1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Terrible worm infecting alot of computers

Discussion in 'Malware and Virus Removal Archive' started by Jeremie, 2013/06/28.

Page 3 of 4
  1. 2013/08/03
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Topic reopened.

    Please re-read my rules (post #3).
    One of them says:
     
    broni,
    #41
  2. 2013/08/04
    Jeremie

    Jeremie Inactive Thread Starter

    Joined:
    2011/01/06
    Messages:
    117
    Likes Received:
    0
    Thanks.

    I don't have Norton I have symantec so the program provided didn't work. From What I understand I need cleanwipe to uninstall it.

    MSE is no where to be found in program removal. disabled it on startup,but still get notifications to update. To make matters worse i keep getting messages that windows is not genuine.

    suggestions?..
     
    Jeremie,
    #42


  3. to hide this advert.

  4. 2013/08/04
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Symantec and Norton are the same things.
    Run uninstaller I provided link for and then install fresh copy of Symantec.

    As for MSE....

    Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
    No installation required.
    Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
    Go File>Save, and save it as AutoRuns.txt file to know location.
    You must select Text from drop-down menu as a file type:

    [​IMG]

    Attach the file to your next reply.
     
    broni,
    #43
  5. 2013/08/07
    Jeremie

    Jeremie Inactive Thread Starter

    Joined:
    2011/01/06
    Messages:
    117
    Likes Received:
    0
    The program provide cant run because it says I have Symantec Antivirus 9 or later installed. The files need to be removed through add/remove. (which does not work) I have SEP in installed.

    text log below.

    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run " " " " " " " "7/8/2013 10:22 PM "
    + "Acrobat Assistant 8.0 " "AcroTray " "Adobe Systems Inc. " "c:\program files\adobe\acrobat 9.0\acrobat\acrotray.exe " "5/8/2013 6:13 AM "
    + "Adobe Acrobat Speed Launcher " "Adobe Acrobat SpeedLauncher " "Adobe Systems Incorporated " "c:\program files\adobe\acrobat 9.0\acrobat\acrobat_sl.exe " "5/8/2013 5:14 PM "
    + "Adobe ARM " "Adobe Reader and Acrobat Manager " "Adobe Systems Incorporated " "c:\program files\common files\adobe\arm\1.0\adobearm.exe " "4/4/2013 5:05 PM "
    + "AdobeCS4ServiceManager " "Adobe CS4 Service Manager " "Adobe Systems Incorporated " "c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe " "8/14/2008 10:28 AM "
    + "APSDaemon " "Apple Push " "Apple Inc. " "c:\program files\common files\apple\apple application support\apsdaemon.exe " "4/16/2013 11:13 PM "
    + "HotKeysCmds " "hkcmd Module " "Intel Corporation " "c:\windows\system32\hkcmd.exe " "2/11/2011 2:41 PM "
    + "IAAnotif " "Event Monitor User Notification Tool " "Intel Corporation " "c:\program files\intel\intel matrix storage manager\iaanotif.exe " "6/4/2009 10:03 PM "
    + "IgfxTray " "igfxTray Module " "Intel Corporation " "c:\windows\system32\igfxtray.exe " "2/11/2011 2:41 PM "
    + "iTunesHelper " "iTunesHelper " "Apple Inc. " "c:\program files\itunes\ituneshelper.exe " "5/31/2013 2:27 PM "
    + "LogMeIn GUI " "LogMeIn Desktop Application " "LogMeIn, Inc. " "c:\program files\logmein\x86\logmeinsystray.exe " "4/12/2007 1:44 PM "
    + "PDVDDXSrv " "CyberLink PowerDVD Resident Program " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe " "6/24/2009 8:12 AM "
    + "Persistence " "persistence Module " "Intel Corporation " "c:\windows\system32\igfxpers.exe " "2/11/2011 2:41 PM "
    + "QuickTime Task " "QuickTime Task " "Apple Inc. " "c:\program files\quicktime\qttask.exe " "11/29/2010 9:20 PM "
    + "RtHDVCpl " "HD Audio Control Panel " "Realtek Semiconductor " "c:\program files\realtek\audio\hda\rthdvcpl.exe " "5/17/2009 11:09 PM "
    + "SunJavaUpdateSched " "Java(TM) Update Scheduler " "Oracle Corporation " "c:\program files\common files\java\java update\jusched.exe " "3/12/2013 11:32 AM "
    "C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup " " " " " " " "7/23/2013 1:20 PM "
    + "OpenOffice.org 3.3.lnk " " " " " "c:\program files\openoffice.org 3\program\quickstart.exe " "12/13/2010 6:12 AM "
    "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components " " " " " " " "11/16/2009 12:35 AM "
    + "Google Chrome " "Google Chrome " "Google Inc. " "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe " "7/24/2013 7:00 PM "
    + "Microsoft Windows " "Windows Mail " "Microsoft Corporation " "c:\program files\windows mail\winmail.exe " "7/13/2009 7:42 PM "
    "HKCU\Software\Microsoft\Windows\CurrentVersion\Run " " " " " " " "8/4/2013 7:44 PM "
    + "swg " "GoogleToolbarNotifier " "Google Inc. " "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe " "5/12/2008 2:14 PM "
    "HKLM\SOFTWARE\Classes\Protocols\Filter " " " " " " " "7/14/2009 12:41 AM "
    + "text/xml " "Microsoft Office XML MIME Filter " "Microsoft Corporation " "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll " "2/26/2009 12:00 PM "
    "HKLM\SOFTWARE\Classes\Protocols\Handler " " " " " " " "7/14/2009 12:41 AM "
    + "livecall " "Windows Live Messenger Protocol Handler Module " "Microsoft Corporation " "c:\program files\windows live\messenger\msgrapp.dll " "11/10/2010 6:19 AM "
    + "ms-help " "Microsoft® Help Data Services Module " "Microsoft Corporation " "c:\program files\common files\microsoft shared\help\hxds.dll " "8/19/2006 4:23 AM "
    + "msnim " "Windows Live Messenger Protocol Handler Module " "Microsoft Corporation " "c:\program files\windows live\messenger\msgrapp.dll " "11/10/2010 6:19 AM "
    + "wlmailhtml " "Windows Live Mail " "Microsoft Corporation " "c:\program files\windows live\mail\mailcomm.dll " "11/10/2010 6:56 AM "
    + "wlpg " "Windows Live Album Download Protocol Handler " "Microsoft Corporation " "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll " "11/10/2010 6:21 AM "
    "HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers " " " " " " " "7/14/2009 12:41 AM "
    + "Adobe.Acrobat.ContextMenu " "Adobe Acrobat Context Menu " "Adobe Systems Inc. " "c:\program files\adobe\acrobat 9.0\acrobat elements\contextmenu.dll " "5/8/2013 7:08 AM "
    + "EPP " "Microsoft Security Client Shell Extension " "Microsoft Corporation " "c:\program files\microsoft security client\shellext.dll " "1/25/2013 12:26 AM "
    + "LDVPMenu " "Symantec Endpoint Protection " "Symantec Corporation " "c:\program files\symantec\symantec endpoint protection\12.1.671.4971.105\bin\vpshell2.dll " "6/17/2011 7:05 PM "
    + "PhotoStreamsExt " "ShellStreams.dll " "Apple Inc. " "c:\program files\common files\apple\internet services\shellstreams.dll " "3/20/2013 3:17 PM "
    + "WinRAR " " " " " "c:\program files\winrar\rarext.dll " "3/15/2010 2:28 AM "
    "HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers " " " " " " " "4/15/2010 4:54 PM "
    + "Adobe Drive CS4 " "Adobe Drive Menu " "Adobe Systems Incorporated " "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll " "8/14/2008 10:32 AM "
    + "EPP " "Microsoft Security Client Shell Extension " "Microsoft Corporation " "c:\program files\microsoft security client\shellext.dll " "1/25/2013 12:26 AM "
    + "LDVPMenu " "Symantec Endpoint Protection " "Symantec Corporation " "c:\program files\symantec\symantec endpoint protection\12.1.671.4971.105\bin\vpshell2.dll " "6/17/2011 7:05 PM "
    "HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers " " " " " " " "7/14/2009 12:41 AM "
    + "Adobe Drive CS4 " "Adobe Drive Menu " "Adobe Systems Incorporated " "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll " "8/14/2008 10:32 AM "
    "HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers " " " " " " " "4/15/2010 4:54 PM "
    + "EPP " "Microsoft Security Client Shell Extension " "Microsoft Corporation " "c:\program files\microsoft security client\shellext.dll " "1/25/2013 12:26 AM "
