Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Clients do not show up in the home page (SEP manager 12.1 RU 2)

Created: 10 Jan 2013 | 2 comments
ksu's picture

Having issues with the clients that I see in agt_proactiv (clients which are infected machines) which I can't see them  in the  Home page.Why?.

Comments 2 CommentsJump to latest comment

pete_4u2002's picture

agt_proactiv? what is that?

can you post the screen shot if possible?

ksu's picture

Time Stamp,Risk Action,Computer Name,Detection Type,Application Name,Application Type,Application Version,Hash Type,Application Hash,Company Name,File Size,Sensitivity,Detection Score,Submission Recommendation,Permitted Application Reason,Source,Risk Name,Occurrences,File Path,Description,Actual Action,Requested Action,Secondary Action,Event Time,Event Insert Time,End Time,Domain Name,Group Name,Server Name,User Name,Source Computer Name,Source Computer IP
2013-01-09 13:16:07,Forced SONAR threat detected,Computer name: A01LTFW20672,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:15:31,Inserted: 2013-01-09 12:16:07,End: 2013-01-09 12:15:31,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H120019,Source computer: ,Source IP:
2013-01-09 13:21:47,Forced SONAR threat detected,Computer name: A01LTFW20666,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:19:51,Inserted: 2013-01-09 12:21:47,End: 2013-01-09 12:19:51,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E111252,Source computer: ,Source IP:
2013-01-09 13:11:47,Forced SONAR threat detected,Computer name: A01LTFW20660,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: JAWS,Application type: Trojan Worm,Application version: "13, 0, 977, 400",Hash type: SHA-1,Application hash: 6f54216134d7c30b700cbcf1ea0a140af05cc867,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 1489800,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\jaws\13.0\jfw.exe,"c:\program files\freedom scientific\jaws\13.0\jfw.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:09:55,Inserted: 2013-01-09 12:11:47,End: 2013-01-09 12:09:55,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S132477,Source computer: ,Source IP:
2013-01-09 13:21:47,Forced SONAR threat detected,Computer name: A01LTFW20666,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:19:59,Inserted: 2013-01-09 12:21:47,End: 2013-01-09 12:19:59,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E111252,Source computer: ,Source IP:
2013-01-09 13:16:07,Forced SONAR threat detected,Computer name: A01LTFW20672,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:15:23,Inserted: 2013-01-09 12:16:07,End: 2013-01-09 12:15:23,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H120019,Source computer: ,Source IP:
2013-01-09 13:21:47,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:18:11,Inserted: 2013-01-09 12:21:47,End: 2013-01-09 12:18:11,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:10:46,Potential risk found,Computer name: A34DUVW08090,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:05:24,Inserted: 2013-01-09 12:10:46,End: 2013-01-09 12:05:24,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:10:46,Potential risk found,Computer name: A34DUFW00151,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:05:52,Inserted: 2013-01-09 12:10:46,End: 2013-01-09 12:05:52,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:13:27,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:10:40,Inserted: 2013-01-09 12:13:27,End: 2013-01-09 12:10:40,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:13:47,Potential risk found,Computer name: A34DUFW00169,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:09:10,Inserted: 2013-01-09 12:13:47,End: 2013-01-09 12:09:10,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:25:07,Forced SONAR threat detected,Computer name: A01LTFW20078,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-08 09:26:05,Inserted: 2013-01-08 09:27:01,End: 2013-01-08 09:26:05,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M112107,Source computer: ,Source IP:
2013-01-09 13:35:47,Forced SONAR threat detected,Computer name: A01LTFW20731,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:34:38,Inserted: 2013-01-09 12:35:47,End: 2013-01-09 12:34:37,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B123381,Source computer: ,Source IP:
2013-01-09 13:28:47,Forced SONAR threat detected,Computer name: A01LTFW20640,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:23:28,Inserted: 2013-01-09 12:28:47,End: 2013-01-09 12:23:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J111691,Source computer: ,Source IP:
2013-01-09 13:25:07,Forced SONAR threat detected,Computer name: A01LTFW20078,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-03 07:10:48,Inserted: 2013-01-09 12:25:07,End: 2013-01-03 07:10:48,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M112107,Source computer: ,Source IP:
2013-01-09 13:27:47,Forced SONAR threat detected,Computer name: A01LTFW20387,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:23:37,Inserted: 2013-01-09 12:27:47,End: 2013-01-09 12:23:37,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T109533,Source computer: ,Source IP:
2013-01-09 13:25:07,Forced SONAR threat detected,Computer name: A01LTFW20078,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 5,SafeBootClientManager,"SafeBootClientManager",Actual action: Details pending,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-08 09:26:05,Inserted: 2013-01-09 12:25:07,End: 2013-01-08 09:26:05,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M112107,Source computer: ,Source IP:
2013-01-09 13:38:27,Forced SONAR threat detected,Computer name: A01LTFW20893,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:37:32,Inserted: 2013-01-09 12:38:27,End: 2013-01-09 12:37:32,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L125616,Source computer: ,Source IP:
2013-01-09 13:32:47,Forced SONAR threat detected,Computer name: A01LTFW01149,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:30:25,Inserted: 2013-01-09 12:32:47,End: 2013-01-09 12:30:24,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O117966,Source computer: ,Source IP:
2013-01-09 13:35:47,Forced SONAR threat detected,Computer name: A01LTFW20731,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: JAWS,Application type: Trojan Worm,Application version: "13, 0, 977, 400",Hash type: SHA-1,Application hash: 6f54216134d7c30b700cbcf1ea0a140af05cc867,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 1489800,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\jaws\13.0\jfw.exe,"c:\program files\freedom scientific\jaws\13.0\jfw.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:34:31,Inserted: 2013-01-09 12:35:47,End: 2013-01-09 12:34:31,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B123381,Source computer: ,Source IP:
2013-01-09 13:30:47,Potential risk found,Computer name: A34DUVW21109,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:25:49,Inserted: 2013-01-09 12:30:47,End: 2013-01-09 12:25:49,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:38:47,Potential risk found,Computer name: A34DUVW08090,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:33:42,Inserted: 2013-01-09 12:38:47,End: 2013-01-09 12:33:42,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:37:47,Potential risk found,Computer name: A34DUVW22154,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:33:21,Inserted: 2013-01-09 12:37:47,End: 2013-01-09 12:33:21,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:29:47,Potential risk found,Computer name: A34DUFW00322,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:28:49,Inserted: 2013-01-09 12:29:47,End: 2013-01-09 12:28:49,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:25:07,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:20:32,Inserted: 2013-01-09 12:25:07,End: 2013-01-09 12:20:32,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:25:47,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:20:53,Inserted: 2013-01-09 12:25:47,End: 2013-01-09 12:20:53,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:31:47,Potential risk found,Computer name: A34DUVW22268,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:26:40,Inserted: 2013-01-09 12:31:47,End: 2013-01-09 12:26:40,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:50:27,Forced SONAR threat detected,Computer name: A01LTFW20659,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Screen Magnification,Application type: Trojan Worm,Application version: "11, 0, 4356, 400",Hash type: SHA-1,Application hash: 1ce39d44cc735db5788f07b25c5bb32c6ca48c09,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 421144,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe,"c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:49:25,Inserted: 2013-01-09 12:50:27,End: 2013-01-09 12:49:25,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108437,Source computer: ,Source IP:
2013-01-09 13:44:27,Forced SONAR threat detected,Computer name: A01LTFW21146,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Screen Magnification,Application type: Trojan Worm,Application version: "11, 0, 4356, 400",Hash type: SHA-1,Application hash: 1ce39d44cc735db5788f07b25c5bb32c6ca48c09,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 421144,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe,"c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:35:13,Inserted: 2013-01-09 12:44:27,End: 2013-01-09 12:35:13,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F124648,Source computer: ,Source IP:
2013-01-09 13:52:27,Forced SONAR threat detected,Computer name: A01LTFW20270,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:46:38,Inserted: 2013-01-09 12:52:27,End: 2013-01-09 12:46:38,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: D134739,Source computer: ,Source IP:
2013-01-09 13:44:27,Forced SONAR threat detected,Computer name: A01LTFW20696,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:41:03,Inserted: 2013-01-09 12:44:27,End: 2013-01-09 12:41:03,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P120612,Source computer: ,Source IP:
2013-01-09 13:48:27,Forced SONAR threat detected,Computer name: A01LTFW20212,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:46:45,Inserted: 2013-01-09 12:48:27,End: 2013-01-09 12:46:45,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H118612,Source computer: ,Source IP:
2013-01-09 13:47:27,Forced SONAR threat detected,Computer name: A01LTFW20844,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:43:06,Inserted: 2013-01-09 12:47:27,End: 2013-01-09 12:43:05,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S109118,Source computer: ,Source IP:
2013-01-09 13:50:27,Forced SONAR threat detected,Computer name: A01LTFW20659,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:49:17,Inserted: 2013-01-09 12:50:27,End: 2013-01-09 12:49:17,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108437,Source computer: ,Source IP:
2013-01-09 13:44:47,Forced SONAR threat detected,Computer name: A01LTFW20571,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:40:38,Inserted: 2013-01-09 12:44:47,End: 2013-01-09 12:40:37,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R115253,Source computer: ,Source IP:
2013-01-09 13:44:27,Forced SONAR threat detected,Computer name: A01LTFW21146,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:35:21,Inserted: 2013-01-09 12:44:27,End: 2013-01-09 12:35:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F124648,Source computer: ,Source IP:
2013-01-09 13:50:27,Forced SONAR threat detected,Computer name: A01LTFW20659,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:49:33,Inserted: 2013-01-09 12:50:27,End: 2013-01-09 12:49:33,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108437,Source computer: ,Source IP:
2013-01-09 13:44:27,Forced SONAR threat detected,Computer name: A01LTFW20696,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: JAWS,Application type: Trojan Worm,Application version: "13, 0, 977, 400",Hash type: SHA-1,Application hash: 6f54216134d7c30b700cbcf1ea0a140af05cc867,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 1489800,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\jaws\13.0\jfw.exe,"c:\program files\freedom scientific\jaws\13.0\jfw.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:41:11,Inserted: 2013-01-09 12:44:27,End: 2013-01-09 12:41:11,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P120612,Source computer: ,Source IP:
2013-01-09 13:50:27,Forced SONAR threat detected,Computer name: A01LTFW20659,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:49:41,Inserted: 2013-01-09 12:50:27,End: 2013-01-09 12:49:41,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108437,Source computer: ,Source IP:
2013-01-09 13:44:27,Forced SONAR threat detected,Computer name: A01LTFW21146,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:35:30,Inserted: 2013-01-09 12:44:27,End: 2013-01-09 12:35:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F124648,Source computer: ,Source IP:
2013-01-09 13:44:47,Potential risk found,Computer name: A34DUFW00021,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:40:17,Inserted: 2013-01-09 12:44:47,End: 2013-01-09 12:40:17,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:49:27,Potential risk found,Computer name: A01DTFW00658,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:41:17,Inserted: 2013-01-09 12:49:27,End: 2013-01-09 12:41:17,Domain: Default,Group: My Company\klient\All Desktops\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:42:27,Potential risk found,Computer name: A34DUVW22002,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:40:53,Inserted: 2013-01-09 12:42:27,End: 2013-01-09 12:40:53,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:58:47,Forced SONAR threat detected,Computer name: A01LTFW21052,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Screen Magnification,Application type: Trojan Worm,Application version: "11, 0, 4356, 400",Hash type: SHA-1,Application hash: 1ce39d44cc735db5788f07b25c5bb32c6ca48c09,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 421144,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe,"c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:57:51,Inserted: 2013-01-09 12:58:47,End: 2013-01-09 12:57:51,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R117493,Source computer: ,Source IP:
2013-01-09 14:08:47,Forced SONAR threat detected,Computer name: A01LTFW20502,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-07 10:30:40,Inserted: 2013-01-09 13:08:47,End: 2013-01-07 10:30:40,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B130602,Source computer: ,Source IP:
2013-01-09 14:02:07,Forced SONAR threat detected,Computer name: A01LTFW20397,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:59:25,Inserted: 2013-01-09 13:02:07,End: 2013-01-09 12:59:24,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P112725,Source computer: ,Source IP:
2013-01-09 14:08:47,Forced SONAR threat detected,Computer name: A01LTFW20502,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-03 13:25:46,Inserted: 2013-01-09 13:08:47,End: 2013-01-03 13:25:46,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B130602,Source computer: ,Source IP:
2013-01-09 14:04:47,Forced SONAR threat detected,Computer name: A01LTFW20275,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:49:48,Inserted: 2013-01-09 13:04:47,End: 2013-01-09 12:49:48,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M120309,Source computer: ,Source IP:
2013-01-09 14:02:07,Forced SONAR threat detected,Computer name: A01LTFW01135,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:59:28,Inserted: 2013-01-09 13:02:07,End: 2013-01-09 12:59:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N106726,Source computer: ,Source IP:
2013-01-09 13:58:47,Forced SONAR threat detected,Computer name: A01LTFW21052,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:57:36,Inserted: 2013-01-09 12:58:47,End: 2013-01-09 12:57:36,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R117493,Source computer: ,Source IP:
2013-01-09 14:08:47,Forced SONAR threat detected,Computer name: A01LTFW20502,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 2,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-08 11:55:02,Inserted: 2013-01-09 13:08:47,End: 2013-01-08 11:55:02,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B130602,Source computer: ,Source IP:
2013-01-09 13:58:47,Forced SONAR threat detected,Computer name: A01LTFW21052,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:57:44,Inserted: 2013-01-09 12:58:47,End: 2013-01-09 12:57:44,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R117493,Source computer: ,Source IP:
2013-01-09 13:58:47,Forced SONAR threat detected,Computer name: A01LTFW21052,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 12:57:58,Inserted: 2013-01-09 12:58:47,End: 2013-01-09 12:57:58,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R117493,Source computer: ,Source IP:
2013-01-09 14:06:47,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:01:28,Inserted: 2013-01-09 13:06:47,End: 2013-01-09 13:01:28,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:59:47,Potential risk found,Computer name: A34DUVW22301,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:54:09,Inserted: 2013-01-09 12:59:47,End: 2013-01-09 12:54:09,Domain: Default,Group: My Company\Default Group,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:02:07,Potential risk found,Computer name: A34DUVW22268,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:59:16,Inserted: 2013-01-09 13:02:07,End: 2013-01-09 12:59:16,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 13:54:47,Potential risk found,Computer name: A34DUVW21098,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 12:50:24,Inserted: 2013-01-09 12:54:47,End: 2013-01-09 12:50:24,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:22:27,Forced SONAR threat detected,Computer name: A01LTFW20666,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Screen Magnification,Application type: Trojan Worm,Application version: "11, 0, 4356, 400",Hash type: SHA-1,Application hash: 1ce39d44cc735db5788f07b25c5bb32c6ca48c09,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 421144,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe,"c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:19:36,Inserted: 2013-01-09 13:22:27,End: 2013-01-09 13:19:36,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E111252,Source computer: ,Source IP:
2013-01-09 14:11:27,Forced SONAR threat detected,Computer name: A01LTFW20284,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-08 08:54:56,Inserted: 2013-01-09 13:11:27,End: 2013-01-08 08:54:56,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K120310,Source computer: ,Source IP:
2013-01-09 14:23:27,Forced SONAR threat detected,Computer name: A01LTFW20078,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:20:46,Inserted: 2013-01-09 13:23:27,End: 2013-01-09 13:20:46,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M112107,Source computer: ,Source IP:
2013-01-09 14:16:47,Forced SONAR threat detected,Computer name: A01LTFW02312,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:10:48,Inserted: 2013-01-09 13:16:47,End: 2013-01-09 13:10:48,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H111766,Source computer: ,Source IP:
2013-01-09 14:21:27,Forced SONAR threat detected,Computer name: A01LTFW20587,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:20:09,Inserted: 2013-01-09 13:21:27,End: 2013-01-09 13:20:08,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A116960,Source computer: ,Source IP:
2013-01-09 14:14:27,Forced SONAR threat detected,Computer name: A01LTFW20502,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:12:08,Inserted: 2013-01-09 13:14:27,End: 2013-01-09 13:12:08,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B130602,Source computer: ,Source IP:
2013-01-09 14:20:07,Forced SONAR threat detected,Computer name: A01LTFW02169,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:14:29,Inserted: 2013-01-09 13:20:07,End: 2013-01-09 13:14:29,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: G102847,Source computer: ,Source IP:
2013-01-09 14:20:07,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:19:25,Inserted: 2013-01-09 13:20:07,End: 2013-01-09 13:19:25,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:11:47,Potential risk found,Computer name: A34DUVW22180,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:08:11,Inserted: 2013-01-09 13:11:47,End: 2013-01-09 13:08:11,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:26:47,Forced SONAR threat detected,Computer name: A01LTFW21106,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:23:10,Inserted: 2013-01-09 13:26:47,End: 2013-01-09 13:23:09,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W118296,Source computer: ,Source IP:
2013-01-09 14:29:27,Forced SONAR threat detected,Computer name: A01LTFW20596,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:26:58,Inserted: 2013-01-09 13:29:27,End: 2013-01-09 13:26:58,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A100576,Source computer: ,Source IP:
2013-01-09 14:29:27,Forced SONAR threat detected,Computer name: A01LTFW20079,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:22:39,Inserted: 2013-01-09 13:29:27,End: 2013-01-09 13:22:39,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S114422,Source computer: ,Source IP:
2013-01-09 14:25:27,Forced SONAR threat detected,Computer name: A01LTFW20640,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:23:27,Inserted: 2013-01-09 13:25:27,End: 2013-01-09 13:23:26,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J111691,Source computer: ,Source IP:
2013-01-09 14:29:27,Forced SONAR threat detected,Computer name: A01LTFW02074,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:25:17,Inserted: 2013-01-09 13:29:27,End: 2013-01-09 13:25:17,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K135213,Source computer: ,Source IP:
2013-01-09 14:26:47,Forced SONAR threat detected,Computer name: A01LTFW20666,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:19:43,Inserted: 2013-01-09 13:26:47,End: 2013-01-09 13:19:43,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E111252,Source computer: ,Source IP:
2013-01-09 14:26:47,Forced SONAR threat detected,Computer name: A01LTFW20666,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:19:51,Inserted: 2013-01-09 13:26:47,End: 2013-01-09 13:19:51,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E111252,Source computer: ,Source IP:
2013-01-09 14:37:27,Potential risk found,Computer name: A34DUVW22266,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:32:04,Inserted: 2013-01-09 13:37:27,End: 2013-01-09 13:32:04,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:30:47,Potential risk found,Computer name: A34DUVW22134,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:27:28,Inserted: 2013-01-09 13:30:47,End: 2013-01-09 13:27:28,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:40:47,Forced SONAR threat detected,Computer name: A01LTFW11655,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:36:33,Inserted: 2013-01-09 13:40:47,End: 2013-01-09 13:36:33,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H110487,Source computer: ,Source IP:
2013-01-09 14:51:27,Forced SONAR threat detected,Computer name: A01LTFW20129,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:46:25,Inserted: 2013-01-09 13:51:27,End: 2013-01-09 13:46:25,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H128824,Source computer: ,Source IP:
2013-01-09 14:39:47,Forced SONAR threat detected,Computer name: A01LTFW20905,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:33:57,Inserted: 2013-01-09 13:39:47,End: 2013-01-09 13:33:57,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L105463,Source computer: ,Source IP:
2013-01-09 14:46:47,Potential risk found,Computer name: A34DUVW22164,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:44:32,Inserted: 2013-01-09 13:46:47,End: 2013-01-09 13:44:32,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:45:47,Potential risk found,Computer name: A34DUVW21029,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:41:58,Inserted: 2013-01-09 13:45:47,End: 2013-01-09 13:41:58,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:40:27,Potential risk found,Computer name: A01DTFW00174,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:31:33,Inserted: 2013-01-09 13:40:27,End: 2013-01-09 13:31:33,Domain: Default,Group: My Company\klient\All Desktops\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:43:27,Potential risk found,Computer name: A34DUVW08077,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:34:32,Inserted: 2013-01-09 13:43:27,End: 2013-01-09 13:34:32,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:45:47,Potential risk found,Computer name: A01DTFW00898,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:40:43,Inserted: 2013-01-09 13:45:47,End: 2013-01-09 13:40:43,Domain: Default,Group: My Company\klient\All Desktops\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:48:27,Potential risk found,Computer name: A34DUVW08014,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 2,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:46:30,Inserted: 2013-01-09 13:48:27,End: 2013-01-09 13:46:30,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:54:07,Forced SONAR threat detected,Computer name: A01LTFW02599,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:50:57,Inserted: 2013-01-09 13:54:07,End: 2013-01-09 13:50:57,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K105261,Source computer: ,Source IP:
2013-01-09 15:02:27,Forced SONAR threat detected,Computer name: A01LTFW20922,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:01:28,Inserted: 2013-01-09 14:02:27,End: 2013-01-09 14:01:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S122237,Source computer: ,Source IP:
2013-01-09 15:02:27,Forced SONAR threat detected,Computer name: A01LTFW00566,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:57:57,Inserted: 2013-01-09 14:02:27,End: 2013-01-09 13:57:56,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M110840,Source computer: ,Source IP:
2013-01-09 15:07:27,Forced SONAR threat detected,Computer name: A01LTFW20859,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:04:06,Inserted: 2013-01-09 14:07:27,End: 2013-01-09 14:04:06,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F113862,Source computer: ,Source IP:
2013-01-09 14:56:27,Forced SONAR threat detected,Computer name: A01LTFW01693,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:51:32,Inserted: 2013-01-09 13:56:27,End: 2013-01-09 13:51:32,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B101104,Source computer: ,Source IP:
2013-01-09 14:56:27,Forced SONAR threat detected,Computer name: A01LTFW20361,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:52:30,Inserted: 2013-01-09 13:56:27,End: 2013-01-09 13:52:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O100000,Source computer: ,Source IP:
2013-01-09 14:55:07,Forced SONAR threat detected,Computer name: A01LTFW02719,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:54:20,Inserted: 2013-01-09 13:55:07,End: 2013-01-09 13:54:20,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: G130539,Source computer: ,Source IP:
2013-01-09 15:08:27,Forced SONAR threat detected,Computer name: A01LTFW01094,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:03:15,Inserted: 2013-01-09 14:08:27,End: 2013-01-09 14:03:15,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M106534,Source computer: ,Source IP:
2013-01-09 15:01:07,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:58:26,Inserted: 2013-01-09 14:01:07,End: 2013-01-09 13:58:26,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:55:07,Potential risk found,Computer name: A34DUVW16003,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:52:57,Inserted: 2013-01-09 13:55:07,End: 2013-01-09 13:52:57,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:01:07,Potential risk found,Computer name: A34DUVW16018,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:55:00,Inserted: 2013-01-09 14:01:07,End: 2013-01-09 13:55:00,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:06:07,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:58:32,Inserted: 2013-01-09 14:06:07,End: 2013-01-09 13:58:32,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:56:27,Potential risk found,Computer name: A34DUVW22012,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 2,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:50:44,Inserted: 2013-01-09 13:56:27,End: 2013-01-09 13:50:44,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:57:47,Potential risk found,Computer name: A34DUFW00326,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:52:44,Inserted: 2013-01-09 13:57:47,End: 2013-01-09 13:52:44,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 14:54:07,Potential risk found,Computer name: A34DUFW00239,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 2,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:47:42,Inserted: 2013-01-09 13:54:07,End: 2013-01-09 13:47:42,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:20:28,Forced SONAR threat detected,Computer name: A01LTFW02200,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 11:18:54,Inserted: 2013-01-09 14:20:28,End: 2013-01-09 11:18:54,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H126042,Source computer: ,Source IP:
2013-01-09 15:19:28,Forced SONAR threat detected,Computer name: A01LTFW20393,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:15:22,Inserted: 2013-01-09 14:19:28,End: 2013-01-09 14:15:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H112145,Source computer: ,Source IP:
2013-01-09 15:19:28,Forced SONAR threat detected,Computer name: A01LTFW01115,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-03 09:22:46,Inserted: 2013-01-09 14:19:28,End: 2013-01-03 09:22:46,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O124273,Source computer: ,Source IP:
2013-01-09 15:10:48,Forced SONAR threat detected,Computer name: A01LTFW00981,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-04 09:47:14,Inserted: 2013-01-09 14:10:48,End: 2013-01-04 09:47:14,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N106778,Source computer: ,Source IP:
2013-01-09 15:12:28,Forced SONAR threat detected,Computer name: A01LTFW20284,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:08:01,Inserted: 2013-01-09 14:12:28,End: 2013-01-09 14:08:01,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K120310,Source computer: ,Source IP:
2013-01-09 15:10:28,Forced SONAR threat detected,Computer name: A01LTFW20423,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-03 09:41:43,Inserted: 2013-01-09 14:10:28,End: 2013-01-03 09:41:43,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F110862,Source computer: ,Source IP:
2013-01-09 15:10:28,Forced SONAR threat detected,Computer name: A01LTFW20921,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:09:50,Inserted: 2013-01-09 14:10:28,End: 2013-01-09 13:09:50,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K121524,Source computer: ,Source IP:
2013-01-09 15:16:28,Forced SONAR threat detected,Computer name: A01LTFW02429,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:12:18,Inserted: 2013-01-09 14:16:28,End: 2013-01-09 14:12:18,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L133000,Source computer: ,Source IP:
2013-01-09 15:16:28,Forced SONAR threat detected,Computer name: A01LTFW01121,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:08:07,Inserted: 2013-01-09 14:16:28,End: 2013-01-09 14:08:07,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N122645,Source computer: ,Source IP:
2013-01-09 15:23:28,Forced SONAR threat detected,Computer name: A01LTFW20884,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:15:17,Inserted: 2013-01-09 14:23:28,End: 2013-01-09 14:15:17,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S137071,Source computer: ,Source IP:
2013-01-09 15:22:28,Forced SONAR threat detected,Computer name: A01LTFW20412,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:20:33,Inserted: 2013-01-09 14:22:28,End: 2013-01-09 14:20:33,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K105313,Source computer: ,Source IP:
2013-01-09 15:13:48,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:12:46,Inserted: 2013-01-09 14:13:48,End: 2013-01-09 14:12:46,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:13:48,Potential risk found,Computer name: A34DUVW22154,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:11:35,Inserted: 2013-01-09 14:13:48,End: 2013-01-09 14:11:35,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:17:08,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:12:33,Inserted: 2013-01-09 14:17:08,End: 2013-01-09 14:12:33,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:17:08,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:12:58,Inserted: 2013-01-09 14:17:08,End: 2013-01-09 14:12:58,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:16:28,Potential risk found,Computer name: A34DUFW00151,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 2,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:10:05,Inserted: 2013-01-09 14:16:28,End: 2013-01-09 14:10:05,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:26:48,Forced SONAR threat detected,Computer name: A01LTFW21013,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:22:05,Inserted: 2013-01-09 14:26:48,End: 2013-01-09 14:22:05,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N106666,Source computer: ,Source IP:
2013-01-09 15:30:48,Forced SONAR threat detected,Computer name: A01LTFW01135,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:28:27,Inserted: 2013-01-09 14:30:48,End: 2013-01-09 14:28:27,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N106726,Source computer: ,Source IP:
2013-01-09 15:36:28,Forced SONAR threat detected,Computer name: A01LTFW02322,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:35:01,Inserted: 2013-01-09 14:36:28,End: 2013-01-09 14:35:00,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E102091,Source computer: ,Source IP:
2013-01-09 15:24:48,Forced SONAR threat detected,Computer name: A01LTFW01115,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-07 14:48:53,Inserted: 2013-01-09 14:24:48,End: 2013-01-07 14:48:53,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O124273,Source computer: ,Source IP:
2013-01-09 15:38:48,Forced SONAR threat detected,Computer name: A01LTFW20502,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:35:03,Inserted: 2013-01-09 14:38:48,End: 2013-01-09 14:35:03,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B130602,Source computer: ,Source IP:
2013-01-09 15:28:48,Forced SONAR threat detected,Computer name: A01LTFW02641,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:24:28,Inserted: 2013-01-09 14:28:48,End: 2013-01-09 14:24:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J104407,Source computer: ,Source IP:
2013-01-09 15:32:28,Forced SONAR threat detected,Computer name: A01LTFW21173,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:28:03,Inserted: 2013-01-09 14:32:28,End: 2013-01-09 14:28:03,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H118408,Source computer: ,Source IP:
2013-01-09 15:35:28,Potential risk found,Computer name: A34DUVW15084,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:31:05,Inserted: 2013-01-09 14:35:28,End: 2013-01-09 14:31:05,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:30:48,Potential risk found,Computer name: A34DUVW22283,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:29:42,Inserted: 2013-01-09 14:30:48,End: 2013-01-09 14:29:42,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:24:48,Potential risk found,Computer name: A34DUVW22301,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:19:45,Inserted: 2013-01-09 14:24:48,End: 2013-01-09 14:19:45,Domain: Default,Group: My Company\Default Group,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:44:28,Forced SONAR threat detected,Computer name: A01LTFW02431,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:41:46,Inserted: 2013-01-09 14:44:28,End: 2013-01-09 14:41:46,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H112262,Source computer: ,Source IP:
2013-01-09 15:52:49,Forced SONAR threat detected,Computer name: A01LTFW02156,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-07 14:15:30,Inserted: 2013-01-09 14:52:49,End: 2013-01-07 14:15:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H112100,Source computer: ,Source IP:
2013-01-09 15:45:48,Potential risk found,Computer name: A34DUFW00378,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 2,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:39:19,Inserted: 2013-01-09 14:45:48,End: 2013-01-09 14:39:19,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:50:49,Potential risk found,Computer name: A34DUFW00093,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:45:19,Inserted: 2013-01-09 14:50:49,End: 2013-01-09 14:45:19,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:05:29,Forced SONAR threat detected,Computer name: A01LTFW02576,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:01:38,Inserted: 2013-01-09 15:05:29,End: 2013-01-09 15:01:38,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H134580,Source computer: ,Source IP:
2013-01-09 15:56:29,Forced SONAR threat detected,Computer name: A01LTFW20582,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:51:07,Inserted: 2013-01-09 14:56:29,End: 2013-01-09 14:51:07,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E102026,Source computer: ,Source IP:
2013-01-09 15:58:29,Potential risk found,Computer name: A34DUVW22268,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:52:48,Inserted: 2013-01-09 14:58:29,End: 2013-01-09 14:52:48,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:02:29,Potential risk found,Computer name: A34DUVW22281,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:01:05,Inserted: 2013-01-09 15:02:29,End: 2013-01-09 15:01:05,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:07:09,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:03:36,Inserted: 2013-01-09 15:07:09,End: 2013-01-09 15:03:36,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:07:09,Potential risk found,Computer name: A34DUVW21063,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:01:54,Inserted: 2013-01-09 15:07:09,End: 2013-01-09 15:01:54,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 15:57:29,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 14:54:31,Inserted: 2013-01-09 14:57:29,End: 2013-01-09 14:54:31,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:12:49,Forced SONAR threat detected,Computer name: A01LTFW20623,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:10:21,Inserted: 2013-01-09 15:12:49,End: 2013-01-09 15:10:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S118313,Source computer: ,Source IP:
2013-01-09 16:20:09,Forced SONAR threat detected,Computer name: A01LTFW20921,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:07:12,Inserted: 2013-01-09 15:20:09,End: 2013-01-09 15:07:12,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K121524,Source computer: ,Source IP:
2013-01-09 16:23:29,Potential risk found,Computer name: A34DUVW03017,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:20:21,Inserted: 2013-01-09 15:23:29,End: 2013-01-09 15:20:21,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:14:29,Potential risk found,Computer name: A34DUVW21006,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:09:06,Inserted: 2013-01-09 15:14:29,End: 2013-01-09 15:09:06,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:23:29,Potential risk found,Computer name: A34DUVW22042,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:22:43,Inserted: 2013-01-09 15:23:29,End: 2013-01-09 15:22:43,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:20:09,Potential risk found,Computer name: A34DUVW22200,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:12:00,Inserted: 2013-01-09 15:20:09,End: 2013-01-09 15:12:00,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:37:30,Forced SONAR threat detected,Computer name: A01LTFW20296,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:33:23,Inserted: 2013-01-09 15:37:30,End: 2013-01-09 15:33:23,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L113255,Source computer: ,Source IP:
2013-01-09 16:26:30,Forced SONAR threat detected,Computer name: A01LTFW02200,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:16:36,Inserted: 2013-01-09 15:26:29,End: 2013-01-09 15:16:36,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H126042,Source computer: ,Source IP:
2013-01-09 16:36:50,Forced SONAR threat detected,Computer name: A01LTFW20731,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: JAWS,Application type: Trojan Worm,Application version: "13, 0, 977, 400",Hash type: SHA-1,Application hash: 6f54216134d7c30b700cbcf1ea0a140af05cc867,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 1489800,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\jaws\13.0\jfw.exe,"c:\program files\freedom scientific\jaws\13.0\jfw.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:34:26,Inserted: 2013-01-09 15:36:50,End: 2013-01-09 15:34:26,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B123381,Source computer: ,Source IP:
2013-01-09 16:29:50,Potential risk found,Computer name: A34DUVW22154,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:24:52,Inserted: 2013-01-09 15:29:50,End: 2013-01-09 15:24:52,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:37:30,Potential risk found,Computer name: A34DUVW03012,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:33:34,Inserted: 2013-01-09 15:37:30,End: 2013-01-09 15:33:34,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:33:50,Potential risk found,Computer name: A34DUVW22277,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:32:49,Inserted: 2013-01-09 15:33:50,End: 2013-01-09 15:32:49,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:27:50,Potential risk found,Computer name: A34DUVW22164,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:21:08,Inserted: 2013-01-09 15:27:50,End: 2013-01-09 15:21:08,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:28:50,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:24:51,Inserted: 2013-01-09 15:28:50,End: 2013-01-09 15:24:51,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:31:30,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:25:05,Inserted: 2013-01-09 15:31:30,End: 2013-01-09 15:25:05,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:34:50,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:30:18,Inserted: 2013-01-09 15:34:50,End: 2013-01-09 15:30:18,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:53:50,Forced SONAR threat detected,Computer name: A01LTFW20502,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:45:45,Inserted: 2013-01-09 15:53:50,End: 2013-01-09 15:45:45,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B130602,Source computer: ,Source IP:
2013-01-09 16:44:10,Forced SONAR threat detected,Computer name: A01LTFW20079,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:41:29,Inserted: 2013-01-09 15:44:10,End: 2013-01-09 15:41:29,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S114422,Source computer: ,Source IP:
2013-01-09 16:48:30,Forced SONAR threat detected,Computer name: A01LTFW21003,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:40:28,Inserted: 2013-01-09 15:48:30,End: 2013-01-09 15:40:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N116098,Source computer: ,Source IP:
2013-01-09 16:39:30,Forced SONAR threat detected,Computer name: A01LTFW20250,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:31:32,Inserted: 2013-01-09 15:39:30,End: 2013-01-09 15:31:31,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108645,Source computer: ,Source IP:
2013-01-09 16:51:30,Forced SONAR threat detected,Computer name: A01LTFW01212,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 06:31:20,Inserted: 2013-01-09 15:51:30,End: 2013-01-09 06:31:19,Domain: Default,Group: My Company\Default Group,Server: a01mmfw016,User: R125274,Source computer: ,Source IP:
2013-01-09 16:47:30,Potential risk found,Computer name: A34DUVW20020,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:41:35,Inserted: 2013-01-09 15:47:30,End: 2013-01-09 15:41:35,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:52:10,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:46:38,Inserted: 2013-01-09 15:52:10,End: 2013-01-09 15:46:38,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:40:50,Potential risk found,Computer name: A34DUVW08077,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:39:51,Inserted: 2013-01-09 15:40:50,End: 2013-01-09 15:39:51,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 17:05:31,Forced SONAR threat detected,Computer name: A01LTFW20560,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-08 21:10:01,Inserted: 2013-01-09 16:05:31,End: 2013-01-08 21:10:01,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102627,Source computer: ,Source IP:
2013-01-09 16:56:30,Forced SONAR threat detected,Computer name: A01LTFW20596,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:50:42,Inserted: 2013-01-09 15:56:30,End: 2013-01-09 15:50:42,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A100576,Source computer: ,Source IP:
2013-01-09 17:03:51,Forced SONAR threat detected,Computer name: A01LTFW00725,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:00:21,Inserted: 2013-01-09 16:03:50,End: 2013-01-09 16:00:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O119260,Source computer: ,Source IP:
2013-01-09 17:04:50,Forced SONAR threat detected,Computer name: A01LTFW01419,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:03:43,Inserted: 2013-01-09 16:04:50,End: 2013-01-09 16:03:43,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102658,Source computer: ,Source IP:
2013-01-09 17:01:30,Forced SONAR threat detected,Computer name: A01LTFW02749,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:58:37,Inserted: 2013-01-09 16:01:30,End: 2013-01-09 15:58:36,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P133789,Source computer: ,Source IP:
2013-01-09 16:57:30,Potential risk found,Computer name: A34DUVW08046,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:54:47,Inserted: 2013-01-09 15:57:30,End: 2013-01-09 15:54:47,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:58:50,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:49:40,Inserted: 2013-01-09 15:58:50,End: 2013-01-09 15:49:40,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 16:57:30,Potential risk found,Computer name: A34DUVW22137,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:54:19,Inserted: 2013-01-09 15:57:30,End: 2013-01-09 15:54:19,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 17:03:30,Potential risk found,Computer name: A34DUVW20020,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 15:58:09,Inserted: 2013-01-09 16:03:30,End: 2013-01-09 15:58:09,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 17:15:31,Forced SONAR threat detected,Computer name: A01LTFW20069,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:13:54,Inserted: 2013-01-09 16:15:31,End: 2013-01-09 16:13:53,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L116460,Source computer: ,Source IP:
2013-01-09 17:19:51,Forced SONAR threat detected,Computer name: A01LTFW01926,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-08 23:22:33,Inserted: 2013-01-09 16:19:51,End: 2013-01-08 23:22:33,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S111056,Source computer: ,Source IP:
2013-01-09 17:15:51,Forced SONAR threat detected,Computer name: A01LTFW20637,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:11:15,Inserted: 2013-01-09 16:15:51,End: 2013-01-09 16:11:15,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H117292,Source computer: ,Source IP:
2013-01-09 17:21:31,Forced SONAR threat detected,Computer name: A01LTFW20106,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:19:44,Inserted: 2013-01-09 16:21:31,End: 2013-01-09 16:19:44,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R115659,Source computer: ,Source IP:
2013-01-09 17:19:11,Forced SONAR threat detected,Computer name: A01LTFW20399,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:18:00,Inserted: 2013-01-09 16:19:11,End: 2013-01-09 16:18:00,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K104998,Source computer: ,Source IP:
2013-01-09 17:20:51,Forced SONAR threat detected,Computer name: A01LTFW02090,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:19:07,Inserted: 2013-01-09 16:20:51,End: 2013-01-09 16:19:07,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M120161,Source computer: ,Source IP:
2013-01-09 17:22:31,Forced SONAR threat detected,Computer name: A01LTFW01470,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:19:22,Inserted: 2013-01-09 16:22:31,End: 2013-01-09 16:19:22,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N106587,Source computer: ,Source IP:
2013-01-09 17:19:51,Forced SONAR threat detected,Computer name: A01LTFW00670,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:17:20,Inserted: 2013-01-09 16:19:51,End: 2013-01-09 16:17:20,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B116030,Source computer: ,Source IP:
2013-01-09 17:19:11,Potential risk found,Computer name: A34DUVW22031,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 16:14:52,Inserted: 2013-01-09 16:19:11,End: 2013-01-09 16:14:52,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 17:09:31,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 16:02:07,Inserted: 2013-01-09 16:09:31,End: 2013-01-09 16:02:07,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 17:28:31,Forced SONAR threat detected,Computer name: A01LTFW21106,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:25:24,Inserted: 2013-01-09 16:28:31,End: 2013-01-09 16:25:24,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W118296,Source computer: ,Source IP:
2013-01-09 17:36:51,Potential risk found,Computer name: A34DUFW00261,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 16:27:29,Inserted: 2013-01-09 16:36:51,End: 2013-01-09 16:27:29,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 17:40:51,Forced SONAR threat detected,Computer name: A01LTFW20134,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:36:09,Inserted: 2013-01-09 16:40:51,End: 2013-01-09 16:36:09,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S111028,Source computer: ,Source IP:
2013-01-09 17:51:52,Forced SONAR threat detected,Computer name: A01LTFW21148,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:48:44,Inserted: 2013-01-09 16:51:52,End: 2013-01-09 16:48:44,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: C112886,Source computer: ,Source IP:
2013-01-09 17:50:32,Forced SONAR threat detected,Computer name: A01LTFW20270,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:41:06,Inserted: 2013-01-09 16:50:32,End: 2013-01-09 16:41:06,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: D134739,Source computer: ,Source IP:
2013-01-09 17:43:31,Potential risk found,Computer name: A34DUVW14060,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 16:37:17,Inserted: 2013-01-09 16:43:31,End: 2013-01-09 16:37:17,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 17:58:52,Forced SONAR threat detected,Computer name: A01LTFW02323,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:56:02,Inserted: 2013-01-09 16:58:52,End: 2013-01-09 16:56:02,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H103142,Source computer: ,Source IP:
2013-01-09 18:05:32,Forced SONAR threat detected,Computer name: A01LTFW01926,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:01:53,Inserted: 2013-01-09 17:05:32,End: 2013-01-09 17:01:53,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S111056,Source computer: ,Source IP:
2013-01-09 18:08:52,Forced SONAR threat detected,Computer name: A01LTFW21162,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:03:59,Inserted: 2013-01-09 17:08:52,End: 2013-01-09 17:03:59,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H103684,Source computer: ,Source IP:
2013-01-09 17:57:52,Forced SONAR threat detected,Computer name: A01LTFW20560,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 16:53:21,Inserted: 2013-01-09 16:57:52,End: 2013-01-09 16:53:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102627,Source computer: ,Source IP:
2013-01-09 18:13:12,Forced SONAR threat detected,Computer name: A01LTFW02806,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:10:05,Inserted: 2013-01-09 17:13:12,End: 2013-01-09 17:10:05,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T109479,Source computer: ,Source IP:
2013-01-09 18:17:32,Forced SONAR threat detected,Computer name: A01LTFW02615,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:13:25,Inserted: 2013-01-09 17:17:32,End: 2013-01-09 17:13:25,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P107429,Source computer: ,Source IP:
2013-01-09 18:12:32,Forced SONAR threat detected,Computer name: A01LTFW20784,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:07:29,Inserted: 2013-01-09 17:12:32,End: 2013-01-09 17:07:29,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P114855,Source computer: ,Source IP:
2013-01-09 18:11:32,Forced SONAR threat detected,Computer name: A01LTFW00725,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:08:09,Inserted: 2013-01-09 17:11:32,End: 2013-01-09 17:08:09,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O119260,Source computer: ,Source IP:
2013-01-09 18:14:12,Forced SONAR threat detected,Computer name: A01LTFW20255,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:09:29,Inserted: 2013-01-09 17:14:12,End: 2013-01-09 17:09:29,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E136379,Source computer: ,Source IP:
2013-01-09 18:15:32,Forced SONAR threat detected,Computer name: A01LTFW01972,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:10:15,Inserted: 2013-01-09 17:15:32,End: 2013-01-09 17:10:15,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B113891,Source computer: ,Source IP:
2013-01-09 18:15:32,Forced SONAR threat detected,Computer name: A01LTFW20305,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:14:50,Inserted: 2013-01-09 17:15:32,End: 2013-01-09 17:14:50,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T113981,Source computer: ,Source IP:
2013-01-09 18:13:12,Forced SONAR threat detected,Computer name: A01LTFW21178,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-02 15:26:16,Inserted: 2013-01-09 17:13:12,End: 2013-01-02 15:26:16,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M121295,Source computer: ,Source IP:
2013-01-09 18:10:32,Potential risk found,Computer name: A34DUVW20020,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 17:05:14,Inserted: 2013-01-09 17:10:32,End: 2013-01-09 17:05:14,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 18:30:13,Forced SONAR threat detected,Computer name: A01LTFW01059,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:25:13,Inserted: 2013-01-09 17:30:13,End: 2013-01-09 17:25:13,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W110163,Source computer: ,Source IP:
2013-01-09 18:34:13,Forced SONAR threat detected,Computer name: A01LTFW20061,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:29:34,Inserted: 2013-01-09 17:34:13,End: 2013-01-09 17:29:34,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R107736,Source computer: ,Source IP:
2013-01-09 18:38:13,Forced SONAR threat detected,Computer name: A01LTFW20985,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2012-12-19 10:10:14,Inserted: 2013-01-09 17:38:13,End: 2012-12-19 10:10:14,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W137891,Source computer: ,Source IP:
2013-01-09 18:37:53,Forced SONAR threat detected,Computer name: A01LTFW01273,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:33:16,Inserted: 2013-01-09 17:37:53,End: 2013-01-09 17:33:16,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102589,Source computer: ,Source IP:
2013-01-09 18:37:53,Potential risk found,Computer name: A34DUVW22018,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 17:34:48,Inserted: 2013-01-09 17:37:53,End: 2013-01-09 17:34:48,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 18:39:33,Forced SONAR threat detected,Computer name: A01LTFW20191,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:34:25,Inserted: 2013-01-09 17:39:33,End: 2013-01-09 17:34:25,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: V113013,Source computer: ,Source IP:
2013-01-09 18:50:53,Forced SONAR threat detected,Computer name: A01LTFW20550,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:47:35,Inserted: 2013-01-09 17:50:53,End: 2013-01-09 17:47:35,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O107070,Source computer: ,Source IP:
2013-01-09 18:39:33,Forced SONAR threat detected,Computer name: A01LTFW01121,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:35:56,Inserted: 2013-01-09 17:39:33,End: 2013-01-09 17:35:56,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N122645,Source computer: ,Source IP:
2013-01-09 18:43:53,Forced SONAR threat detected,Computer name: A01LTFW20673,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:40:30,Inserted: 2013-01-09 17:43:53,End: 2013-01-09 17:40:29,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S113945,Source computer: ,Source IP:
2013-01-09 18:45:13,Forced SONAR threat detected,Computer name: A01LTFW20222,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:40:02,Inserted: 2013-01-09 17:45:13,End: 2013-01-09 17:40:01,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102632,Source computer: ,Source IP:
2013-01-09 18:43:53,Potential risk found,Computer name: A34DUVW21065,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 17:38:08,Inserted: 2013-01-09 17:43:53,End: 2013-01-09 17:38:08,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 18:48:53,Potential risk found,Computer name: A34DUVW15146,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 17:47:08,Inserted: 2013-01-09 17:48:53,End: 2013-01-09 17:47:08,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 18:53:53,Potential risk found,Computer name: A34DUVW21027,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 17:44:49,Inserted: 2013-01-09 17:53:53,End: 2013-01-09 17:44:49,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 18:56:53,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Screen Magnification,Application type: Trojan Worm,Application version: "11, 0, 4356, 400",Hash type: SHA-1,Application hash: 1ce39d44cc735db5788f07b25c5bb32c6ca48c09,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 421144,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe,"c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:53:39,Inserted: 2013-01-09 17:56:53,End: 2013-01-09 17:53:38,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 18:57:53,Forced SONAR threat detected,Computer name: A01LTFW20655,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:51:39,Inserted: 2013-01-09 17:57:53,End: 2013-01-09 17:51:39,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P107449,Source computer: ,Source IP:
2013-01-09 19:01:13,Forced SONAR threat detected,Computer name: A01LTFW02666,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:56:52,Inserted: 2013-01-09 18:01:13,End: 2013-01-09 17:56:52,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K105125,Source computer: ,Source IP:
2013-01-09 19:07:14,Forced SONAR threat detected,Computer name: A01LTFW02325,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:04:04,Inserted: 2013-01-09 18:07:14,End: 2013-01-09 18:04:04,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H117335,Source computer: ,Source IP:
2013-01-09 19:03:53,Forced SONAR threat detected,Computer name: A01LTFW02537,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:00:55,Inserted: 2013-01-09 18:03:53,End: 2013-01-09 18:00:55,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: G133048,Source computer: ,Source IP:
2013-01-09 19:02:33,Forced SONAR threat detected,Computer name: A01LTFW20517,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:57:39,Inserted: 2013-01-09 18:02:33,End: 2013-01-09 17:57:39,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: V109850,Source computer: ,Source IP:
2013-01-09 18:56:53,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:53:18,Inserted: 2013-01-09 17:56:53,End: 2013-01-09 17:53:18,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 18:56:53,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:53:28,Inserted: 2013-01-09 17:56:53,End: 2013-01-09 17:53:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 18:56:53,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 17:53:49,Inserted: 2013-01-09 17:56:53,End: 2013-01-09 17:53:49,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 19:01:13,Potential risk found,Computer name: A34DUFW00347,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 17:51:48,Inserted: 2013-01-09 18:01:13,End: 2013-01-09 17:51:48,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 19:04:53,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 17:57:10,Inserted: 2013-01-09 18:04:53,End: 2013-01-09 17:57:10,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 19:15:54,Forced SONAR threat detected,Computer name: A01LTFW02806,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:10:05,Inserted: 2013-01-09 18:15:54,End: 2013-01-09 18:10:05,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T109479,Source computer: ,Source IP:
2013-01-09 19:21:54,Forced SONAR threat detected,Computer name: A01LTFW20451,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-07 21:42:07,Inserted: 2013-01-09 18:21:54,End: 2013-01-07 21:42:07,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: G103079,Source computer: ,Source IP:
2013-01-09 19:19:14,Forced SONAR threat detected,Computer name: A01LTFW20264,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:14:43,Inserted: 2013-01-09 18:19:14,End: 2013-01-09 18:14:43,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102477,Source computer: ,Source IP:
2013-01-09 19:19:54,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 18:18:09,Inserted: 2013-01-09 18:19:54,End: 2013-01-09 18:18:09,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 19:33:54,Forced SONAR threat detected,Computer name: A01LTFW01638,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:32:29,Inserted: 2013-01-09 18:33:54,End: 2013-01-09 18:32:29,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J104353,Source computer: ,Source IP:
2013-01-09 19:32:14,Forced SONAR threat detected,Computer name: A01LTFW21125,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:29:02,Inserted: 2013-01-09 18:32:14,End: 2013-01-09 18:29:02,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S115879,Source computer: ,Source IP:
2013-01-09 19:34:54,Forced SONAR threat detected,Computer name: A01LTFW01391,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:33:35,Inserted: 2013-01-09 18:34:54,End: 2013-01-09 18:33:35,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T109574,Source computer: ,Source IP:
2013-01-09 19:37:54,Forced SONAR threat detected,Computer name: A01LTFW20255,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:30:40,Inserted: 2013-01-09 18:37:54,End: 2013-01-09 18:30:40,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E136379,Source computer: ,Source IP:
2013-01-09 19:24:54,Forced SONAR threat detected,Computer name: A01LTFW02465,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:23:45,Inserted: 2013-01-09 18:24:54,End: 2013-01-09 18:23:45,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F112694,Source computer: ,Source IP:
2013-01-09 19:36:54,Forced SONAR threat detected,Computer name: A01LTFW20994,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:33:08,Inserted: 2013-01-09 18:36:54,End: 2013-01-09 18:33:08,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F119659,Source computer: ,Source IP:
2013-01-09 19:32:14,Forced SONAR threat detected,Computer name: A01LTFW02749,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:23:03,Inserted: 2013-01-09 18:32:14,End: 2013-01-09 18:23:03,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P133789,Source computer: ,Source IP:
2013-01-09 19:26:14,Forced SONAR threat detected,Computer name: A01LTFW01658,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:21:59,Inserted: 2013-01-09 18:26:14,End: 2013-01-09 18:21:59,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R107906,Source computer: ,Source IP:
2013-01-09 19:37:54,Forced SONAR threat detected,Computer name: A01LTFW20440,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:33:30,Inserted: 2013-01-09 18:37:54,End: 2013-01-09 18:33:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102353,Source computer: ,Source IP:
2013-01-09 19:38:54,Forced SONAR threat detected,Computer name: A01LTFW20733,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:35:59,Inserted: 2013-01-09 18:38:54,End: 2013-01-09 18:35:59,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A100492,Source computer: ,Source IP:
2013-01-09 19:26:14,Forced SONAR threat detected,Computer name: A01LTFW20060,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:21:55,Inserted: 2013-01-09 18:26:14,End: 2013-01-09 18:21:55,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M118814,Source computer: ,Source IP:
2013-01-09 19:45:14,Forced SONAR threat detected,Computer name: A01LTFW20514,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:40:07,Inserted: 2013-01-09 18:45:14,End: 2013-01-09 18:40:07,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M117449,Source computer: ,Source IP:
2013-01-09 19:44:54,Forced SONAR threat detected,Computer name: A01LTFW01059,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:36:37,Inserted: 2013-01-09 18:44:54,End: 2013-01-09 18:36:37,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W110163,Source computer: ,Source IP:
2013-01-09 19:46:54,Forced SONAR threat detected,Computer name: A01LTFW00231,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:43:21,Inserted: 2013-01-09 18:46:54,End: 2013-01-09 18:43:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: V114475,Source computer: ,Source IP:
2013-01-09 19:51:55,Forced SONAR threat detected,Computer name: A01LTFW20650,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:49:12,Inserted: 2013-01-09 18:51:55,End: 2013-01-09 18:49:12,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P111209,Source computer: ,Source IP:
2013-01-09 19:44:54,Forced SONAR threat detected,Computer name: A01LTFW01465,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:43:34,Inserted: 2013-01-09 18:44:54,End: 2013-01-09 18:43:34,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R115765,Source computer: ,Source IP:
2013-01-09 19:42:14,Potential risk found,Computer name: A34DUFW00152,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 18:38:44,Inserted: 2013-01-09 18:42:14,End: 2013-01-09 18:38:44,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 20:02:15,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Screen Magnification,Application type: Trojan Worm,Application version: "11, 0, 4356, 400",Hash type: SHA-1,Application hash: 1ce39d44cc735db5788f07b25c5bb32c6ca48c09,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 421144,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe,"c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:53:22,Inserted: 2013-01-09 19:02:15,End: 2013-01-09 18:53:22,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 20:04:55,Forced SONAR threat detected,Computer name: A01LTFW20517,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:59:23,Inserted: 2013-01-09 19:04:55,End: 2013-01-09 18:59:23,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: V109850,Source computer: ,Source IP:
2013-01-09 20:00:15,Forced SONAR threat detected,Computer name: A01LTFW20412,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:50:21,Inserted: 2013-01-09 19:00:15,End: 2013-01-09 18:50:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K105313,Source computer: ,Source IP:
2013-01-09 20:03:15,Forced SONAR threat detected,Computer name: A01LTFW20069,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:55:24,Inserted: 2013-01-09 19:03:15,End: 2013-01-09 18:55:24,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L116460,Source computer: ,Source IP:
2013-01-09 20:07:55,Forced SONAR threat detected,Computer name: A01LTFW02529,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:03:48,Inserted: 2013-01-09 19:07:55,End: 2013-01-09 19:03:48,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S107989,Source computer: ,Source IP:
2013-01-09 19:57:55,Forced SONAR threat detected,Computer name: A01LTFW20374,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:53:58,Inserted: 2013-01-09 18:57:55,End: 2013-01-09 18:53:58,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108471,Source computer: ,Source IP:
2013-01-09 19:59:15,Forced SONAR threat detected,Computer name: A01LTFW20502,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:55:28,Inserted: 2013-01-09 18:59:15,End: 2013-01-09 18:55:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B130602,Source computer: ,Source IP:
2013-01-09 20:05:55,Forced SONAR threat detected,Computer name: A01LTFW00492,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:02:17,Inserted: 2013-01-09 19:05:55,End: 2013-01-09 19:02:17,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H110670,Source computer: ,Source IP:
2013-01-09 20:08:55,Forced SONAR threat detected,Computer name: A01LTFW21123,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:04:06,Inserted: 2013-01-09 19:08:55,End: 2013-01-09 19:04:06,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H103636,Source computer: ,Source IP:
2013-01-09 20:07:55,Forced SONAR threat detected,Computer name: A01LTFW20892,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:05:23,Inserted: 2013-01-09 19:07:55,End: 2013-01-09 19:05:23,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A115379,Source computer: ,Source IP:
2013-01-09 19:57:55,Forced SONAR threat detected,Computer name: A01LTFW20956,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 14:49:57,Inserted: 2013-01-09 18:57:55,End: 2013-01-09 14:49:57,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N106716,Source computer: ,Source IP:
2013-01-09 19:56:55,Forced SONAR threat detected,Computer name: A01LTFW20560,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:53:25,Inserted: 2013-01-09 18:56:55,End: 2013-01-09 18:53:25,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102627,Source computer: ,Source IP:
2013-01-09 20:04:15,Forced SONAR threat detected,Computer name: A01LTFW02470,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:01:24,Inserted: 2013-01-09 19:04:15,End: 2013-01-09 19:01:24,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A113269,Source computer: ,Source IP:
2013-01-09 19:57:55,Forced SONAR threat detected,Computer name: A01LTFW01629,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:53:23,Inserted: 2013-01-09 18:57:55,End: 2013-01-09 18:53:23,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K112941,Source computer: ,Source IP:
2013-01-09 20:02:15,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:53:31,Inserted: 2013-01-09 19:02:15,End: 2013-01-09 18:53:31,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 20:02:15,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:53:12,Inserted: 2013-01-09 19:02:15,End: 2013-01-09 18:53:12,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 20:23:15,Forced SONAR threat detected,Computer name: A01LTFW20753,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:18:46,Inserted: 2013-01-09 19:23:15,End: 2013-01-09 19:18:46,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B111836,Source computer: ,Source IP:
2013-01-09 20:09:55,Forced SONAR threat detected,Computer name: A01LTFW02357,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:04:12,Inserted: 2013-01-09 19:09:55,End: 2013-01-09 19:04:11,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K123500,Source computer: ,Source IP:
2013-01-09 20:22:15,Forced SONAR threat detected,Computer name: A01LTFW21094,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:18:38,Inserted: 2013-01-09 19:22:15,End: 2013-01-09 19:18:38,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: D114438,Source computer: ,Source IP:
2013-01-09 20:22:15,Forced SONAR threat detected,Computer name: A01LTFW20451,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:17:53,Inserted: 2013-01-09 19:22:15,End: 2013-01-09 19:17:52,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: G103079,Source computer: ,Source IP:
2013-01-09 20:09:55,Forced SONAR threat detected,Computer name: A01LTFW01149,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:57:28,Inserted: 2013-01-09 19:09:55,End: 2013-01-09 13:57:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O117966,Source computer: ,Source IP:
2013-01-09 20:19:55,Potential risk found,Computer name: A34DUVW22222,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 19:16:54,Inserted: 2013-01-09 19:19:55,End: 2013-01-09 19:16:54,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 20:19:55,Potential risk found,Computer name: A34DUVW22111,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 19:15:29,Inserted: 2013-01-09 19:19:55,End: 2013-01-09 19:15:29,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 20:34:56,Forced SONAR threat detected,Computer name: A01LTFW20626,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:31:23,Inserted: 2013-01-09 19:34:56,End: 2013-01-09 19:31:23,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J104688,Source computer: ,Source IP:
2013-01-09 20:27:16,Forced SONAR threat detected,Computer name: A01LTFW00717,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-01 17:11:59,Inserted: 2013-01-09 19:27:16,End: 2013-01-01 17:11:56,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A100271,Source computer: ,Source IP:
2013-01-09 20:31:56,Forced SONAR threat detected,Computer name: A01LTFW02154,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:27:28,Inserted: 2013-01-09 19:31:56,End: 2013-01-09 19:27:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K105411,Source computer: ,Source IP:
2013-01-09 20:37:56,Forced SONAR threat detected,Computer name: A01LTFW01779,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:32:38,Inserted: 2013-01-09 19:37:56,End: 2013-01-09 19:32:38,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K105293,Source computer: ,Source IP:
2013-01-09 20:25:56,Forced SONAR threat detected,Computer name: A01LTFW20399,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:22:09,Inserted: 2013-01-09 19:25:56,End: 2013-01-09 19:22:08,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K104998,Source computer: ,Source IP:
2013-01-09 20:30:56,Forced SONAR threat detected,Computer name: A01LTFW02192,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 18:58:41,Inserted: 2013-01-09 19:30:56,End: 2013-01-09 18:58:41,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T120376,Source computer: ,Source IP:
2013-01-09 20:29:16,Forced SONAR threat detected,Computer name: A01LTFW20070,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:24:16,Inserted: 2013-01-09 19:29:16,End: 2013-01-09 19:24:16,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N112776,Source computer: ,Source IP:
2013-01-09 20:32:16,Forced SONAR threat detected,Computer name: A01LTFW20112,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:27:47,Inserted: 2013-01-09 19:32:16,End: 2013-01-09 19:27:47,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J110394,Source computer: ,Source IP:
2013-01-09 20:36:16,Forced SONAR threat detected,Computer name: A01LTFW20037,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:32:14,Inserted: 2013-01-09 19:36:16,End: 2013-01-09 19:32:14,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B118051,Source computer: ,Source IP:
2013-01-09 20:39:56,Forced SONAR threat detected,Computer name: A01LTFW02666,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:35:33,Inserted: 2013-01-09 19:39:56,End: 2013-01-09 19:35:33,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K105125,Source computer: ,Source IP:
2013-01-09 20:42:56,Forced SONAR threat detected,Computer name: A01LTFW20255,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:38:05,Inserted: 2013-01-09 19:42:56,End: 2013-01-09 19:38:05,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E136379,Source computer: ,Source IP:
2013-01-09 20:47:56,Forced SONAR threat detected,Computer name: A01LTFW20762,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:40:56,Inserted: 2013-01-09 19:47:56,End: 2013-01-09 19:40:55,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A113291,Source computer: ,Source IP:
2013-01-09 20:44:16,Forced SONAR threat detected,Computer name: A01LTFW20134,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:36:08,Inserted: 2013-01-09 19:44:16,End: 2013-01-09 19:36:08,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S111028,Source computer: ,Source IP:
2013-01-09 20:47:56,Forced SONAR threat detected,Computer name: A01LTFW20614,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:42:25,Inserted: 2013-01-09 19:47:56,End: 2013-01-09 19:42:25,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B123452,Source computer: ,Source IP:
2013-01-09 20:41:56,Forced SONAR threat detected,Computer name: A01LTFW20785,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:37:24,Inserted: 2013-01-09 19:41:56,End: 2013-01-09 19:37:23,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B100916,Source computer: ,Source IP:
2013-01-09 20:41:56,Forced SONAR threat detected,Computer name: A01LTFW20397,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2012-12-28 10:15:53,Inserted: 2012-12-28 10:21:00,End: 2012-12-28 10:15:53,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P112725,Source computer: ,Source IP:
2013-01-09 20:42:56,Forced SONAR threat detected,Computer name: A01LTFW20359,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:39:09,Inserted: 2013-01-09 19:42:56,End: 2013-01-09 19:39:09,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M113636,Source computer: ,Source IP:
2013-01-09 20:41:56,Forced SONAR threat detected,Computer name: A01LTFW20836,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:40:43,Inserted: 2013-01-09 19:41:56,End: 2013-01-09 19:40:43,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S114683,Source computer: ,Source IP:
2013-01-09 20:44:16,Forced SONAR threat detected,Computer name: A01LTFW21151,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:34:14,Inserted: 2013-01-09 19:44:16,End: 2013-01-09 19:34:13,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H104156,Source computer: ,Source IP:
2013-01-09 20:44:16,Forced SONAR threat detected,Computer name: A01LTFW01404,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:41:12,Inserted: 2013-01-09 19:44:16,End: 2013-01-09 19:41:12,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B101159,Source computer: ,Source IP:
2013-01-09 20:48:56,Forced SONAR threat detected,Computer name: A01LTFW01121,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:43:41,Inserted: 2013-01-09 19:48:56,End: 2013-01-09 19:43:41,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N122645,Source computer: ,Source IP:
2013-01-09 20:41:56,Forced SONAR threat detected,Computer name: A01LTFW20397,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Details pending,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2012-12-28 10:15:53,Inserted: 2013-01-09 19:41:56,End: 2012-12-28 10:15:53,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P112725,Source computer: ,Source IP:
2013-01-09 20:57:56,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Screen Magnification,Application type: Trojan Worm,Application version: "11, 0, 4356, 400",Hash type: SHA-1,Application hash: 1ce39d44cc735db5788f07b25c5bb32c6ca48c09,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 421144,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe,"c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:53:34,Inserted: 2013-01-09 19:57:56,End: 2013-01-09 19:53:34,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 21:08:17,Forced SONAR threat detected,Computer name: A01LTFW20393,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:04:04,Inserted: 2013-01-09 20:08:17,End: 2013-01-09 20:04:04,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H112145,Source computer: ,Source IP:
2013-01-09 21:00:17,Forced SONAR threat detected,Computer name: A01LTFW20868,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:56:00,Inserted: 2013-01-09 20:00:17,End: 2013-01-09 19:56:00,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M136884,Source computer: ,Source IP:
2013-01-09 21:07:17,Forced SONAR threat detected,Computer name: A01LTFW20374,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:58:32,Inserted: 2013-01-09 20:07:17,End: 2013-01-09 19:58:32,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108471,Source computer: ,Source IP:
2013-01-09 21:08:17,Forced SONAR threat detected,Computer name: A01LTFW01965,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:06:48,Inserted: 2013-01-09 20:08:17,End: 2013-01-09 20:06:48,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F129703,Source computer: ,Source IP:
2013-01-09 20:57:56,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:53:15,Inserted: 2013-01-09 19:57:56,End: 2013-01-09 19:53:15,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 20:57:56,Forced SONAR threat detected,Computer name: A01LTFW20665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:53:25,Inserted: 2013-01-09 19:57:56,End: 2013-01-09 19:53:25,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108889,Source computer: ,Source IP:
2013-01-09 21:12:57,Forced SONAR threat detected,Computer name: A01LTFW02583,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:03:39,Inserted: 2013-01-09 20:12:57,End: 2013-01-09 20:03:37,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S114871,Source computer: ,Source IP:
2013-01-09 21:18:17,Forced SONAR threat detected,Computer name: A01LTFW01062,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:16:25,Inserted: 2013-01-09 20:18:17,End: 2013-01-09 20:16:25,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W130105,Source computer: ,Source IP:
2013-01-09 21:10:17,Forced SONAR threat detected,Computer name: A01LTFW02650,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:08:30,Inserted: 2013-01-09 20:10:17,End: 2013-01-09 20:08:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F116723,Source computer: ,Source IP:
2013-01-09 21:13:57,Forced SONAR threat detected,Computer name: A01LTFW01429,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:08:53,Inserted: 2013-01-09 20:13:57,End: 2013-01-09 20:08:53,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B101530,Source computer: ,Source IP:
2013-01-09 21:13:57,Forced SONAR threat detected,Computer name: A01LTFW20673,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:12:14,Inserted: 2013-01-09 20:13:57,End: 2013-01-09 20:12:14,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S113945,Source computer: ,Source IP:
2013-01-09 21:15:37,Forced SONAR threat detected,Computer name: A01LTFW02192,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:12:45,Inserted: 2013-01-09 20:15:37,End: 2013-01-09 20:12:45,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T120376,Source computer: ,Source IP:
2013-01-09 21:09:17,Forced SONAR threat detected,Computer name: A01LTFW01429,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:08:18,Inserted: 2013-01-09 20:09:17,End: 2013-01-09 20:08:18,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B101530,Source computer: ,Source IP:
2013-01-09 21:22:17,Forced SONAR threat detected,Computer name: A01LTFW21123,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:16:51,Inserted: 2013-01-09 20:22:17,End: 2013-01-09 20:16:51,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H103636,Source computer: ,Source IP:
2013-01-09 21:21:17,Forced SONAR threat detected,Computer name: A01LTFW20291,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:16:31,Inserted: 2013-01-09 20:21:17,End: 2013-01-09 20:16:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108481,Source computer: ,Source IP:
2013-01-09 21:21:17,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 20:16:54,Inserted: 2013-01-09 20:21:17,End: 2013-01-09 20:16:54,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 21:31:57,Forced SONAR threat detected,Computer name: A01LTFW00717,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:24:02,Inserted: 2013-01-09 20:31:57,End: 2013-01-09 20:24:02,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A100271,Source computer: ,Source IP:
2013-01-09 21:36:57,Forced SONAR threat detected,Computer name: A01LTFW01611,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:32:56,Inserted: 2013-01-09 20:36:57,End: 2013-01-09 20:32:56,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: G126841,Source computer: ,Source IP:
2013-01-09 21:33:17,Forced SONAR threat detected,Computer name: A01LTFW20861,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:31:06,Inserted: 2013-01-09 20:33:17,End: 2013-01-09 20:31:06,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S134519,Source computer: ,Source IP:
2013-01-09 21:25:57,Forced SONAR threat detected,Computer name: A01LTFW02291,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:23:42,Inserted: 2013-01-09 20:25:57,End: 2013-01-09 20:23:42,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H103282,Source computer: ,Source IP:
2013-01-09 21:24:57,Forced SONAR threat detected,Computer name: A01LTFW20560,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 19:53:22,Inserted: 2013-01-09 20:24:57,End: 2013-01-09 19:53:22,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102627,Source computer: ,Source IP:
2013-01-09 21:36:57,Forced SONAR threat detected,Computer name: A01LTFW02523,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:32:48,Inserted: 2013-01-09 20:36:57,End: 2013-01-09 20:32:48,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: D113864,Source computer: ,Source IP:
2013-01-09 21:24:57,Forced SONAR threat detected,Computer name: A01LTFW20913,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:20:37,Inserted: 2013-01-09 20:24:57,End: 2013-01-09 20:20:36,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: U109747,Source computer: ,Source IP:
2013-01-09 21:24:57,Forced SONAR threat detected,Computer name: A01LTFW01972,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:22:07,Inserted: 2013-01-09 20:24:57,End: 2013-01-09 20:22:07,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B113891,Source computer: ,Source IP:
2013-01-09 21:30:17,Forced SONAR threat detected,Computer name: A01LTFW01697,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:27:12,Inserted: 2013-01-09 20:30:17,End: 2013-01-09 20:27:11,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: V119062,Source computer: ,Source IP:
2013-01-09 21:29:17,Forced SONAR threat detected,Computer name: A01LTFW20615,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:23:58,Inserted: 2013-01-09 20:29:17,End: 2013-01-09 20:23:58,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108794,Source computer: ,Source IP:
2013-01-09 21:28:17,Forced SONAR threat detected,Computer name: A01LTFW01773,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:27:24,Inserted: 2013-01-09 20:28:17,End: 2013-01-09 20:27:24,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M129142,Source computer: ,Source IP:
2013-01-09 21:51:18,Forced SONAR threat detected,Computer name: A01LTFW01430,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:47:39,Inserted: 2013-01-09 20:51:18,End: 2013-01-09 20:47:39,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H123583,Source computer: ,Source IP:
2013-01-09 21:49:58,Forced SONAR threat detected,Computer name: A01LTFW20105,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 13:14:07,Inserted: 2013-01-09 20:49:58,End: 2013-01-09 13:14:07,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W138244,Source computer: ,Source IP:
2013-01-09 21:47:18,Forced SONAR threat detected,Computer name: A01LTFW20164,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:44:04,Inserted: 2013-01-09 20:47:18,End: 2013-01-09 20:44:03,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S115347,Source computer: ,Source IP:
2013-01-09 21:45:58,Forced SONAR threat detected,Computer name: A01LTFW20855,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:42:31,Inserted: 2013-01-09 20:45:58,End: 2013-01-09 20:42:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H126826,Source computer: ,Source IP:
2013-01-09 21:51:18,Potential risk found,Computer name: A34DUVW22172,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 20:45:07,Inserted: 2013-01-09 20:51:18,End: 2013-01-09 20:45:07,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 21:47:18,Potential risk found,Computer name: A34DUFW00320,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 20:40:45,Inserted: 2013-01-09 20:47:18,End: 2013-01-09 20:40:45,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 21:59:18,Forced SONAR threat detected,Computer name: A01LTFW20112,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:55:39,Inserted: 2013-01-09 20:59:18,End: 2013-01-09 20:55:39,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J110394,Source computer: ,Source IP:
2013-01-09 21:59:18,Forced SONAR threat detected,Computer name: A01LTFW20799,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:55:11,Inserted: 2013-01-09 20:59:18,End: 2013-01-09 20:55:11,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108835,Source computer: ,Source IP:
2013-01-09 21:56:58,Forced SONAR threat detected,Computer name: A01LTFW20560,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:53:21,Inserted: 2013-01-09 20:56:58,End: 2013-01-09 20:53:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102627,Source computer: ,Source IP:
2013-01-09 22:06:18,Forced SONAR threat detected,Computer name: A01LTFW01926,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:05:02,Inserted: 2013-01-09 21:06:18,End: 2013-01-09 21:05:02,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S111056,Source computer: ,Source IP:
2013-01-09 21:58:18,Forced SONAR threat detected,Computer name: A01LTFW20732,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:54:30,Inserted: 2013-01-09 20:58:18,End: 2013-01-09 20:54:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N122362,Source computer: ,Source IP:
2013-01-09 21:56:58,Forced SONAR threat detected,Computer name: A01LTFW20201,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:54:49,Inserted: 2013-01-09 20:56:58,End: 2013-01-09 20:54:49,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M106059,Source computer: ,Source IP:
2013-01-09 22:21:18,Forced SONAR threat detected,Computer name: A01LTFW20953,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 07:55:48,Inserted: 2013-01-09 21:21:18,End: 2013-01-09 07:55:48,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B119955,Source computer: ,Source IP:
2013-01-09 22:15:18,Forced SONAR threat detected,Computer name: A01LTFW20579,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:10:02,Inserted: 2013-01-09 21:15:18,End: 2013-01-09 21:10:01,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R110842,Source computer: ,Source IP:
2013-01-09 22:12:58,Forced SONAR threat detected,Computer name: A01LTFW01429,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:07:49,Inserted: 2013-01-09 21:12:58,End: 2013-01-09 21:07:49,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B101530,Source computer: ,Source IP:
2013-01-09 22:21:58,Forced SONAR threat detected,Computer name: A01LTFW02665,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:18:20,Inserted: 2013-01-09 21:21:58,End: 2013-01-09 21:18:20,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O121231,Source computer: ,Source IP:
2013-01-09 22:18:58,Potential risk found,Computer name: A34DUFW00083,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 21:14:25,Inserted: 2013-01-09 21:18:58,End: 2013-01-09 21:14:25,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 22:36:19,Forced SONAR threat detected,Computer name: A01LTFW20425,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:32:21,Inserted: 2013-01-09 21:36:19,End: 2013-01-09 21:32:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S108814,Source computer: ,Source IP:
2013-01-09 22:33:59,Forced SONAR threat detected,Computer name: A01LTFW02291,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:23:29,Inserted: 2013-01-09 21:33:59,End: 2013-01-09 21:23:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H103282,Source computer: ,Source IP:
2013-01-09 22:24:59,Forced SONAR threat detected,Computer name: A01LTFW02806,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:21:12,Inserted: 2013-01-09 21:24:59,End: 2013-01-09 21:21:12,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T109479,Source computer: ,Source IP:
2013-01-09 22:37:19,Forced SONAR threat detected,Computer name: A01LTFW21148,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:33:45,Inserted: 2013-01-09 21:37:19,End: 2013-01-09 21:33:45,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: C112886,Source computer: ,Source IP:
2013-01-09 22:24:59,Forced SONAR threat detected,Computer name: A01LTFW20092,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:21:13,Inserted: 2013-01-09 21:24:59,End: 2013-01-09 21:21:13,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O115560,Source computer: ,Source IP:
2013-01-09 22:38:19,Forced SONAR threat detected,Computer name: A01LTFW01432,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:31:30,Inserted: 2013-01-09 21:38:19,End: 2013-01-09 15:31:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B120415,Source computer: ,Source IP:
2013-01-09 22:31:59,Forced SONAR threat detected,Computer name: A01LTFW01404,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 2,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:26:53,Inserted: 2013-01-09 21:31:59,End: 2013-01-09 21:26:53,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B101159,Source computer: ,Source IP:
2013-01-09 22:30:19,Forced SONAR threat detected,Computer name: A01LTFW20454,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:23:56,Inserted: 2013-01-09 21:30:19,End: 2013-01-09 21:23:56,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N115191,Source computer: ,Source IP:
2013-01-09 22:27:19,Forced SONAR threat detected,Computer name: A01LTFW20332,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:22:57,Inserted: 2013-01-09 21:27:19,End: 2013-01-09 21:22:57,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K116503,Source computer: ,Source IP:
2013-01-09 22:32:39,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 21:28:30,Inserted: 2013-01-09 21:32:39,End: 2013-01-09 21:28:30,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 22:27:19,Potential risk found,Computer name: A34DUVW22195,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 21:24:05,Inserted: 2013-01-09 21:27:19,End: 2013-01-09 21:24:05,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 22:49:19,Forced SONAR threat detected,Computer name: A01LTFW01419,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:45:50,Inserted: 2013-01-09 21:49:19,End: 2013-01-09 21:45:50,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102658,Source computer: ,Source IP:
2013-01-09 22:44:19,Forced SONAR threat detected,Computer name: A01LTFW20230,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:41:11,Inserted: 2013-01-09 21:44:19,End: 2013-01-09 21:41:11,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H120933,Source computer: ,Source IP:
2013-01-09 22:52:59,Forced SONAR threat detected,Computer name: A01LTFW20255,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:46:11,Inserted: 2013-01-09 21:52:59,End: 2013-01-09 21:46:11,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E136379,Source computer: ,Source IP:
2013-01-09 22:53:59,Forced SONAR threat detected,Computer name: A01LTFW20404,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:48:24,Inserted: 2013-01-09 21:53:59,End: 2013-01-09 21:48:24,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J104380,Source computer: ,Source IP:
2013-01-09 23:00:20,Forced SONAR threat detected,Computer name: A01LTFW01900,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:56:33,Inserted: 2013-01-09 22:00:19,End: 2013-01-09 21:56:33,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B101269,Source computer: ,Source IP:
2013-01-09 23:01:20,Forced SONAR threat detected,Computer name: A01LTFW20743,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:56:03,Inserted: 2013-01-09 22:01:20,End: 2013-01-09 21:56:03,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K121397,Source computer: ,Source IP:
2013-01-09 22:54:59,Forced SONAR threat detected,Computer name: A01LTFW02666,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:51:21,Inserted: 2013-01-09 21:54:59,End: 2013-01-09 21:51:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K105125,Source computer: ,Source IP:
2013-01-09 22:55:59,Forced SONAR threat detected,Computer name: A01LTFW20105,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:47:15,Inserted: 2013-01-09 21:55:59,End: 2013-01-09 21:47:15,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W138244,Source computer: ,Source IP:
2013-01-09 23:02:20,Forced SONAR threat detected,Computer name: A01LTFW20612,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 21:12:28,Inserted: 2013-01-09 22:02:20,End: 2013-01-09 21:12:28,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F110555,Source computer: ,Source IP:
2013-01-09 22:58:19,Potential risk found,Computer name: A34DUFW00411,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 21:50:39,Inserted: 2013-01-09 21:58:19,End: 2013-01-09 21:50:39,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 23:13:20,Forced SONAR threat detected,Computer name: A01LTFW20269,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:11:52,Inserted: 2013-01-09 22:13:20,End: 2013-01-09 22:11:52,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A100526,Source computer: ,Source IP:
2013-01-09 23:22:00,Forced SONAR threat detected,Computer name: A01LTFW20953,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:16:49,Inserted: 2013-01-09 22:22:00,End: 2013-01-09 22:16:49,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B119955,Source computer: ,Source IP:
2013-01-09 23:21:20,Forced SONAR threat detected,Computer name: A01LTFW01429,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:16:25,Inserted: 2013-01-09 22:21:20,End: 2013-01-09 22:16:25,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B101530,Source computer: ,Source IP:
2013-01-09 23:22:00,Potential risk found,Computer name: A34DUFW00336,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 22:16:03,Inserted: 2013-01-09 22:22:00,End: 2013-01-09 22:16:03,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 23:32:20,Forced SONAR threat detected,Computer name: A01LTFW02674,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:30:55,Inserted: 2013-01-09 22:32:20,End: 2013-01-09 22:30:55,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J124048,Source computer: ,Source IP:
2013-01-09 23:31:20,Forced SONAR threat detected,Computer name: A01LTFW20928,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:27:54,Inserted: 2013-01-09 22:31:20,End: 2013-01-09 22:27:54,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: G102982,Source computer: ,Source IP:
2013-01-09 23:25:00,Potential risk found,Computer name: A34DUVW14085,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 22:21:39,Inserted: 2013-01-09 22:25:00,End: 2013-01-09 22:21:39,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 23:54:01,Forced SONAR threat detected,Computer name: A01LTFW20565,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:52:16,Inserted: 2013-01-09 22:54:01,End: 2013-01-09 22:52:16,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H103757,Source computer: ,Source IP:
2013-01-09 23:43:01,Forced SONAR threat detected,Computer name: A01LTFW20612,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:37:29,Inserted: 2013-01-09 22:43:01,End: 2013-01-09 22:37:29,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F110555,Source computer: ,Source IP:
2013-01-09 23:45:21,Forced SONAR threat detected,Computer name: A01LTFW20926,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:41:39,Inserted: 2013-01-09 22:45:21,End: 2013-01-09 22:41:39,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S109237,Source computer: ,Source IP:
2013-01-09 23:39:21,Potential risk found,Computer name: A34DUVW22104,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 22:33:55,Inserted: 2013-01-09 22:39:21,End: 2013-01-09 22:33:55,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-09 23:53:21,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 22:48:03,Inserted: 2013-01-09 22:53:21,End: 2013-01-09 22:48:03,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 00:01:21,Forced SONAR threat detected,Computer name: A01LTFW20273,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:55:55,Inserted: 2013-01-09 23:01:21,End: 2013-01-09 22:55:55,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T109354,Source computer: ,Source IP:
2013-01-10 00:02:01,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 22:58:17,Inserted: 2013-01-09 23:02:01,End: 2013-01-09 22:58:17,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 5,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 11:00:00,Inserted: 2013-01-04 14:00:00,End: 2012-11-22 11:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW16003,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 3,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 04:00:00,Inserted: 2013-01-08 12:00:00,End: 2012-11-15 04:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 11:00:00,Inserted: 2013-01-04 15:00:00,End: 2012-11-22 11:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2013-01-07 20:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2013-01-07 21:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2013-01-07 22:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2013-01-05 01:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 11:00:00,Inserted: 2013-01-04 18:00:00,End: 2012-11-22 11:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2013-01-07 23:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:04,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 5,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-25 10:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2013-01-05 02:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-28 01:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2013-01-07 18:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 4,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-22 14:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-25 05:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2013-01-04 03:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 5,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2013-01-02 06:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 14:00:00,Inserted: 2013-01-05 16:00:00,End: 2012-11-15 14:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 5,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 14:00:00,Inserted: 2012-12-23 03:00:00,End: 2012-11-15 14:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 3,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2013-01-03 22:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-26 21:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-29 12:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 14:00:00,Inserted: 2013-01-04 11:00:00,End: 2012-11-15 14:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-24 00:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 14:00:00,Inserted: 2013-01-07 02:00:00,End: 2012-11-15 14:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 11:00:00,Inserted: 2012-12-23 22:00:00,End: 2012-11-22 11:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2013-01-06 19:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 5,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-22 09:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 5,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2012-12-21 15:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2012-12-24 06:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2013-01-02 23:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2013-01-05 14:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-26 16:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:05,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2012-12-25 22:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-29 07:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2012-12-28 13:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2013-01-08 05:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 5,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 14:00:00,Inserted: 2012-12-27 05:00:00,End: 2012-11-15 14:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 14:00:00,Inserted: 2013-01-04 06:00:00,End: 2012-11-15 14:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 14:00:00,Inserted: 2012-12-21 23:00:00,End: 2012-11-15 14:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 14:00:00,Inserted: 2012-12-24 14:00:00,End: 2012-11-15 14:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 5,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 03:00:00,Inserted: 2012-12-23 01:00:00,End: 2012-11-22 03:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-15 14:00:00,Inserted: 2013-01-05 22:00:00,End: 2012-11-15 14:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-22 20:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:01:06,Security risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 6,****SUMMARIZED DATA****,,Actual action: Details pending,Requested action: Left alone,Secondary action: Left alone,Event time: 2012-11-22 08:00:00,Inserted: 2012-12-25 11:00:00,End: 2012-11-22 08:59:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: ,Source computer: ,Source IP:
2013-01-10 00:10:21,Forced SONAR threat detected,Computer name: A01LTFW20732,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 23:04:45,Inserted: 2013-01-09 23:10:21,End: 2013-01-09 23:04:45,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N122362,Source computer: ,Source IP:
2013-01-10 00:09:21,Forced SONAR threat detected,Computer name: A01LTFW02576,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 23:06:50,Inserted: 2013-01-09 23:09:21,End: 2013-01-09 23:06:50,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H134580,Source computer: ,Source IP:
2013-01-10 00:28:22,Potential risk found,Computer name: A34DUVW21040,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 23:18:32,Inserted: 2013-01-09 23:28:22,End: 2013-01-09 23:18:32,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 00:44:22,Potential risk found,Computer name: A34DUFW00166,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 23:42:32,Inserted: 2013-01-09 23:44:22,End: 2013-01-09 23:42:32,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 00:44:22,Potential risk found,Computer name: A34DUFW00394,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 23:41:49,Inserted: 2013-01-09 23:44:22,End: 2013-01-09 23:41:49,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 01:14:23,Potential risk found,Computer name: A34DUFW00289,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 00:08:28,Inserted: 2013-01-10 00:14:23,End: 2013-01-10 00:08:28,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 01:25:24,Potential risk found,Computer name: A34DUFW00398,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 00:17:34,Inserted: 2013-01-10 00:25:24,End: 2013-01-10 00:17:34,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 01:59:24,Potential risk found,Computer name: A34DUVW22106,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 00:53:50,Inserted: 2013-01-10 00:59:24,End: 2013-01-10 00:53:50,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 02:03:24,Potential risk found,Computer name: A34DUFW00051,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 00:59:08,Inserted: 2013-01-10 01:03:24,End: 2013-01-10 00:59:08,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 02:11:25,Potential risk found,Computer name: A34DUVW22155,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 01:08:46,Inserted: 2013-01-10 01:11:25,End: 2013-01-10 01:08:46,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 02:28:05,Potential risk found,Computer name: A34DUVW22084,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 01:20:20,Inserted: 2013-01-10 01:28:05,End: 2013-01-10 01:20:20,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 02:31:25,Potential risk found,Computer name: A34DUVW03030,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 01:24:51,Inserted: 2013-01-10 01:31:25,End: 2013-01-10 01:24:51,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 03:45:07,Potential risk found,Computer name: A34DUVW21093,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 02:38:20,Inserted: 2013-01-10 02:45:07,End: 2013-01-10 02:38:20,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 03:39:27,Potential risk found,Computer name: A34DUFW00332,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 02:34:20,Inserted: 2013-01-10 02:39:27,End: 2013-01-10 02:34:20,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 04:23:48,Potential risk found,Computer name: A34DUFW00149,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 03:20:14,Inserted: 2013-01-10 03:23:48,End: 2013-01-10 03:20:14,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 04:38:28,Forced SONAR threat detected,Computer name: A01LTFW20134,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 03:36:09,Inserted: 2013-01-10 03:38:28,End: 2013-01-10 03:36:09,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S111028,Source computer: ,Source IP:
2013-01-10 04:47:08,Potential risk found,Computer name: A34DUVW22154,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 2,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 03:40:27,Inserted: 2013-01-10 03:47:08,End: 2013-01-10 03:40:27,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 04:45:28,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 03:40:26,Inserted: 2013-01-10 03:45:28,End: 2013-01-10 03:40:26,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 05:00:29,Potential risk found,Computer name: A34DUFW00391,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 03:58:59,Inserted: 2013-01-10 04:00:29,End: 2013-01-10 03:58:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 05:17:49,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 04:08:02,Inserted: 2013-01-10 04:17:49,End: 2013-01-10 04:08:02,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 05:17:49,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 04:13:40,Inserted: 2013-01-10 04:17:49,End: 2013-01-10 04:13:40,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 05:18:49,Potential risk found,Computer name: A34DUVW22162,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 04:12:25,Inserted: 2013-01-10 04:18:49,End: 2013-01-10 04:12:25,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 05:25:09,Forced SONAR threat detected,Computer name: A01LTFW02613,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 04:22:46,Inserted: 2013-01-10 04:25:09,End: 2013-01-10 04:22:46,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L117932,Source computer: ,Source IP:
2013-01-10 05:53:30,Potential risk found,Computer name: A34DUVW14082,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 04:49:42,Inserted: 2013-01-10 04:53:30,End: 2013-01-10 04:49:42,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 05:52:10,Potential risk found,Computer name: A34DUFW00023,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 04:46:51,Inserted: 2013-01-10 04:52:10,End: 2013-01-10 04:46:51,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 05:56:30,Forced SONAR threat detected,Computer name: A01LTFW20582,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 04:50:59,Inserted: 2013-01-10 04:56:30,End: 2013-01-10 04:50:59,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E102026,Source computer: ,Source IP:
2013-01-10 06:00:30,Potential risk found,Computer name: A34DUFW00387,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 04:51:57,Inserted: 2013-01-10 05:00:30,End: 2013-01-10 04:51:57,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 06:21:31,Potential risk found,Computer name: A34DUVW22043,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 05:15:48,Inserted: 2013-01-10 05:21:31,End: 2013-01-10 05:15:48,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 06:13:51,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 05:08:31,Inserted: 2013-01-10 05:13:51,End: 2013-01-10 05:08:31,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 06:24:11,Potential risk found,Computer name: A34DUVW14082,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 05:17:06,Inserted: 2013-01-10 05:24:11,End: 2013-01-10 05:17:06,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 06:48:34,Potential risk found,Computer name: A01DTFW00805,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 05:48:00,Inserted: 2013-01-10 05:48:34,End: 2013-01-10 05:48:00,Domain: Default,Group: My Company\klient\All Desktops\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:08:34,Forced SONAR threat detected,Computer name: A01LTFW20893,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 15:12:29,Inserted: 2013-01-10 06:08:34,End: 2013-01-09 15:12:29,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L125616,Source computer: ,Source IP:
2013-01-10 07:07:14,Forced SONAR threat detected,Computer name: A01LTFW20079,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:01:41,Inserted: 2013-01-10 06:07:14,End: 2013-01-10 06:01:41,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S114422,Source computer: ,Source IP:
2013-01-10 07:07:14,Potential risk found,Computer name: A34DUFW00414,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:06:27,Inserted: 2013-01-10 06:07:14,End: 2013-01-10 06:06:27,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:15:14,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:12:15,Inserted: 2013-01-10 06:15:14,End: 2013-01-10 06:12:15,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:15:14,Potential risk found,Computer name: A34DUVW22274,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:12:33,Inserted: 2013-01-10 06:15:14,End: 2013-01-10 06:12:33,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:14:14,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:12:28,Inserted: 2013-01-10 06:14:14,End: 2013-01-10 06:12:28,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:18:34,Potential risk found,Computer name: A01DDFW00033,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:13:33,Inserted: 2013-01-10 06:18:34,End: 2013-01-10 06:13:33,Domain: Default,Group: My Company\klient\All Desktops\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:23:34,Potential risk found,Computer name: A01APVW058,Detection type: 3,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000003,Company name: Microsoft Corporation,File size (bytes): 7168,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\dllhost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:26:48,Inserted: 2013-01-10 06:23:34,End: 2013-01-09 13:26:48,Domain: Default,Group: My Company\Server\AP,Server: a01mmfw016,User: ra_f137426,Source computer: ,Source IP:
2013-01-10 07:19:14,Potential risk found,Computer name: A01APVW051,Detection type: 3,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000003,Company name: Microsoft Corporation,File size (bytes): 7168,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\dllhost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-09 13:28:23,Inserted: 2013-01-10 06:19:14,End: 2013-01-09 13:28:23,Domain: Default,Group: My Company\Server\AP,Server: a01mmfw016,User: RA_F137426,Source computer: ,Source IP:
2013-01-10 07:20:14,Potential risk found,Computer name: A34DUVW21027,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:15:31,Inserted: 2013-01-10 06:20:14,End: 2013-01-10 06:15:31,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:09:54,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:08:30,Inserted: 2013-01-10 06:09:54,End: 2013-01-10 06:08:30,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:15:14,Potential risk found,Computer name: A34DUVW15103,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:10:32,Inserted: 2013-01-10 06:15:14,End: 2013-01-10 06:10:32,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:09:54,Potential risk found,Computer name: A34DUVW22103,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:04:46,Inserted: 2013-01-10 06:09:54,End: 2013-01-10 06:04:46,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:20:15,Potential risk found,Computer name: A34DUVW08118,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:19:04,Inserted: 2013-01-10 06:20:14,End: 2013-01-10 06:19:04,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:10:34,Potential risk found,Computer name: A34DUVW08133,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:06:28,Inserted: 2013-01-10 06:10:34,End: 2013-01-10 06:06:28,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:19:34,Potential risk found,Computer name: A34DUVW22238,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:11:17,Inserted: 2013-01-10 06:19:34,End: 2013-01-10 06:11:17,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:16:14,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:08:23,Inserted: 2013-01-10 06:16:14,End: 2013-01-10 06:08:23,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:15:14,Potential risk found,Computer name: A34DUVW08013,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:10:30,Inserted: 2013-01-10 06:15:14,End: 2013-01-10 06:10:30,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:19:14,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:14:55,Inserted: 2013-01-10 06:19:14,End: 2013-01-10 06:14:55,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:15:14,Potential risk found,Computer name: A34DUVW08089,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:13:38,Inserted: 2013-01-10 06:15:14,End: 2013-01-10 06:13:38,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:20:15,Potential risk found,Computer name: A34DUVW20006,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:18:36,Inserted: 2013-01-10 06:20:15,End: 2013-01-10 06:18:36,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:11:34,Potential risk found,Computer name: A34DUVW22109,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:06:01,Inserted: 2013-01-10 06:11:34,End: 2013-01-10 06:06:01,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:15:14,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:08:18,Inserted: 2013-01-10 06:15:14,End: 2013-01-10 06:08:18,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:19:34,Potential risk found,Computer name: A34DUVW20004,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:18:51,Inserted: 2013-01-10 06:19:34,End: 2013-01-10 06:18:51,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:20:14,Potential risk found,Computer name: A34DUVW22012,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:19:06,Inserted: 2013-01-10 06:20:14,End: 2013-01-10 06:19:06,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:19:34,Potential risk found,Computer name: A34DUVW21037,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:17:47,Inserted: 2013-01-10 06:19:34,End: 2013-01-10 06:17:47,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:16:14,Potential risk found,Computer name: A34DUVW20020,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:10:59,Inserted: 2013-01-10 06:16:14,End: 2013-01-10 06:10:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:16:14,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:10:47,Inserted: 2013-01-10 06:16:14,End: 2013-01-10 06:10:47,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:20:14,Potential risk found,Computer name: A34DUVW21029,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:15:32,Inserted: 2013-01-10 06:20:14,End: 2013-01-10 06:15:32,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:37:34,Forced SONAR threat detected,Computer name: A01LTFW20925,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-03 14:23:56,Inserted: 2013-01-10 06:37:34,End: 2013-01-03 14:23:56,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H114446,Source computer: ,Source IP:
2013-01-10 07:38:34,Forced SONAR threat detected,Computer name: A01LTFW02783,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 20:01:20,Inserted: 2013-01-10 06:38:34,End: 2013-01-09 20:01:20,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F121232,Source computer: ,Source IP:
2013-01-10 07:29:14,Forced SONAR threat detected,Computer name: A01LTFW20463,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:26:05,Inserted: 2013-01-10 06:29:14,End: 2013-01-10 06:26:05,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: V109932,Source computer: ,Source IP:
2013-01-10 07:38:34,Forced SONAR threat detected,Computer name: A01LTFW01900,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-09 22:56:21,Inserted: 2013-01-10 06:38:34,End: 2013-01-09 22:56:21,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B101269,Source computer: ,Source IP:
2013-01-10 07:25:34,Potential risk found,Computer name: A34DUVW22164,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:22:40,Inserted: 2013-01-10 06:25:34,End: 2013-01-10 06:22:40,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:29:54,Potential risk found,Computer name: A34DUVW14082,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:27:24,Inserted: 2013-01-10 06:29:54,End: 2013-01-10 06:27:24,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:35:34,Potential risk found,Computer name: A34DUFW00307,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:30:47,Inserted: 2013-01-10 06:35:34,End: 2013-01-10 06:30:47,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:25:34,Potential risk found,Computer name: A34DUVW21075,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:22:19,Inserted: 2013-01-10 06:25:34,End: 2013-01-10 06:22:19,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:24:54,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:17:51,Inserted: 2013-01-10 06:24:54,End: 2013-01-10 06:17:51,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:35:34,Potential risk found,Computer name: A34DUVW22015,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:31:19,Inserted: 2013-01-10 06:35:34,End: 2013-01-10 06:31:19,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:34:54,Potential risk found,Computer name: A34DUVW14022,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:30:17,Inserted: 2013-01-10 06:34:54,End: 2013-01-10 06:30:17,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:29:54,Potential risk found,Computer name: A34DUVW22146,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:25:23,Inserted: 2013-01-10 06:29:54,End: 2013-01-10 06:25:23,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:32:14,Potential risk found,Computer name: A34DUVW08050,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:30:36,Inserted: 2013-01-10 06:32:14,End: 2013-01-10 06:30:36,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:25:34,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:23:13,Inserted: 2013-01-10 06:25:34,End: 2013-01-10 06:23:13,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:34:54,Potential risk found,Computer name: A34DUVW21063,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:30:45,Inserted: 2013-01-10 06:34:54,End: 2013-01-10 06:30:45,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:34:54,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:33:50,Inserted: 2013-01-10 06:34:54,End: 2013-01-10 06:33:50,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:30:34,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:28:04,Inserted: 2013-01-10 06:30:34,End: 2013-01-10 06:28:04,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:35:34,Potential risk found,Computer name: A34DUVW22112,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:31:25,Inserted: 2013-01-10 06:35:34,End: 2013-01-10 06:31:25,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:35:34,Potential risk found,Computer name: A34DUFW00136,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:34:23,Inserted: 2013-01-10 06:35:34,End: 2013-01-10 06:34:23,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:35:34,Potential risk found,Computer name: A34DUVW22018,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:33:17,Inserted: 2013-01-10 06:35:34,End: 2013-01-10 06:33:17,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:35:34,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:34:35,Inserted: 2013-01-10 06:35:34,End: 2013-01-10 06:34:35,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:31:34,Potential risk found,Computer name: A34DUFW00091,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:26:47,Inserted: 2013-01-10 06:31:34,End: 2013-01-10 06:26:47,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:34:54,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:30:40,Inserted: 2013-01-10 06:34:54,End: 2013-01-10 06:30:40,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:30:34,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:28:13,Inserted: 2013-01-10 06:30:34,End: 2013-01-10 06:28:13,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:30:34,Potential risk found,Computer name: A34DUVW21069,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:28:15,Inserted: 2013-01-10 06:30:34,End: 2013-01-10 06:28:15,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:31:34,Potential risk found,Computer name: A34DUVW22104,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:28:01,Inserted: 2013-01-10 06:31:34,End: 2013-01-10 06:28:01,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:24:54,Potential risk found,Computer name: A01DDFW00011,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:22:07,Inserted: 2013-01-10 06:24:54,End: 2013-01-10 06:22:07,Domain: Default,Group: My Company\klient\All Desktops\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:34:54,Potential risk found,Computer name: A34DUVW21065,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:33:04,Inserted: 2013-01-10 06:34:54,End: 2013-01-10 06:33:04,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:29:54,Potential risk found,Computer name: A34DUVW19053,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:23:44,Inserted: 2013-01-10 06:29:54,End: 2013-01-10 06:23:44,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:48:15,Forced SONAR threat detected,Computer name: A01LTFW20925,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:46:35,Inserted: 2013-01-10 06:48:15,End: 2013-01-10 06:46:35,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H114446,Source computer: ,Source IP:
2013-01-10 07:49:15,Forced SONAR threat detected,Computer name: A01LTFW00670,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:47:14,Inserted: 2013-01-10 06:49:15,End: 2013-01-10 06:47:13,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B116030,Source computer: ,Source IP:
2013-01-10 07:41:34,Forced SONAR threat detected,Computer name: A01LTFW20987,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:37:44,Inserted: 2013-01-10 06:41:34,End: 2013-01-10 06:37:44,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F126439,Source computer: ,Source IP:
2013-01-10 07:52:55,Forced SONAR threat detected,Computer name: A01LTFW20484,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:48:16,Inserted: 2013-01-10 06:52:55,End: 2013-01-10 06:48:16,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: C101593,Source computer: ,Source IP:
2013-01-10 07:51:15,Forced SONAR threat detected,Computer name: A01LTFW20784,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:48:54,Inserted: 2013-01-10 06:51:15,End: 2013-01-10 06:48:54,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: P114855,Source computer: ,Source IP:
2013-01-10 07:49:15,Forced SONAR threat detected,Computer name: A01LTFW01980,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:44:12,Inserted: 2013-01-10 06:49:15,End: 2013-01-10 06:44:12,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J113387,Source computer: ,Source IP:
2013-01-10 07:52:15,Forced SONAR threat detected,Computer name: A01LTFW02035,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:48:30,Inserted: 2013-01-10 06:52:15,End: 2013-01-10 06:48:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H114570,Source computer: ,Source IP:
2013-01-10 07:44:34,Potential risk found,Computer name: A34DUFW00059,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:41:18,Inserted: 2013-01-10 06:44:34,End: 2013-01-10 06:41:18,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:45:34,Potential risk found,Computer name: A34DUVW22154,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:44:29,Inserted: 2013-01-10 06:45:34,End: 2013-01-10 06:44:29,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:42:14,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:36:42,Inserted: 2013-01-10 06:42:14,End: 2013-01-10 06:36:42,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:40:14,Potential risk found,Computer name: A34DUVW08012,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:31:14,Inserted: 2013-01-10 06:40:14,End: 2013-01-10 06:31:14,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:50:15,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:44:56,Inserted: 2013-01-10 06:50:15,End: 2013-01-10 06:44:56,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:42:14,Potential risk found,Computer name: A01DTFW00658,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:36:54,Inserted: 2013-01-10 06:42:14,End: 2013-01-10 06:36:54,Domain: Default,Group: My Company\klient\All Desktops\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:45:35,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:38:57,Inserted: 2013-01-10 06:45:34,End: 2013-01-10 06:38:57,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:51:15,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:47:15,Inserted: 2013-01-10 06:51:15,End: 2013-01-10 06:47:15,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:40:34,Potential risk found,Computer name: A34DUVW21002,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:38:58,Inserted: 2013-01-10 06:40:34,End: 2013-01-10 06:38:58,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:40:34,Potential risk found,Computer name: A34DUVW21003,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:38:46,Inserted: 2013-01-10 06:40:34,End: 2013-01-10 06:38:46,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:50:15,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:44:05,Inserted: 2013-01-10 06:50:15,End: 2013-01-10 06:44:05,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:52:55,Potential risk found,Computer name: A34DUVW22102,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:49:53,Inserted: 2013-01-10 06:52:55,End: 2013-01-10 06:49:53,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:45:34,Potential risk found,Computer name: A34DUVW22134,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:40:33,Inserted: 2013-01-10 06:45:34,End: 2013-01-10 06:40:33,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:40:14,Potential risk found,Computer name: A34DUVW22197,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:39:17,Inserted: 2013-01-10 06:40:14,End: 2013-01-10 06:39:17,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:55:15,Forced SONAR threat detected,Computer name: A01LTFW20105,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:51:35,Inserted: 2013-01-10 06:55:15,End: 2013-01-10 06:51:35,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W138244,Source computer: ,Source IP:
2013-01-10 07:54:15,Forced SONAR threat detected,Computer name: A01LTFW20279,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:50:41,Inserted: 2013-01-10 06:54:15,End: 2013-01-10 06:50:41,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: J111035,Source computer: ,Source IP:
2013-01-10 07:55:35,Forced SONAR threat detected,Computer name: A01LTFW02333,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:53:30,Inserted: 2013-01-10 06:55:35,End: 2013-01-10 06:53:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L126476,Source computer: ,Source IP:
2013-01-10 07:58:35,Forced SONAR threat detected,Computer name: A01LTFW20988,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:56:39,Inserted: 2013-01-10 06:58:35,End: 2013-01-10 06:56:39,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E122910,Source computer: ,Source IP:
2013-01-10 08:01:15,Forced SONAR threat detected,Computer name: A01LTFW20440,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:57:16,Inserted: 2013-01-10 07:01:15,End: 2013-01-10 06:57:16,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102353,Source computer: ,Source IP:
2013-01-10 07:57:35,Forced SONAR threat detected,Computer name: A01LTFW20893,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:57:15,Inserted: 2013-01-10 06:57:35,End: 2013-01-10 06:57:15,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: L125616,Source computer: ,Source IP:
2013-01-10 08:06:15,Forced SONAR threat detected,Computer name: A01LTFW20922,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:02:36,Inserted: 2013-01-10 07:06:15,End: 2013-01-10 07:02:36,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S122237,Source computer: ,Source IP:
2013-01-10 08:04:35,Forced SONAR threat detected,Computer name: A01LTFW01872,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:01:11,Inserted: 2013-01-10 07:04:35,End: 2013-01-10 07:01:11,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N125972,Source computer: ,Source IP:
2013-01-10 08:01:15,Forced SONAR threat detected,Computer name: A01LTFW21151,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:56:13,Inserted: 2013-01-10 07:01:15,End: 2013-01-10 06:56:13,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H104156,Source computer: ,Source IP:
2013-01-10 08:04:35,Potential risk found,Computer name: A34DUFW00174,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:04:21,Inserted: 2013-01-10 07:04:35,End: 2013-01-10 07:04:21,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:56:15,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:50:49,Inserted: 2013-01-10 06:56:15,End: 2013-01-10 06:50:49,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:06:15,Potential risk found,Computer name: A34DUVW22159,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:57:13,Inserted: 2013-01-10 07:06:15,End: 2013-01-10 06:57:13,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:55:35,Potential risk found,Computer name: A34DUVW22106,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:50:06,Inserted: 2013-01-10 06:55:35,End: 2013-01-10 06:50:06,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:56:15,Potential risk found,Computer name: A34DUVW22002,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:54:31,Inserted: 2013-01-10 06:56:15,End: 2013-01-10 06:54:31,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:55:15,Potential risk found,Computer name: A34DUVW21127,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:52:55,Inserted: 2013-01-10 06:55:15,End: 2013-01-10 06:52:55,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:55:35,Potential risk found,Computer name: A34DUVW19054,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:47:42,Inserted: 2013-01-10 06:55:35,End: 2013-01-10 06:47:42,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:02:35,Potential risk found,Computer name: A34DUFW00323,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:01:39,Inserted: 2013-01-10 07:02:35,End: 2013-01-10 07:01:39,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:55:35,Potential risk found,Computer name: A34DUVW22042,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:50:02,Inserted: 2013-01-10 06:55:35,End: 2013-01-10 06:50:02,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 07:55:15,Potential risk found,Computer name: A34DUVW22147,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 06:47:55,Inserted: 2013-01-10 06:55:15,End: 2013-01-10 06:47:55,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:22:35,Forced SONAR threat detected,Computer name: A01LTFW21082,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Screen Magnification,Application type: Trojan Worm,Application version: "11, 0, 4356, 400",Hash type: SHA-1,Application hash: 1ce39d44cc735db5788f07b25c5bb32c6ca48c09,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 421144,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe,"c:\program files\freedom scientific\magic\11.0\magengnt\mag.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:21:40,Inserted: 2013-01-10 07:22:35,End: 2013-01-10 07:21:40,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S135394,Source computer: ,Source IP:
2013-01-10 08:09:35,Forced SONAR threat detected,Computer name: A01LTFW21073,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2012-12-18 15:17:34,Inserted: 2013-01-10 07:09:35,End: 2012-12-18 15:17:34,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S131189,Source computer: ,Source IP:
2013-01-10 08:14:35,Forced SONAR threat detected,Computer name: A01LTFW11675,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-07 23:33:19,Inserted: 2013-01-10 07:14:35,End: 2013-01-07 23:33:19,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B120336,Source computer: ,Source IP:
2013-01-10 08:22:35,Forced SONAR threat detected,Computer name: A01LTFW21082,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:21:19,Inserted: 2013-01-10 07:22:35,End: 2013-01-10 07:21:19,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S135394,Source computer: ,Source IP:
2013-01-10 08:14:35,Forced SONAR threat detected,Computer name: A01LTFW20921,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:10:02,Inserted: 2013-01-10 07:14:35,End: 2013-01-10 07:10:02,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K121524,Source computer: ,Source IP:
2013-01-10 08:20:35,Forced SONAR threat detected,Computer name: A01LTFW01809,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 06:11:52,Inserted: 2013-01-10 07:20:35,End: 2013-01-10 06:11:51,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: E115567,Source computer: ,Source IP:
2013-01-10 08:19:15,Forced SONAR threat detected,Computer name: A01LTFW21039,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:18:16,Inserted: 2013-01-10 07:19:15,End: 2013-01-10 07:18:16,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: T109684,Source computer: ,Source IP:
2013-01-10 08:18:15,Forced SONAR threat detected,Computer name: A01LTFW02334,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:13:46,Inserted: 2013-01-10 07:18:15,End: 2013-01-10 07:13:46,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: R119268,Source computer: ,Source IP:
2013-01-10 08:19:15,Forced SONAR threat detected,Computer name: A01LTFW20078,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:18:10,Inserted: 2013-01-10 07:19:15,End: 2013-01-10 07:18:10,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: M112107,Source computer: ,Source IP:
2013-01-10 08:19:55,Forced SONAR threat detected,Computer name: A01LTFW02152,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:14:55,Inserted: 2013-01-10 07:19:55,End: 2013-01-10 07:14:55,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: N114808,Source computer: ,Source IP:
2013-01-10 08:22:35,Forced SONAR threat detected,Computer name: A01LTFW21082,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic Application,Application type: Trojan Worm,Application version: 11.0.4356.400,Hash type: SHA-1,Application hash: 43d7848b73a7bae9ed39bf68c80bcc6e4a14f736,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4204312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magic.exe,"c:\program files\freedom scientific\magic\11.0\magic.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:21:26,Inserted: 2013-01-10 07:22:35,End: 2013-01-10 07:21:26,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S135394,Source computer: ,Source IP:
2013-01-10 08:22:35,Forced SONAR threat detected,Computer name: A01LTFW21082,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: MAGic,Application type: Trojan Worm,Application version: "11, 0, 2160, 400",Hash type: SHA-1,Application hash: d3507067ceb4cef659860f63415d50d8c075ae77,Company name: "Freedom Scientific BLV Group, LLC",File size (bytes): 4460312,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe,"c:\program files\freedom scientific\magic\11.0\magutil\magutil.exe",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:21:33,Inserted: 2013-01-10 07:22:35,End: 2013-01-10 07:21:33,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S135394,Source computer: ,Source IP:
2013-01-10 08:14:35,Potential risk found,Computer name: A34DUFW00185,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:09:40,Inserted: 2013-01-10 07:14:35,End: 2013-01-10 07:09:40,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:16:15,Potential risk found,Computer name: A34DUVW19050,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:14:16,Inserted: 2013-01-10 07:16:15,End: 2013-01-10 07:14:16,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:20:35,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:12:41,Inserted: 2013-01-10 07:20:35,End: 2013-01-10 07:12:41,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:25:56,Forced SONAR threat detected,Computer name: A01LTFW20207,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:22:04,Inserted: 2013-01-10 07:25:56,End: 2013-01-10 07:22:04,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B100860,Source computer: ,Source IP:
2013-01-10 08:25:56,Forced SONAR threat detected,Computer name: A01LTFW02396,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:22:16,Inserted: 2013-01-10 07:25:56,End: 2013-01-10 07:22:16,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: W110968,Source computer: ,Source IP:
2013-01-10 08:27:36,Forced SONAR threat detected,Computer name: A01LTFW02119,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:25:33,Inserted: 2013-01-10 07:27:36,End: 2013-01-10 07:25:33,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S138390,Source computer: ,Source IP:
2013-01-10 08:28:36,Forced SONAR threat detected,Computer name: A01LTFW01779,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:23:26,Inserted: 2013-01-10 07:28:36,End: 2013-01-10 07:23:26,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: K105293,Source computer: ,Source IP:
2013-01-10 08:24:15,Forced SONAR threat detected,Computer name: A01LTFW01972,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:23:14,Inserted: 2013-01-10 07:24:15,End: 2013-01-10 07:23:13,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B113891,Source computer: ,Source IP:
2013-01-10 08:24:16,Potential risk found,Computer name: A34DUFW00071,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:20:23,Inserted: 2013-01-10 07:24:15,End: 2013-01-10 07:20:23,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:37:24,Potential risk found,Computer name: A34DUFW00076,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:32:21,Inserted: 2013-01-10 07:37:23,End: 2013-01-10 07:32:21,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:36:16,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:31:46,Inserted: 2013-01-10 07:36:16,End: 2013-01-10 07:31:46,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:36:16,Potential risk found,Computer name: A34DUFW00313,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:32:15,Inserted: 2013-01-10 07:36:16,End: 2013-01-10 07:32:15,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:31:16,Potential risk found,Computer name: A34DUVW22048,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:25:38,Inserted: 2013-01-10 07:31:16,End: 2013-01-10 07:25:38,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:46:04,Forced SONAR threat detected,Computer name: A01LTFW11675,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:44:03,Inserted: 2013-01-10 07:46:04,End: 2013-01-10 07:44:03,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: B120336,Source computer: ,Source IP:
2013-01-10 08:39:24,Forced SONAR threat detected,Computer name: A01LTFW02783,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:35:43,Inserted: 2013-01-10 07:39:24,End: 2013-01-10 07:35:43,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F121232,Source computer: ,Source IP:
2013-01-10 08:52:24,Forced SONAR threat detected,Computer name: A01LTFW20493,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:49:56,Inserted: 2013-01-10 07:52:24,End: 2013-01-10 07:49:55,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: S109139,Source computer: ,Source IP:
2013-01-10 08:46:04,Forced SONAR threat detected,Computer name: A01LTFW20264,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:42:08,Inserted: 2013-01-10 07:46:04,End: 2013-01-10 07:42:07,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: F102477,Source computer: ,Source IP:
2013-01-10 08:43:24,Forced SONAR threat detected,Computer name: A01LTFW11647,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:41:49,Inserted: 2013-01-10 07:43:24,End: 2013-01-10 07:41:49,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: O107052,Source computer: ,Source IP:
2013-01-10 08:52:44,Forced SONAR threat detected,Computer name: A01LTFW20928,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:48:52,Inserted: 2013-01-10 07:52:44,End: 2013-01-10 07:48:52,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: G102982,Source computer: ,Source IP:
2013-01-10 08:43:24,Forced SONAR threat detected,Computer name: A01LTFW11639,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:41:59,Inserted: 2013-01-10 07:43:24,End: 2013-01-10 07:41:59,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: H103537,Source computer: ,Source IP:
2013-01-10 08:52:44,Forced SONAR threat detected,Computer name: A01LTFW20334,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:48:30,Inserted: 2013-01-10 07:52:44,End: 2013-01-10 07:48:30,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: D101785,Source computer: ,Source IP:
2013-01-10 08:45:24,Forced SONAR threat detected,Computer name: A01LTFW20587,Detection type: Heuristic,First Seen: Reputation was not used in this detection.,Application name: McAfee Endpoint Encryption,Application type: Trojan Worm,Application version: 5\~ 2\~ 1\~ 7,Hash type: SHA-1,Application hash: 35c023e5998fd0ba156bb3ca7ab0e5c6303b529f,Company name: McAfee\~ Inc.,File size (bytes): 380988,Sensitivity: 0,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Reputation was not used in this detection.,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: N/A,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,SafeBootClientManager,"SafeBootClientManager",Actual action: Left alone,Requested action: Left alone,Secondary action: Forced detection using file name,Event time: 2013-01-10 07:39:17,Inserted: 2013-01-10 07:45:24,End: 2013-01-10 07:39:17,Domain: Default,Group: My Company\klient\All Laptops\LaptopsW7,Server: a01mmfw016,User: A116960,Source computer: ,Source IP:
2013-01-10 08:46:04,Potential risk found,Computer name: A34DUVW22281,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:43:08,Inserted: 2013-01-10 07:46:04,End: 2013-01-10 07:43:08,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:49:24,Potential risk found,Computer name: A34DUVW13036,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 0000000000000000000000000000000000000000000000000000000000000002,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:43:59,Inserted: 2013-01-10 07:49:24,End: 2013-01-10 07:43:59,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:50:24,Potential risk found,Computer name: A34DUFW00121,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7601.17514,Hash type: SHA-256,Application hash: 232f4854a70cfa982352c3eebc7e308755aac8e1a9dc5352711243def1f4b096,Company name: Microsoft Corporation,File size (bytes): 67072,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\splwow64.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:43:26,Inserted: 2013-01-10 07:50:24,End: 2013-01-10 07:43:26,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: b123034,Source computer: ,Source IP:
2013-01-10 08:39:24,Potential risk found,Computer name: A34DUFW00312,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:39:47,Inserted: 2013-01-10 07:39:24,End: 2013-01-10 07:39:47,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP:
2013-01-10 08:41:44,Potential risk found,Computer name: A34DUFW00225,Detection type: 4,First Seen: Reputation was not used in this detection.,Application name: Microsoft® Windows® Operating System,Application type: Trojan Worm,Application version: 6.1.7600.16385,Hash type: SHA-256,Application hash: 93b2ed4004ed5f7f3039dd7ecbd22c7e4e24b6373b4d9ef8d6e45a179b13a5e8,Company name: Microsoft Corporation,File size (bytes): 20992,Sensitivity: 127,Detection score: 0,COH Engine Version: ,Detection Submissions No,Permitted application reason: MDS,Disposition: Good,Download site: ,Web domain: ,Downloaded by: ,Prevalence: Reputation was not used in this detection.,Confidence: Reputation was not used in this detection.,URL Tracking Status: Off,Risk Level: Reputation was not used in this detection.,Detection Source: N/A,Source: Heuristic Scan,Risk name: ,Occurrences: 1,c:\windows\system32\svchost.exe,"",Actual action: Left alone,Requested action: Left alone,Secondary action: Left alone,Event time: 2013-01-10 07:40:41,Inserted: 2013-01-10 07:41:44,End: 2013-01-10 07:40:41,Domain: Default,Group: My Company\Devillo\Klient\DesktopsW7,Server: a01mmfw016,User: SYSTEM,Source computer: ,Source IP: