhiteListed" 09/24/17 " 18:49:03.851" 150803452 0838 04c4 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Windows\mod_frst.exe' (shuriken) => Hubble:WhiteListed" 09/24/17 " 18:57:12.702" 151292296 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:12.912" 151292515 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:13.392" 151292983 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:13.832" 151293435 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:14.658" 151294246 0838 1780 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:14.782" 151294371 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:15.092" 151294683 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:15.532" 151295120 0838 13f4 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:15.679" 151295276 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:42.668" 151322264 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 18:57:43.602" 151323200 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:30.238" 151729832 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:30.448" 151730051 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:30.808" 151730410 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:31.188" 151730784 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:32.082" 151731673 0838 18a0 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:32.203" 151731798 0838 167c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:32.243" 151731845 0838 167c INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:32.677" 151732266 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:32.862" 151732453 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:04:37.100" 151736696 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:05:16.491" 151776087 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:05:17.105" 151776695 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:05:17.335" 151776929 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:05:17.742" 151777335 0838 04c8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:05:18.432" 151778021 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:05:45.580" 151805181 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:05:45.696" 151805290 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:07:57.762" 151937360 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:31.407" 152031008 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:31.587" 152031179 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:31.947" 152031538 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:32.297" 152031897 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:33.132" 152032724 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:33.345" 152032942 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:34.027" 152033629 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:34.443" 152034034 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:34.788" 152034377 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:46.054" 152045656 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 19:09:46.461" 152046062 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 19:09:46.461" 152046062 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 19:09:46.462" 152046062 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 19:09:46.462" 152046062 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 19:09:46.468" 152046062 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 19:09:46.468" 152046062 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 19:09:46.468" 152046062 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2878]" 09/24/17 " 19:09:46.822" 152046421 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 19:09:46.822" 152046421 0838 0b10 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete." 09/24/17 " 19:09:52.808" 152052411 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:52.988" 152052583 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:53.328" 152052926 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:53.708" 152053300 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:54.411" 152054002 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:54.489" 152054080 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:54.503" 152054096 0838 0a90 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:54.835" 152054424 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:09:55.870" 152055469 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:45:50.944" 154210545 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:45:51.144" 154210747 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:45:51.524" 154211122 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:45:52.074" 154211668 0838 1058 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:45:52.609" 154212198 0838 0550 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:45:52.627" 154212229 0838 1724 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:45:52.791" 154212385 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:45:53.254" 154212853 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:45:53.337" 154212931 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:46:00.087" 154219686 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 19:46:37.153" 154256752 0838 0cd8 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification "AEControllerImplHelper.cpp" 2129 "App Injected (Google Chrome (and plug-ins))" 09/24/17 " 20:02:18.906" 155198499 0838 083c INFO ServiceControllerImpl ServiceControllerImplementation::Stop "ServiceControllerImplementation.cpp" 349 "Stopping Service Controller" 09/24/17 " 20:02:18.906" 155198499 0838 0408 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 381 "Stopping Self Protection Controller" 09/24/17 " 20:02:19.030" 155198624 0838 0408 INFO SPControllerModuleLoader SPControllerModuleLoader::UnloadImplementation "SPControllerModuleLoader.cpp" 96 "Unloaded the Self-Protection Controller implementation module." 09/24/17 " 20:02:19.030" 155198624 0838 0408 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 390 "Successfully stopped Self Protection Controller" 09/24/17 " 20:02:19.030" 155198624 0838 1084 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 398 "Stopping Anti-Exploit Controller" 09/24/17 " 20:02:19.046" 155198639 0838 1304 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 419 "Stopping ARW Controller" 09/24/17 " 20:02:19.046" 155198639 0838 1598 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 437 "Stopping MWAC Controller" 09/24/17 " 20:02:19.046" 155198639 0838 1ff0 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 456 "Stopping RTP Controller" 09/24/17 " 20:02:19.046" 155198639 0838 1ff0 INFO RtpSDK RtpUserImpl::Stop "RtpUserImpl.cpp" 281 "Rtp driver stopped." 09/24/17 " 20:02:19.046" 155198639 0838 1ff0 INFO RtpShim RtpShimImpl::Stop "RtpShimImpl.cpp" 242 "Rtp successfully stopped." 09/24/17 " 20:02:19.436" 155199029 0838 1ff0 INFO MBAMCoreImpl MBAMCoreImpl::Shutdown "MBAMCoreImpl.cpp" 152 "MBAMCore was successfully shutdown." 09/24/17 " 20:02:19.498" 155199092 0838 1ff0 INFO RTPControllerCOM CRTPControllerModuleLoader::UnloadImplementation "RTPControllerModuleLoader.cpp" 107 "Unloaded the RTP Controller implementation module." 09/24/17 " 20:02:19.498" 155199092 0838 1598 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacShimModuleLoader::UnloadModule "MwacShimModuleLoader.cpp" 106 "Unloaded the Web Access Control Sdk implementation module." 09/24/17 " 20:02:19.498" 155199092 0838 1ff0 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 465 "Successfully stopped RTP Controller" 09/24/17 " 20:02:19.545" 155199139 0838 1598 INFO MwacControllerCOM CMwacControllerModuleLoader::UnloadImplementation "MWACControllerModuleLoader.cpp" 88 "Unloaded the Web Access Controller implementation module." 09/24/17 " 20:02:19.545" 155199139 0838 1598 INFO MWACControllerCOM CMWACController::Stop_impl "MWACController.cpp" 530 "The MWAC Controller impl is unloaded." 09/24/17 " 20:02:19.545" 155199139 0838 1598 INFO MWACControllerCOM CMWACController::StopV2 "MWACController.cpp" 282 "MWAC Controller shutdown complete" 09/24/17 " 20:02:19.545" 155199139 0838 1598 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 448 "Successfully stopped MWAC Controller" 09/24/17 " 20:02:19.545" 155199139 0838 1598 INFO MWACControllerCOM CMWACController::StopV2 "MWACController.cpp" 282 "MWAC Controller shutdown complete" 09/24/17 " 20:02:20.200" 155199794 0838 1084 INFO AeShimImpl AeShimImpl::MbaeStop "AeShimImpl.cpp" 373 "MBAE stopped." 09/24/17 " 20:02:20.247" 155199841 0838 1084 INFO AEControllerModuleLoader CAeControllerModuleLoader::UnloadImplementation "AEControllerModuleLoader.cpp" 112 "Unloaded the Anti-Exploit Controller implementation module." 09/24/17 " 20:02:20.247" 155199841 0838 1084 INFO ServiceControllerImpl ServiceControllerImplementation::Stop::::operator () "ServiceControllerImplementation.cpp" 407 "Successfully stopped Anti-Exploit Controller" 09/24/17 " 20:04:53.619" 115393 0974 09c0 INFO LogController CLogController::Start "LogController.cpp" 86 "Started logging" 09/24/17 " 20:04:53.822" 115596 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 284 "Service Controller starting controller initialization" 09/24/17 " 20:04:53.822" 115596 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 285 "Product code MBAM-C" 09/24/17 " 20:04:53.822" 115596 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 286 "Product version 3.2.2.2029" 09/24/17 " 20:04:53.822" 115596 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 287 "Product build consumer" 09/24/17 " 20:04:53.822" 115596 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartV2 "ServiceControllerImplementation.cpp" 288 "OS Version Windows 7 Service Pack 1" 09/24/17 " 20:04:54.883" 116657 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartPoliciesController "ServiceControllerImplementation.cpp" 1870 "Policies Controller Started" 09/24/17 " 20:04:54.883" 116657 0974 09c0 INFO LicenseControllerCOM CLicenseController::Start "LicenseController.cpp" 98 "CLicenseController::Start" 09/24/17 " 20:04:56.068" 117843 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartLicenseController "ServiceControllerImplementation.cpp" 1899 "License Controller Started" 09/24/17 " 20:04:56.427" 118201 0974 09c0 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Initialize "UpdateControllerImplHelper.cpp" 250 "COMPONENT PACKAGE VERSION: 1.0.188, DB PACKAGE VERSION: 1.0.2878" 09/24/17 " 20:04:56.677" 118451 0974 09c0 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 20:05:19.421" 141196 0974 09c0 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 20:05:19.421" 141196 0974 09c0 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 20:05:19.421" 141196 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartUpdateController "ServiceControllerImplementation.cpp" 1928 "Update Controller Started" 09/24/17 " 20:05:19.421" 141196 0974 09c0 INFO CloudController CCloudController::Start "CloudController.cpp" 101 "CCloudController::Initialize" 09/24/17 " 20:05:19.749" 141524 0974 09c0 INFO CloudCtrlImpl Initialize "CloudControllerImpl.cpp" 58 "CC Initialize called" 09/24/17 " 20:05:20.888" 142662 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartCloudController "ServiceControllerImplementation.cpp" 1958 "Cloud Controller Started" 09/24/17 " 20:05:20.903" 142678 0974 09c0 INFO TelemController CTelemetryController::Start_impl "TelemetryController.cpp" 116 "::Initialize" 09/24/17 " 20:05:24.647" 146422 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartTelemetryController "ServiceControllerImplementation.cpp" 2017 "Telemetry Controller Started" 09/24/17 " 20:05:24.663" 146438 0974 09c0 INFO CleanController CCleanController::Start "CleanController.cpp" 150 "Initializing CleanController" 09/24/17 " 20:05:24.928" 146703 0974 09c0 INFO CleanControllerImpl CleanControllerImpl::Start "CleanControllerImpl.cpp" 86 "Starting Clean Controller Impl" 09/24/17 " 20:05:24.975" 146750 0974 0300 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 800 "Initializing system paths and resolving DOR status" 09/24/17 " 20:05:25.131" 146906 0974 09c0 INFO CleanController CCleanController::Start::::operator () "CleanController.cpp" 151 "CleanController initialization complete" 09/24/17 " 20:05:25.131" 146906 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartCleanController "ServiceControllerImplementation.cpp" 2078 "Clean Controller Started" 09/24/17 " 20:05:28.204" 149979 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartScanController "ServiceControllerImplementation.cpp" 2107 "Scan Controller Started" 09/24/17 " 20:05:28.516" 150291 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartRtpController "ServiceControllerImplementation.cpp" 2136 "RTP Controller Started" 09/24/17 " 20:05:28.516" 150291 0974 09c0 INFO MWACControllerCOM CMWACController::StartV2 "MWACController.cpp" 231 "Initializing MWAC Controller" 09/24/17 " 20:05:28.891" 150665 0974 09c0 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::IsLicenseStateValid "MWACControllerImplHelper.cpp" 487 "license state is: Trial" 09/24/17 " 20:05:28.891" 150665 0974 09c0 INFO MWACControllerCOM CMWACController::StartV2::::operator () "MWACController.cpp" 232 "MWAC Controller initialization complete" 09/24/17 " 20:05:28.891" 150665 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartMWACController "ServiceControllerImplementation.cpp" 2166 "MWAC Controller Started" 09/24/17 " 20:05:29.156" 150930 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartArwController "ServiceControllerImplementation.cpp" 2198 "ARW Controller Started" 09/24/17 " 20:05:29.733" 151508 0974 0b88 INFO RtpShim RtpShimImpl::Install "RtpShimImpl.cpp" 139 "rtp.dll was successfully loaded. rtpPath=." 09/24/17 " 20:05:29.967" 151742 0974 07e4 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwRulesHandler::LoadConfig "RulesHandler.cpp" 39 "Config file not found C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\ArwRulesConfig.json. Using default values." 09/24/17 " 20:05:30.061" 151835 0974 0b88 INFO RtpSDK RtpUserImpl::Install "RtpUserImpl.cpp" 44 "MBAMProtector service is already installed. Remove it!" 09/24/17 " 20:05:31.543" 153317 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartAEController "ServiceControllerImplementation.cpp" 2227 "Anti-Exploit Controller Started" 09/24/17 " 20:05:31.543" 153317 0974 0510 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::LoadAeSdk "AEControllerImplHelper.cpp" 270 "Load and initialize the MbaeSdk" 09/24/17 " 20:05:32.198" 153972 0974 0510 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 205 "mbae-api-na.dll was successfully loaded. aePath=." 09/24/17 " 20:05:32.806" 154581 0974 0300 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 821 "Processing pending actions" 09/24/17 " 20:05:33.040" 154815 0974 0510 INFO AeShimImpl AeShimImpl::InitializeInternal "AeShimImpl.cpp" 220 "Successfully Initialized MBAE" 09/24/17 " 20:05:33.040" 154815 0974 0510 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::InitializeV2::::operator () "AEControllerImplHelper.cpp" 236 "Start with Anti-Exploit enabled." 09/24/17 " 20:05:33.040" 154815 0974 0510 INFO AeShimImpl AeShimImpl::MbaeSetConfig "AeShimImpl.cpp" 249 "Successfully configured MBAE." 09/24/17 " 20:05:33.040" 154815 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 119 "Verify Driver." 09/24/17 " 20:05:33.103" 154877 0974 09c0 INFO SPSDK VerifyDriver "SelfProtectionUser.cpp" 211 "Verifying SelfProtection driver." 09/24/17 " 20:05:33.103" 154877 0974 09c0 INFO CHAMCTRL CControlWatchdogDriver::VerifyDriver "ControlWatchdogDriver.cpp" 871 "Verifying Self Protection driver" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeSetExclusions "AeShimImpl.cpp" 337 "Successfully set exclusion list" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winrar.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzip.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7z.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zFM.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zG.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (S7Z.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (7zextractor.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip32.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Winzip64.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wzdisktools.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winzipss.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cmd.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mshta.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winhlp32.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wscript.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (quicktimeplayer.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winamp.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (vlc.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mplayer2.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (wmplayer.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (powerpnt.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excel.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (excelc.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winword.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (winwordc.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mspub.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (soffice.bin)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxitreader.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (foxit reader.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (Foxit PhantomPDF.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FoxitPhantomPDF.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrord32.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (acrobat.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (java.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaw.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (javaws.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (dragon.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (waterfox.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tor.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (tbb-firefox.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (palemoon.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (cyberfox.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (icedragon.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (seamonkey.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (maxthon.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mxapploader.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_plugin_wrapper.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (opera_wrapper_32.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (iexplore.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdge.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (MicrosoftEdgeCP.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (chrome.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (old_chrome.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (firefox.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (plugin-container.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (FlashPlayerPlugin*.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (helpctr.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (fltldr.exe)" 09/24/17 " 20:05:33.118" 154893 0974 0510 INFO AeShimImpl AeShimImpl::MbaeAddProtectedApp "AeShimImpl.cpp" 286 "Successfully added protected app (mbae-test.exe)" 09/24/17 " 20:05:33.274" 155049 0974 09c0 INFO CHAMCTRL CControlWatchdogDriver::VerifyDriver "ControlWatchdogDriver.cpp" 1005 "SelfProtection driver is up to date!" 09/24/17 " 20:05:33.274" 155049 0974 09c0 INFO SPSDK VerifyDriver "SelfProtectionUser.cpp" 214 "SelfProtection driver was successfully Verified." 09/24/17 " 20:05:33.274" 155049 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitializeImpl "SPControllerImplHelper.cpp" 121 "Start SP protection." 09/24/17 " 20:05:33.274" 155049 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::StartProtection "SPControllerImplHelper.cpp" 879 "Enter StartProtection for SP controller." 09/24/17 " 20:05:33.727" 155501 0974 0300 INFO Actions ActionsManager::ProcessPendingActionsAfterReboot "ActionsManager.cpp" 962 "Executing pending post cleanup actions" 09/24/17 " 20:05:33.727" 155501 0974 0300 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 925 "Initializing CLS Engine" 09/24/17 " 20:05:33.742" 155517 0974 0300 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 960 "Initializing swiss army SDK" 09/24/17 " 20:07:15.751" 257526 0974 0300 INFO CleanControllerImpl CleanDBParser::Parse "CleanDBParser.cpp" 18 "Parsing C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb" 09/24/17 " 20:07:15.751" 257526 0974 0300 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 91 records." 09/24/17 " 20:07:15.751" 257526 0974 0300 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 988 "Loading Hubble cache" 09/24/17 " 20:07:16.078" 257854 0974 0b88 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "MBAMShimImpl.cpp" 62 "MBAMCore was successfully loaded. CoreFilePath=." 09/24/17 " 20:07:16.999" 258774 0974 0510 INFO AeShimImpl AeShimImpl::MbaeStart "AeShimImpl.cpp" 358 "MBAE started." 09/24/17 " 20:07:16.999" 258774 0974 0510 INFO AEControllerImpl mb::aecontrollerimpl::AEControllerImplHelper::StartProtectionImpl "AEControllerImplHelper.cpp" 527 "Protection Started" 09/24/17 " 20:07:17.654" 259429 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\assistant.exe for GPEdit Ifeo Attacks." 09/24/17 " 20:07:18.247" 260022 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\malwarebytes_assistant.exe for GPEdit Ifeo Attacks." 09/24/17 " 20:07:19.042" 260818 0974 0b34 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse "GalaxyRuleParser.cpp" 2973 "Successfully parsed 719204 records." 09/24/17 " 20:07:20.251" 262019 0974 0b88 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "MBAMCoreImpl.cpp" 123 "MBAMCore was successfully initialized. CoreFolderPath=. DefsFolderPath=." 09/24/17 " 20:07:23.725" 265498 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbam.exe for GPEdit Ifeo Attacks." 09/24/17 " 20:07:24.202" 265981 0974 0b88 INFO RtpSDK RtpUserImpl::Start "RtpUserImpl.cpp" 230 "Rtp driver started." 09/24/17 " 20:07:24.202" 265981 0974 0b88 INFO RtpShim RtpShimImpl::Start "RtpShimImpl.cpp" 230 "Rtp successfully started." 09/24/17 " 20:07:24.285" 266059 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MbamPt.exe for GPEdit Ifeo Attacks." 09/24/17 " 20:07:24.306" 266075 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMService.exe for GPEdit Ifeo Attacks." 09/24/17 " 20:07:25.657" 267432 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe for GPEdit Ifeo Attacks." 09/24/17 " 20:07:26.062" 267838 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamwow.exe for GPEdit Ifeo Attacks." 09/24/17 " 20:07:26.421" 268196 0974 0b34 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMwacSdk "MWACControllerImplHelper.cpp" 780 "Initialization succeeded" 09/24/17 " 20:07:29.401" 271176 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::InitGpIfeoProtection "SPControllerImplHelper.cpp" 303 "Protecting C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMWsc.exe for GPEdit Ifeo Attacks." 09/24/17 " 20:07:29.416" 271192 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MALWAREBYTES ANTI-MALWARE\." 09/24/17 " 20:07:29.416" 271192 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/24/17 " 20:07:29.416" 271192 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/24/17 " 20:07:29.416" 271192 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/24/17 " 20:07:29.416" 271192 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/24/17 " 20:07:29.432" 271207 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MALWAREBYTES ANTI-MALWARE\." 09/24/17 " 20:07:29.432" 271207 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/24/17 " 20:07:29.432" 271207 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264\." 09/24/17 " 20:07:29.432" 271207 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/24/17 " 20:07:29.432" 271207 0974 09c0 INFO SPControllerImpl mb::spcontrollerimpl::SPControllerImpl::SetRules "SPControllerImplHelper.cpp" 193 "Add/Remove a user key rule to the self protection driver - \SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84\." 09/24/17 " 20:07:29.432" 271207 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 1987 "Self-Protection Controller Started" 09/24/17 " 20:07:29.432" 271207 0974 09c0 INFO ServiceControllerImpl ServiceControllerImplementation::StartSpController "ServiceControllerImplementation.cpp" 1989 "Start Service Controller complete" 09/24/17 " 20:08:04.828" 306604 0974 0300 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1015 "Starting white list manager" 09/24/17 " 20:08:04.828" 306604 0974 0300 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1027 "Starting restore engine" 09/24/17 " 20:08:04.828" 306604 0974 0300 INFO CleanControllerImpl CleanControllerImpl::ThreadLoop "CleanControllerImpl.cpp" 1042 "Entering into main loop" 09/24/17 " 20:08:04.828" 306604 0974 0f74 INFO ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 68 "Starting 'C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe' in session 0x1" 09/24/17 " 20:08:08.806" 310582 0974 0f74 ERROR ServiceControllerImpl ServiceControllerImplementation::StartApp "ServiceControllerImplementation.cpp" 150 "System error 5 calling CreateProcessAsUser" 09/24/17 " 20:08:08.806" 310582 0974 0f74 INFO ServiceControllerImpl ServiceControllerImplementation::StartAppIfNotRunning "ServiceControllerImplementation.cpp" 1720 "Did not start C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe - it is possible that no user is logged in." 09/24/17 " 20:08:26.996" 328772 0974 07e4 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartArwProtection "ArwControllerImplHelper.cpp" 737 "Anti-Ransomware protection has been started." 09/24/17 " 20:11:23.153" 504928 0974 0b88 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|D7A6092F0A2FECC08F19520A801084E821B4FCC4D588818A8D232AE9257E7EC0' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 20:11:23.153" 504928 0974 0b88 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe' in Hubble's cache, value = WhiteListed" 09/24/17 " 20:11:23.153" 504928 0974 0b88 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe' (shuriken) => Hubble:WhiteListed" 09/24/17 " 20:11:42.656" 524428 0974 0b88 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache "HubbleCache.cpp" 228 "Found hash 'shuriken|F2164C69C089E5F9A32207E6B36808861692FA923318BFF23447A34B2157CDEA' in Hubble cache, white list status = 'WhiteListed'" 09/24/17 " 20:11:42.656" 524428 0974 0b88 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus "HubbleWhiteLister.cpp" 189 "Found hash of file 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe' in Hubble's cache, value = WhiteListed" 09/24/17 " 20:11:42.656" 524428 0974 0b88 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe' (shuriken) => Hubble:WhiteListed" 09/24/17 " 20:12:10.144" 551915 0974 0438 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus "WhiteListManager.cpp" 248 "White list status (not cached): File 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe' (shuriken) => Hubble:WhiteListed" 09/24/17 " 20:12:56.429" 598201 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3784 "Signature successfully validated" 09/24/17 " 20:12:56.741" 598513 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest "UpdateControllerImplHelper.cpp" 3788 "DB manifest successfully validated" 09/24/17 " 20:12:56.741" 598513 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest "UpdateControllerImplHelper.cpp" 4018 "Validated DB manifest - success" 09/24/17 " 20:12:56.741" 598513 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 521 "DoUpdate - Starting check for updates (automatic)" 09/24/17 " 20:12:56.741" 598513 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 523 "Checking for: Installer=[Yes], SDK/Ctlr=[Yes], DB/CLS=[Yes]" 09/24/17 " 20:12:58.270" 600042 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1090 "Installer package --> [mbam-c.installer.consumer], current version: [3.2.2]" 09/24/17 " 20:12:58.270" 600042 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1117 "SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.188]" 09/24/17 " 20:12:58.270" 600042 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions "UpdateControllerImplHelper.cpp" 1156 "DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.2878]" 09/24/17 " 20:12:58.566" 600338 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 553 "Checked for updates - no updates available" 09/24/17 " 20:12:58.566" 600338 0974 0bdc INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate "UpdateControllerImplHelper.cpp" 562 "Update check is complete."