    + "WinRAR " " " " " "c:\program files\winrar\rarext.dll " "3/15/2010 2:28 AM "
    "HKLM\Software\Classes\Directory\Shellex\DragDropHandlers " " " " " " " "4/15/2010 4:54 PM "
    + "WinRAR " " " " " "c:\program files\winrar\rarext.dll " "3/15/2010 2:28 AM "
    "HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers " " " " " " " "7/14/2009 12:41 AM "
    + "Adobe Drive CS4 " "Adobe Drive Menu " "Adobe Systems Incorporated " "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll " "8/14/2008 10:32 AM "
    + "Gadgets " "Sidebar droptarget " "Microsoft Corporation " "c:\program files\windows sidebar\sbdrop.dll " "7/13/2009 9:09 PM "
    + "igfxcui " "igfxpph Module " "Intel Corporation " "c:\windows\system32\igfxpph.dll " "2/11/2011 2:41 PM "
    "HKLM\Software\Classes\Folder\Shellex\ColumnHandlers " " " " " " " "8/10/2011 9:24 PM "
    + "PDF Shell Extension " "PDF Shell Extension " "Adobe Systems, Inc. " "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll " "5/10/2013 2:33 AM "
    + "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} " " " "OpenOffice.org " "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll " "1/17/2011 11:19 AM "
    "HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers " " " " " " " "8/10/2011 9:24 PM "
    + "Adobe.Acrobat.ContextMenu " "Adobe Acrobat Context Menu " "Adobe Systems Inc. " "c:\program files\adobe\acrobat 9.0\acrobat elements\contextmenu.dll " "5/8/2013 7:08 AM "
    + "LDVPMenu " "Symantec Endpoint Protection " "Symantec Corporation " "c:\program files\symantec\symantec endpoint protection\12.1.671.4971.105\bin\vpshell2.dll " "6/17/2011 7:05 PM "
    + "WinRAR " " " " " "c:\program files\winrar\rarext.dll " "3/15/2010 2:28 AM "
    "HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers " " " " " " " "8/10/2011 9:24 PM "
    + "WinRAR " " " " " "c:\program files\winrar\rarext.dll " "3/15/2010 2:28 AM "
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects " " " " " " " "7/19/2013 8:59 AM "
    + "Adobe PDF Conversion Toolbar Helper " "Adobe PDF Toolbar for Internet Explorer " "Adobe Systems Incorporated " "c:\program files\common files\adobe\acrobat\activex\acroiefavclient.dll " "5/8/2013 6:09 AM "
    + "Adobe PDF Link Helper " "Adobe PDF Helper for Internet Explorer " "Adobe Systems Incorporated " "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll " "5/10/2013 2:03 AM "
    + "Bing Bar Helper " "Bing Client Extensions " "Microsoft Corporation. " "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll " "6/11/2012 7:21 PM "
    + "Google Toolbar Helper " "Google Toolbar " "Google Inc. " "c:\program files\google\google toolbar\googletoolbar_32.dll " "6/9/2013 8:25 PM "
    + "Java(tm) Plug-In 2 SSV Helper " "Java(TM) Platform SE binary " "Oracle Corporation " "c:\program files\java\jre7\bin\jp2ssv.dll " "6/21/2013 4:51 PM "
    + "Java(tm) Plug-In SSV Helper " "Java(TM) Platform SE binary " "Oracle Corporation " "c:\program files\java\jre7\bin\ssv.dll " "6/21/2013 4:50 PM "
    + "SmartSelect Class " "Adobe PDF Toolbar for Internet Explorer " "Adobe Systems Incorporated " "c:\program files\common files\adobe\acrobat\activex\acroiefavclient.dll " "5/8/2013 6:09 AM "
    + "Symantec Intrusion Prevention " "IPS Browser Helper DLL " "Symantec Corporation " "c:\program files\symantec\symantec endpoint protection\12.1.671.4971.105\bin\ips\ipsbho.dll " "5/11/2011 11:57 PM "
    + "Windows Live ID Sign-in Helper " "Microsoft® Windows Live ID Login Helper " "Microsoft Corp. " "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll " "9/21/2010 5:01 PM "
    "HKLM\Software\Microsoft\Internet Explorer\Toolbar " " " " " " " "7/24/2013 8:30 AM "
    + "Adobe PDF " "Adobe PDF Toolbar for Internet Explorer " "Adobe Systems Incorporated " "c:\program files\common files\adobe\acrobat\activex\acroiefavclient.dll " "5/8/2013 6:09 AM "
    + "Bing " "Bing Client Extensions " "Microsoft Corporation. " "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll " "6/11/2012 7:21 PM "
    + "Google Toolbar " "Google Toolbar " "Google Inc. " "c:\program files\google\google toolbar\googletoolbar_32.dll " "6/9/2013 8:25 PM "
    "HKLM\Software\Microsoft\Internet Explorer\Extensions " " " " " " " "7/24/2013 8:30 AM "
    + "&Blog This in Windows Live Writer " "Windows Live Writer Blog This Extension " "Microsoft Corporation " "c:\program files\windows live\writer\writerbrowserextension.dll " "11/10/2010 6:03 AM "
    "Task Scheduler " " " " " " " " "
    + "\Apple\AppleSoftwareUpdate " "Apple Software Update " "Apple Inc. " "c:\program files\apple software update\softwareupdate.exe " "6/1/2011 8:46 PM "
    + "\CCleanerSkipUAC " "CCleaner " "Piriform Ltd " "c:\program files\ccleaner\ccleaner.exe " "6/18/2013 3:20 PM "
    + "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan " "Microsoft Malware Protection Command Line Utility " "Microsoft Corporation " "c:\program files\microsoft security client\mpcmdrun.exe " "1/25/2013 12:25 AM "
    + "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task " "Windows Live Social Object Extractor Engine " "Microsoft Corporation " "c:\program files\windows live\soxe\wlsoxe.dll " "11/10/2010 6:02 AM "
    + "\Microsoft\Windows\NetTrace\GatherNetworkInfo " " " " " "c:\windows\system32\gathernetworkinfo.vbs " "6/10/2009 5:19 PM "
    + "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary " "Windows Media Player Network Sharing Service Configuration Application " "Microsoft Corporation " "c:\program files\windows media player\wmpnscfg.exe " "7/13/2009 8:09 PM "
    + "\Microsoft_Hardware_Launch_ipoint_exe " "IPoint.exe " "Microsoft Corporation " "c:\program files\microsoft mouse and keyboard center\ipoint.exe " "5/8/2013 8:07 AM "
    + "\Microsoft_Hardware_Launch_itype_exe " "IType.exe " "Microsoft Corporation " "c:\program files\microsoft mouse and keyboard center\itype.exe " "5/8/2013 8:07 AM "
    + "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe " "Microsoft Mouse and Keyboard Center " "Microsoft " "c:\program files\microsoft mouse and keyboard center\mousekeyboardcenter.exe " "5/8/2013 8:05 AM "
    + "\Microsoft_MKC_Logon_Task_ipoint.exe " "IPoint.exe " "Microsoft Corporation " "c:\program files\microsoft mouse and keyboard center\ipoint.exe " "5/8/2013 8:07 AM "
    + "\Microsoft_MKC_Logon_Task_itype.exe " "IType.exe " "Microsoft Corporation " "c:\program files\microsoft mouse and keyboard center\itype.exe " "5/8/2013 8:07 AM "
    + "\Start PM UA Monitoron on user logon " "PM.Deployment.EsdServiceMonitor " "Practice Manager Group, LLC " "c:\program files\common files\pmgsoftware\esd\pm.deployment.esdservicemonitor.exe " "11/23/2007 6:47 AM "
    "HKLM\System\CurrentControlSet\Services " " " " " " " "7/16/2013 7:35 PM "
    + "AdobeARMservice " "Adobe Acrobat Updater keeps your Adobe software up to date. " "Adobe Systems Incorporated " "c:\program files\common files\adobe\arm\1.0\armsvc.exe " "4/4/2013 5:05 PM "
    + "AdobeFlashPlayerUpdateSvc " "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes. " "Adobe Systems Incorporated " "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe " "6/21/2013 6:51 PM "
    + "AERTFilters " "Andrea filters APO access service (32-bit) " "Andrea Electronics Corporation " "c:\program files\realtek\audio\hda\aertsrv.exe " "3/31/2009 4:01 PM "
    + "Apple Mobile Device " "Provides the interface to Apple mobile devices. " "Apple Inc. " "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe " "5/17/2012 11:06 PM "
    + "BBSvc " "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar. " "Microsoft Corporation. " "c:\program files\microsoft\bingbar\7.1.391.0\bbsvc.exe " "6/11/2012 7:21 PM "
    + "BBUpdate " "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar. " "Microsoft Corporation. " "c:\program files\microsoft\bingbar\7.1.391.0\seaport.exe " "6/11/2012 7:21 PM "
    + "Bonjour Service " "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence. " "Apple Inc. " "c:\program files\bonjour\mdnsresponder.exe " "8/31/2011 1:40 AM "
    + "FLEXnet Licensing Service " "This service performs licensing functions on behalf of FLEXnet enabled products. " "Acresso Software Inc. " "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe " "5/6/2008 11:26 AM "
    + "gupdate " "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it. " "Google Inc. " "c:\program files\google\update\googleupdate.exe " "3/9/2010 2:10 AM "
    + "gupdatem " "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it. " "Google Inc. " "c:\program files\google\update\googleupdate.exe " "3/9/2010 2:10 AM "
    + "gusvc " "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. " "Google " "c:\program files\google\common\google updater\googleupdaterservice.exe " "3/2/2012 5:13 PM "
    + "IAANTMON " "RAID Monitor " "Intel Corporation " "c:\program files\intel\intel matrix storage manager\iaantmon.exe " "6/4/2009 10:02 PM "
    + "iPod Service " "iPod hardware management services " "Apple Inc. " "c:\program files\ipod\bin\ipodservice.exe " "5/31/2013 2:27 PM "
    + "LMIGuardianSvc " "Support LogMeIn processes with quality assurance feedback " "LogMeIn, Inc. " "c:\program files\logmein\x86\lmiguardiansvc.exe " "11/30/2012 4:13 AM "
    + "LMIMaint " "LogMeIn Maintenance Service " "LogMeIn, Inc. " "c:\program files\logmein\x86\ramaint.exe " "6/7/2013 5:20 PM "
    + "LogMeIn " "LogMeIn " "LogMeIn, Inc. " "c:\program files\logmein\x86\logmein.exe " "11/8/2010 6:57 AM "
    + "MsMpSvc " "Helps protect users from malware and other potentially unwanted software " "Microsoft Corporation " "c:\program files\microsoft security client\msmpeng.exe " "1/25/2013 12:25 AM "
    + "Net Driver HPZ12 " "Dot4Net Module " "Hewlett-Packard " "c:\windows\system32\hpzinw12.dll " "2/8/2012 9:23 AM "
    + "NisSrv " "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols " "Microsoft Corporation " "c:\program files\microsoft security client\nissrv.exe " "1/25/2013 12:25 AM "
    + "NitroReaderDriverReadSpool " "Nitro PDF Reader Driver Read Spool " "Nitro PDF Software " "c:\program files\nitro pdf\reader\nitropdfreaderdriverservice.exe " "5/24/2010 4:51 AM "
    + "odserv " "Run portions of Microsoft Office Diagnostics. " "Microsoft Corporation " "c:\program files\common files\microsoft shared\office12\odserv.exe " "7/20/2011 1:12 AM "
    + "ose " "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports. " "Microsoft Corporation " "c:\program files\common files\microsoft shared\source engine\ose.exe " "10/26/2006 5:00 PM "
    + "Pml Driver HPZ12 " "PmlDrv Module " "Hewlett-Packard " "c:\windows\system32\hpzipm12.dll " "2/8/2012 9:23 AM "
    + "SmcService " "Provides communication with the Symantec Endpoint Protection Manager. It also provides network threat protection and application and device control for the client. " "Symantec Corporation " "c:\program files\symantec\symantec endpoint protection\12.1.671.4971.105\bin\smc.exe " "6/17/2011 6:58 PM "
    + "SNAC " "Checks that the computer complies with the defined security policy and communicates with the Symantec Enforcers to allow your computer to access the corporate network. " "Symantec Corporation " "c:\program files\symantec\symantec endpoint protection\12.1.671.4971.105\bin\snac.exe " "6/17/2011 6:49 PM "
    + "Update Agent " "Installs and upgrades Practice Manager software. " "Practice Manager Group, LLC " "c:\program files\common files\pmgsoftware\esd\pm.deployment.esdservice.exe " "11/23/2007 6:47 AM "
    + "wlidsvc " "Enables Windows Live ID authentication. " "Microsoft Corp. " "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe " "9/21/2010 5:00 PM "
    + "WMPNetworkSvc " "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play " "Microsoft Corporation " "c:\program files\windows media player\wmpnetwk.exe " "11/20/2010 6:36 AM "
    "HKLM\System\CurrentControlSet\Services " " " " " " " "7/16/2013 7:35 PM "
    + "adfs " "Adobe Drive File System Driver " "Adobe Systems, Inc. " "c:\windows\system32\drivers\adfs.sys " "8/14/2008 10:57 AM "
    + "adp94xx " "Adaptec Windows SAS/SATA Storport Driver " "Adaptec, Inc. " "c:\windows\system32\drivers\adp94xx.sys " "12/5/2008 7:59 PM "
    + "adpahci " "Adaptec Windows SATA Storport Driver " "Adaptec, Inc. " "c:\windows\system32\drivers\adpahci.sys " "5/1/2007 1:29 PM "
    + "adpu320 " "Adaptec StorPort Ultra320 SCSI Driver " "Adaptec, Inc. " "c:\windows\system32\drivers\adpu320.sys " "2/27/2007 8:03 PM "
    + "aic78xx " "Adaptec Ultra SCSI miniport " "Adaptec, Inc. " "c:\windows\system32\drivers\djsvs.sys " "4/11/2006 8:20 PM "
    + "aliide " "ALi mini IDE Driver " "Acer Laboratories Inc. " "c:\windows\system32\drivers\aliide.sys " "7/13/2009 7:11 PM "
    + "amdsata " "AHCI 1.2 Device Driver " "Advanced Micro Devices " "c:\windows\system32\drivers\amdsata.sys " "3/18/2010 9:08 PM "
    + "amdsbs " "AMD Technology AHCI Compatible Controller Driver for Windows family " "AMD Technologies Inc. " "c:\windows\system32\drivers\amdsbs.sys " "3/20/2009 2:35 PM "
    + "amdxata " "Storage Filter Driver " "Advanced Micro Devices " "c:\windows\system32\drivers\amdxata.sys " "3/19/2010 12:19 PM "
    + "arc " "Adaptec RAID Storport Driver " "Adaptec, Inc. " "c:\windows\system32\drivers\arc.sys " "5/24/2007 5:31 PM "
    + "arcsas " "Adaptec SAS RAID WS03 Driver " "Adaptec, Inc. " "c:\windows\system32\drivers\arcsas.sys " "1/14/2009 3:26 PM "
    + "b06bdrv " "Broadcom NetXtreme II GigE VBD " "Broadcom Corporation " "c:\windows\system32\drivers\bxvbdx.sys " "2/13/2009 6:10 PM "
    + "b57nd60x " "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver. " "Broadcom Corporation " "c:\windows\system32\drivers\b57nd60x.sys " "4/26/2009 7:15 AM "
    + "BHDrvx86 " "SONAR Engine Driver " "Symantec Corporation " "c:\programdata\symantec\symantec endpoint protection\12.1.671.4971.105\data\definitions\bashdefs\20130716.011\bhdrvx86.sys " "5/20/2013 3:17 PM "
    + "BrFiltLo " "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver " "Brother Industries, Ltd. " "c:\windows\system32\drivers\brfiltlo.sys " "8/6/2006 5:33 PM "
    + "BrFiltUp " "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver " "Brother Industries, Ltd. " "c:\windows\system32\drivers\brfiltup.sys " "8/6/2006 5:33 PM "
    + "BrSerIb " "Brother MFC Serial Interface Driver(WDM) " "Brother Industries Ltd. " "c:\windows\system32\drivers\brserib.sys " "11/2/2009 11:06 PM "
    + "Brserid " "Brotehr Serial I/F Driver (WDM) " "Brother Industries Ltd. " "c:\windows\system32\drivers\brserid.sys " "8/6/2006 5:33 PM "
    + "BrSerWdm " "Brother Serial driver (WDM version) " "Brother Industries Ltd. " "c:\windows\system32\drivers\brserwdm.sys " "8/6/2006 5:33 PM "
    + "BrUsbMdm " "Brother USB MDM Driver " "Brother Industries Ltd. " "c:\windows\system32\drivers\brusbmdm.sys " "8/6/2006 5:33 PM "
    + "BrUsbSer " "Brother USB Serial Driver " "Brother Industries Ltd. " "c:\windows\system32\drivers\brusbser.sys " "8/9/2006 8:02 AM "
    + "BrUsbSIb " "Brother MFC Serial USB Driver(WDM) " "Brother Industries Ltd. " "c:\windows\system32\drivers\brusbsib.sys " "11/2/2009 11:06 PM "
    + "cmdide " "CMD PCI IDE Bus Driver " "CMD Technology, Inc. " "c:\windows\system32\drivers\cmdide.sys " "7/13/2009 7:11 PM "
    + "ebdrv " "Broadcom NetXtreme II 10 GigE VBD " "Broadcom Corporation " "c:\windows\system32\drivers\evbdx.sys " "12/31/2008 12:06 PM "
    + "eeCtrl " "Symantec Eraser Control Driver " "Symantec Corporation " "c:\program files\common files\symantec shared\eengine\eectrl.sys " "7/31/2012 7:33 PM "
    + "elxstor " "Storport Miniport Driver for LightPulse HBAs " "Emulex " "c:\windows\system32\drivers\elxstor.sys " "2/3/2009 6:09 PM "
    + "EraserUtilRebootDrv " "Symantec Eraser Utility Driver " "Symantec Corporation " "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys " "7/31/2012 7:33 PM "
    + "GEARAspiWDM " "CD DVD Filter " "GEAR Software Inc. " "c:\windows\system32\drivers\gearaspiwdm.sys " "5/3/2012 3:55 PM "
    + "hcw85cir " "Hauppauge WinTV 885 Consumer IR Driver for eHome " "Hauppauge Computer Works, Inc. " "c:\windows\system32\drivers\hcw85cir.sys " "5/11/2009 3:22 AM "
    + "HpSAMD " "Smart Array SAS/SATA Controller Media Driver " "Hewlett-Packard Company " "c:\windows\system32\drivers\hpsamd.sys " "5/18/2009 7:42 PM "
    + "iaStor " "Intel Matrix Storage Manager driver - ia32 " "Intel Corporation " "c:\windows\system32\drivers\iastor.sys " "6/4/2009 9:42 PM "
    + "iaStorV " "Intel Matrix Storage Manager driver - ia32 " "Intel Corporation " "c:\windows\system32\drivers\iastorv.sys " "6/10/2010 8:45 PM "
    + "IDSVix86 " "Symantec Intrusion Prevention Driver " "Symantec Corporation " "c:\programdata\symantec\symantec endpoint protection\12.1.671.4971.105\data\definitions\ipsdefs\20130802.001\idsvix86.sys " "8/28/2012 10:48 PM "
    + "igfx " "Intel Graphics Kernel Mode Driver " "Intel Corporation " "c:\windows\system32\drivers\igdkmd32.sys " "2/11/2011 3:12 PM "
    + "iirsp " "Intel/ICP Raid Storport Driver " "Intel Corp./ICP vortex GmbH " "c:\windows\system32\drivers\iirsp.sys " "12/13/2005 5:48 PM "
    + "IntcAzAudAddService " "Realtek(r) High Definition Audio Function Driver " "Realtek Semiconductor Corp. " "c:\windows\system32\drivers\rtkvhda.sys " "5/22/2009 2:03 PM "
    + "JRAID " "JMicron JMB36X RAID Driver " "JMicron Technology Corp. " "c:\windows\system32\drivers\jraid.sys " "5/20/2009 11:18 PM "
    + "LMIInfo " "RemotelyAnywhere Kernel Information Provider " "LogMeIn, Inc. " "c:\program files\logmein\x86\rainfo.sys " "1/11/2013 5:20 AM "
    + "lmimirr " "LogMeIn Mirror Miniport Driver " "LogMeIn, Inc. " "c:\windows\system32\drivers\lmimirr.sys " "4/10/2007 6:32 PM "
    + "LMIRfsDriver " "LogMeIn Rfs Drivemap Driver " "LogMeIn, Inc. " "c:\windows\system32\drivers\lmirfsdriver.sys " "7/14/2008 12:26 PM "
    + "LSI_FC " "LSI Fusion-MPT FC Driver (StorPort) " "LSI Corporation " "c:\windows\system32\drivers\lsi_fc.sys " "12/9/2008 6:28 PM "
    + "LSI_SAS " "LSI Fusion-MPT SAS Driver (StorPort) " "LSI Corporation " "c:\windows\system32\drivers\lsi_sas.sys " "5/18/2009 8:19 PM "
    + "LSI_SAS2 " "LSI SAS Gen2 Driver (StorPort) " "LSI Corporation " "c:\windows\system32\drivers\lsi_sas2.sys " "5/18/2009 8:31 PM "
    + "LSI_SCSI " "LSI Fusion-MPT SCSI Driver (StorPort) " "LSI Corporation " "c:\windows\system32\drivers\lsi_scsi.sys " "4/16/2009 6:14 PM "
    + "megasas " "MEGASAS RAID Controller Driver for Windows 7 for x86 " "LSI Corporation " "c:\windows\system32\drivers\megasas.sys " "5/18/2009 9:09 PM "
    + "MegaSR " "LSI MegaRAID Software RAID Driver " "LSI Corporation, Inc. " "c:\windows\system32\drivers\megasr.sys " "5/18/2009 9:25 PM "
    + "NAVENG " "AV Engine " "Symantec Corporation " "c:\programdata\symantec\symantec endpoint protection\12.1.671.4971.105\data\definitions\virusdefs\20130802.006\naveng.sys " "4/26/2013 1:27 AM "
    + "NAVEX15 " "AV Engine " "Symantec Corporation " "c:\programdata\symantec\symantec endpoint protection\12.1.671.4971.105\data\definitions\virusdefs\20130802.006\navex15.sys " "4/26/2013 1:25 AM "
    + "nfrd960 " "IBM ServeRAID Controller Driver " "IBM Corporation " "c:\windows\system32\drivers\nfrd960.sys " "6/6/2006 5:12 PM "
    + "nvraid " "NVIDIA® nForce(TM) RAID Driver " "NVIDIA Corporation " "c:\windows\system32\drivers\nvraid.sys " "3/19/2010 5:00 PM "
    + "nvstor " "NVIDIA® nForce(TM) Sata Performance Driver " "NVIDIA Corporation " "c:\windows\system32\drivers\nvstor.sys " "3/19/2010 4:51 PM "
    + "ql2300 " "QLogic Fibre Channel Stor Miniport Driver " "QLogic Corporation " "c:\windows\system32\drivers\ql2300.sys " "1/22/2009 7:28 PM "
    + "ql40xx " "QLogic iSCSI Storport Miniport Driver " "QLogic Corporation " "c:\windows\system32\drivers\ql40xx.sys " "5/18/2009 9:17 PM "
    + "RimUsb " "BlackBerry Device Driver " "Research In Motion Limited " "c:\windows\system32\drivers\rimusb.sys " "5/14/2007 12:17 PM "
    + "RTL8167 " "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver " "Realtek " "c:\windows\system32\drivers\rt86win7.sys " "6/10/2011 2:31 AM "
    + "secdrv " "Macrovision SECURITY Driver " "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. " "c:\windows\system32\drivers\secdrv.sys " "9/13/2006 9:18 AM "
    + "SiSRaid2 " "SiS RAID Stor Miniport Driver " "Silicon Integrated Systems Corp. " "c:\windows\system32\drivers\sisraid2.sys " "9/24/2008 2:19 PM "
    + "SiSRaid4 " "SiS AHCI Stor-Miniport Driver " "Silicon Integrated Systems " "c:\windows\system32\drivers\sisraid4.sys " "10/1/2008 5:52 PM "
    + "SRTSP " "Symantec AutoProtect " "Symantec Corporation " "c:\windows\system32\drivers\sep\0c01029f\136b.105\x86\srtsp.sys " "5/27/2011 6:30 PM "
    + "SRTSPX " "Symantec AutoProtect " "Symantec Corporation " "c:\windows\system32\drivers\sep\0c01029f\136b.105\x86\srtspx.sys " "5/27/2011 6:31 PM "
    + "sscdbus " "SAMSUNG USB Composite Device Driver " "MCCI " "c:\windows\system32\drivers\sscdbus.sys " "8/16/2005 7:44 PM "
    + "sscdmdfl " "SAMSUNG CDMA Modem Filter " "MCCI " "c:\windows\system32\drivers\sscdmdfl.sys " "8/16/2005 7:46 PM "
    + "sscdmdm " "SAMSUNG CDMA Modem Drivers " "MCCI " "c:\windows\system32\drivers\sscdmdm.sys " "8/16/2005 7:46 PM "
    + "sscdserd " "SAMSUNG CDMA Modem Diagnostic Serial Port (WDM) " "MCCI " "c:\windows\system32\drivers\sscdserd.sys " "8/16/2005 7:47 PM "
    + "stexstor " "Promise SuperTrak EX Series Driver for Windows " "Promise Technology " "c:\windows\system32\drivers\stexstor.sys " "2/17/2009 7:03 PM "
    + "SyDvCtrl " "syDvCtrl Device Control Driver " "Symantec Corporation " "c:\program files\symantec\symantec endpoint protection\12.1.671.4971.105\bin\sydvctrl32.sys " "6/17/2011 6:51 PM "
    + "SymDS " "Symantec Data Store " "Symantec Corporation " "c:\windows\system32\drivers\sep\0c01029f\136b.105\x86\symds.sys " "4/28/2011 6:39 PM "
    + "SymEFA " "Symantec Extended File Attributes " "Symantec Corporation " "c:\windows\system32\drivers\sep\0c01029f\136b.105\x86\symefa.sys " "5/17/2011 6:28 PM "
    + "SymEvent " "Symantec Event Library " "Symantec Corporation " "c:\windows\system32\drivers\symevent.sys " "5/4/2011 11:15 PM "
    + "SymIRON " "Iron Driver " "Symantec Corporation " "c:\windows\system32\drivers\sep\0c01029f\136b.105\x86\ironx86.sys " "4/25/2011 6:05 PM "
    + "SYMNETS " "Network Security Driver " "Symantec Corporation " "c:\windows\system32\drivers\sep\0c01029f\136b.105\x86\symnets.sys " "4/19/2011 6:22 PM "
    + "SysPlant " "Symantec CMC Firewall SysPlant " "Symantec Corporation " "c:\windows\system32\drivers\sysplant.sys " "6/17/2011 6:51 PM "
    + "Teefer2 " "Teefer2 Service " "Symantec Corporation " "c:\windows\system32\drivers\teefer.sys " "5/20/2011 8:49 PM "
    + "USBAAPL " "Apple Mobile Device USB Driver " "Apple, Inc. " "c:\windows\system32\drivers\usbaapl.sys " "11/27/2012 7:37 PM "
    + "vdorctrl " " " " " "c:\windows\system32\drivers\vdorctrl.sys " "2/22/2011 5:39 PM "
    + "viaide " "VIA Generic PCI IDE Bus Driver " "VIA Technologies, Inc. " "c:\windows\system32\drivers\viaide.sys " "7/13/2009 7:11 PM "
    + "vsmraid " "VIA RAID DRIVER FOR AMD-X86-64 " "VIA Technologies Inc.,Ltd " "c:\windows\system32\drivers\vsmraid.sys " "1/30/2009 9:13 PM "
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 " " " " " " " "7/8/2013 10:22 PM "
    + "msacm.l3acm " "MPEG Layer-3 Audio Codec for MSACM " "Fraunhofer Institut Integrierte Schaltungen IIS " "c:\windows\system32\l3codeca.acm " "7/13/2009 9:06 PM "
    + "vidc.cvid " "Cinepak® Codec " "Radius Inc. " "c:\windows\system32\iccvid.dll " "11/20/2010 7:59 AM "
    "HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance " " " " " " " "7/14/2009 12:41 AM "
    + "Capture File Writer " "Windows Live Video Acquisition Filters " "Microsoft Corporation " "c:\program files\windows live\photo gallery\wlxvafilt.dll " "11/10/2010 6:21 AM "
    + "CyberLink Audio Decoder " "CyberLink Audio Decoder Filter " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax " "1/22/2009 2:12 AM "
    + "CyberLink Audio Effect " "CyberLink Audio Effect Filter " "CyberLink Corporation " "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax " "9/23/2008 6:09 AM "
    + "CyberLink Audio Spectrum Analyzer " "CLAudSpa.ax " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudspa.ax " "9/24/2004 7:08 AM "
    + "CyberLink Audio Wizard " "CyberLink Audio Wizard Filter " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax " "12/16/2008 5:39 AM "
    + "CyberLink AudioCD Filter " "CyberLink AudioCD Filter " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax " "8/16/2006 10:04 PM "
    + "CyberLink Demultiplexer " "MPEG-2 Dempltiplexer " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax " "9/28/2006 6:23 AM "
    + "CyberLink DVD Navigator " "CyberLink DVD Navigation Filter " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax " "4/8/2009 7:11 AM "
    + "CyberLink Line21 Decoder Filter " "CyberLink Line21 Decoder Filter " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax " "12/25/2008 11:30 AM "
    + "Cyberlink SubTitle Importor " "CLSubTitle.ax " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax " "12/16/2008 6:46 AM "
    + "CyberLink TimeStretch Filter " "CLAuTS.ax " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax " "6/22/2007 11:28 PM "
    + "CyberLink Tzan Filter " "Cyberlink Tzan Filter " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\cltzan.ax " "5/5/2009 9:09 AM "
    + "CyberLink Video Effect " "CLVidFx " "CyberLink " "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax " "3/23/2005 4:15 AM "
    + "CyberLink Video/SP Decoder " "CyberLink Video/SP Filter " "CyberLink Corp. " "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax " "2/5/2009 11:37 AM "
    + "LogMeIn Video Decoder " "LogMeIn Video Codec " "LogMeIn, Inc. " "c:\program files\logmein\x86\racodec.ax " "6/7/2013 5:19 PM "
    + "LogMeIn Video Encoder " "LogMeIn Video Codec " "LogMeIn, Inc. " "c:\program files\logmein\x86\racodec.ax " "6/7/2013 5:19 PM "
    + "Record Queue " "Windows Live Video Acquisition Filters " "Microsoft Corporation " "c:\program files\windows live\photo gallery\wlxvafilt.dll " "11/10/2010 6:21 AM "
    + "WM VIH2 Fix " "Windows Live Video Acquisition Filters " "Microsoft Corporation " "c:\program files\windows live\photo gallery\wlxvafilt.dll " "11/10/2010 6:21 AM "
    + "WMT DV Extract Filter " "Windows Live Video Acquisition Filters " "Microsoft Corporation " "c:\program files\windows live\photo gallery\wlxvafilt.dll " "11/10/2010 6:21 AM "
    + "WMT Sample Info Filter " "Windows Live Video Acquisition Filters " "Microsoft Corporation " "c:\program files\windows live\photo gallery\wlxvafilt.dll " "11/10/2010 6:21 AM "
    + "WMT Switch Filter " "Windows Live Video Acquisition Filters " "Microsoft Corporation " "c:\program files\windows live\photo gallery\wlxvafilt.dll " "11/10/2010 6:21 AM "
    + "WMT Virtual Renderer " "Windows Live Video Acquisition Filters " "Microsoft Corporation " "c:\program files\windows live\photo gallery\wlxvafilt.dll " "11/10/2010 6:21 AM "
    + "WMT Virtual Source " "Windows Live Video Acquisition Filters " "Microsoft Corporation " "c:\program files\windows live\photo gallery\wlxvafilt.dll " "11/10/2010 6:21 AM "
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options " " " " " " " "7/8/2013 10:22 PM "
    + "ehshell.exe " "LogMeIn Desktop Application " "LogMeIn, Inc. " "c:\program files\logmein\x86\logmeinsystray.exe " "4/12/2007 1:44 PM "
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers " " " " " " " "7/14/2009 12:41 AM "
    + "LogMeInCredProv " "LogMeIn Remote Control Helper " "LogMeIn, Inc. " "c:\windows\system32\lmiinit.dll " "6/7/2013 5:19 PM "
    + "WLIDCredentialProvider " "Microsoft® Windows Live ID Credential Provider " "Microsoft Corp. " "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll " "9/21/2010 5:01 PM "
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify " " " " " " " "8/7/2013 8:39 AM "
    + "igfxcui " "igfxdev Module " "Intel Corporation " "c:\windows\system32\igfxdev.dll " "2/11/2011 2:40 PM "
    "HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries " " " " " " " "6/20/2013 9:07 AM "
    + "mdnsNSP " "Bonjour Namespace Provider " "Apple Inc. " "c:\program files\bonjour\mdnsnsp.dll " "8/31/2011 1:44 AM "
    + "WindowsLive Local NSP " "Microsoft® Windows Live ID Namespace Provider " "Microsoft Corp. " "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll " "9/21/2010 5:00 PM "
    + "WindowsLive NSP " "Microsoft® Windows Live ID Namespace Provider " "Microsoft Corp. " "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll " "9/21/2010 5:00 PM "
    "HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors " " " " " " " "8/7/2013 8:39 AM "
    + "Adobe PDF Port Monitor " "Adobe PDF Port Monitor DLL " "Adobe Systems Inc " "c:\windows\system32\adobepdf.dll " "8/19/2009 5:46 AM "
    + "HP Universal Print Monitor " "hpmpw081.dll " "Hewlett-Packard " "c:\windows\system32\hpmpw081.dll " "4/24/2012 8:41 AM "
    + "HPMLM121 " "language monitor new name " "Hewlett-Packard Company " "c:\windows\system32\hpmlm121.dll " "12/13/2011 7:12 AM "
    + "KM Language Monitor " "KM language monitor " "KYOCERA MITA Corporation " "c:\windows\system32\kmpjlmn.dll " "6/28/2010 7:07 PM "
    + "LogMeIn Printer Port Monitor " "RemotelyAnywhere Printer Port Monitor " "LogMeIn, Inc. " "c:\windows\system32\lmiport.dll " "4/26/2013 10:14 AM "
    + "Nitro PDF Port Monitor " "Windows NT Nitro Print PDF Interface Driver " "Nitro PDF Software " "c:\windows\system32\nitrolocalmon.dll " "5/24/2010 4:57 AM "
    + "PCL hpz3llhn " "LanguageMonitor " "Hewlett-Packard Company " "c:\windows\system32\hpz3llhn.dll " "8/9/2006 10:38 PM "
    + "PrimoMon " " " " " "c:\windows\system32\primomonnt.dll " "2/25/2004 7:31 PM "
    + "SHARP AR-236/266/276 SPLC Language Monitor " "Sharp Printer Driver " "SHARP " "c:\windows\system32\sk0blmon.dll " "4/18/2002 5:14 AM "
    "HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order " " " " " " " "7/14/2009 12:37 AM "
    + "AdobeDriveCS4_NP " "Adobe Drive CS4 Network " "Adobe Systems Incorporated " "c:\program files\common files\adobe\adobe drive cs4\adobedrivecs4_np.dll " "8/14/2008 10:39 AM "
    + "LMIRfsClientNP " "LogMeIn Virtual Disk Network " "LogMeIn, Inc. " "c:\windows\system32\lmirfsclientnp.dll " "6/7/2013 5:19 PM "
    + "SnacNp " "Symantec SNAC Network Provider " "Symantec Corporation " "c:\program files\symantec\symantec endpoint protection\12.1.671.4971.105\bin\snacnp.dll " "6/17/2011 6:50 PM "
     
    Jeremie,
    #44
  6. 2013/08/07
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I don't see anything from MSE running.
    Can you post a screenshot of that notification?

    As for not genuine Windows...
    Some infections will cause that problem.
    Unfortunately the only option is to call Microsoft to verify your installation.
     
    broni,
    #45
  7. 2013/08/12
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Still with me?
     
    broni,
    #46
  8. 2013/08/12
    Jeremie

    Jeremie Inactive Thread Starter

    Joined:
    2011/01/06
    Messages:
    117
    Likes Received:
    0
    I disabled it. I tried starting the services ,but it wouldnt start again. I kept getting an error message. I installed it again,but windows says I have it installed,but its not enabled, but its clearly green icon.

    unable to upload a screen shot.

    At this time MS safety scanner is running and it found 15 infections so far.
     
    Jeremie,
    #47
  9. 2013/08/12
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    What exactly did you disable?

    What is "MS safety scanner "?
     
    broni,
    #48
  10. 2013/08/12
    Jeremie

    Jeremie Inactive Thread Starter

    Joined:
    2011/01/06
    Messages:
    117
    Likes Received:
    0
    I dsiabled windows defender in services.msc. I also deleted the following and resintalled MSE.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Security Essentials
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware

    The system seemed ok ,but I got the error 0x80070005 when trying a windows update.
    MS website suggested downloading and running MS Safety scanner.
     
    Jeremie,
    #49
  11. 2013/08/12
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    OK.
    When done with the scan post the results.

    Is MSE working fine now?

    What about "Not genuine" message?
     
    broni,
    #50
  12. 2013/08/12
    Jeremie

    Jeremie Inactive Thread Starter

    Joined:
    2011/01/06
    Messages:
    117
    Likes Received:
    0
    will post results when done. MSE seems to be ok,but I did have the notification that it was installed ,but not enabled. I dont see that message for the time being.

    Genuine message came up earlier hasnt come up again.

    Will let you know when scan completes and I restart the comp how everything looks.
     
    Jeremie,
    #51
  13. 2013/08/12
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Cool :)
     
    broni,
    #52
  14. 2013/08/13
    Jeremie

    Jeremie Inactive Thread Starter

    Joined:
    2011/01/06
    Messages:
    117
    Likes Received:
    0
    ok. MSS remove three threats. However after I restarted I still cant get windows updates. "Windows Update fails with error 0x80096001 "

    I'm also still getting the notification that MSE and windows defender are installed,but are not enabled :/
     
    Jeremie,
    #53
  15. 2013/08/13
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    OK, we have to clarify one thing.
    In some of your posts you want to have Symantec (Norton) in some other you're talking about running MSE.
    Which one is going to be?
     
    broni,
    #54
  16. 2013/08/13
    Jeremie

    Jeremie Inactive Thread Starter

    Joined:
    2011/01/06
    Messages:
    117
    Likes Received:
    0
    I wanted SEP, but its not functioning properly. I can unistall it and I cant reinstall it. I'm settling for MSE because SEP is not functioning.
     
    Jeremie,
    #55
  17. 2013/08/13
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    broni,
    #56
  18. 2013/08/17
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Still with me?
    I won't ask again after another 5 days.
    I'll simply lock this topic.
     
    broni,
    #57
  19. 2013/08/18
    Jeremie

    Jeremie Inactive Thread Starter

    Joined:
    2011/01/06
    Messages:
    117
    Likes Received:
    0
    neither one of the tools worked.

    For SEP, The tool says i must uninstall symantec antivirus first. (as stated in earlier post I do not have it listed in the add remove programs list) I tried manually uninstalling ,but this does not remove the program. I even tried running the setup again and trying to repair, this failed as well.


    Application for MSE it did not work either,. I reinstalled MSE. It appeared in my add remove programs so I manually removed it. IT is no longer on my machine.


    So at this point I have SEP installed, but still receiving notifications that say SEP is not turned on.
     
    Jeremie,
    #58
  20. 2013/08/18
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Notifications from where?
    Is Symantec working?
     
    broni,
    #59
  21. 2013/08/18
    Jeremie

    Jeremie Inactive Thread Starter

    Joined:
    2011/01/06
    Messages:
    117
    Likes Received:
    0
    notifications in windows action center. SEP seems to be working without issues
     
    Jeremie,
    #60
Page 3 of 4

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...