Webroot SecureAnywhere Discussion & Update Thread

Discussion in 'other anti-virus software' started by Triple Helix, Jun 6, 2014.

Page 129 of 189
  1. Tarnak

    Tarnak Registered Member

    Tarnak, Jun 13, 2017
    #3201
  2. Tarnak

    Tarnak Registered Member

    When I ran checked the last WSA scan, I got a lot entries [x]. Not sure what that means. Obviously, not malware, but interesting nonetheless. I have only posted a few of these entries.

    [X] c:\program files\secureage\everything\everything.ini
    [X] c:\windows\system32\drivers\acpidev.sys [SHA256: A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0] [MD5: 0935496EF9624B46B935CB35ECE1F205] [Flags: 00010400.17809]
    [X] c:\windows\system32\drivers\acpitime.sys [SHA256: 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971] [MD5: C247E35A21682DA8D0DC3AF9F025FCC5] [Flags: 00010400.17810]
    [X] c:\windows\system32\drivers\bthhfenum.sys [SHA256: 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5] [MD5: C2E31BE025D46D189E38DD1EDF07837A] [Flags: 00010400.17811]
    c:\windows\system32\drivers\diskpt.sys [SHA256: A0EB8A72E30D09159EBDD323A8BF10875246985EAF0E17258A0777C0CB764349] [MD5: 28312CEFADBBA6128B9574C4EFBDC999] [Flags: 40091410.2029]
    [X] c:\windows\system32\drivers\errdev.sys [SHA256: 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248] [MD5: 77B60DEC7DCB4233E4A69D3F52E5DB24] [Flags: 00010400.17812]
    [X] c:\windows\system32\drivers\gpuenergydrv.sys [SHA256: FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E] [MD5: 7ACD8F69B5D6EC97E6D2C006E19BED88] [Flags: 00010400.8610]
    [X] c:\windows\system32\drivers\http.sys [SHA256: D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397] [MD5: A10C7C1E69FC90620C7BF2E51302A01F] [Flags: 00011400.7786]
    [X] c:\windows\system32\drivers\iai2c.sys [SHA256: 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463] [MD5: 9A2A2F3C69B9A30B6E78536F6D258BAD] [Flags: 00010400.17813]
    [X] c:\windows\system32\drivers\irenum.sys [SHA256: 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116] [MD5: 9725E7F0C64CE9916A5CDABE8D6E13C3] [Flags: 00010400.17814]
    [X] c:\windows\system32\drivers\mshidkmdf.sys [SHA256: 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1] [MD5: FD870F6968A145E4D2BA8A8842686B03] [Flags: 00010400.17815]
    [X] c:\windows\system32\drivers\mtconfig.sys [SHA256: BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553] [MD5: 130B16970154BA9876B09E5C4BAC63BE] [Flags: 00010400.17816]
    c:\windows\system32\drivers\procloggerdrv.sys [SHA256: 4E122FC140E854B9EE752C6595AD7F70C27C3D0D5D80E9F5C8D1E02CD6C4E3F4] [MD5: 811402852A889BF82B6374A0ED6AFBAA] [Flags: 00091411.13321]
    [X] c:\windows\system32\drivers\vms3cap.sys [SHA256: C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5] [MD5: B5DAEE69BACA64D2BB004568E22D8756] [Flags: 00010400.8828]
    c:\windows\system32\drivers\sascan.sys [SHA256: 955D6C57E1BFE1CE1B026C7736CEEECE263DCED3733027EB6E0631C563C0BD33] [MD5: D57AEBEB8B2DBBECA57A16B0B743B44C] [Flags: 00091410.15304]
    [X] c:\windows\system32\drivers\serenum.sys [SHA256: 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE] [MD5: 3FF478A8ED32A83C36581425F6282B6C] [Flags: 00010400.17817]
    [X] c:\windows\system32\snmptrap.exe [SHA256: CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20] [MD5: 6F4CE07D420FB657B5936F71101ABD41] [Flags: 00010400.17818]
    [X] c:\windows\system32\drivers\spbcx.sys [SHA256: D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D] [MD5: E03264C4C25B568F92ED1656AD541E64] [Flags: 00011400.8760]
    [X] c:\programdata\vmware\hostd\config.xml
    c:\program files\shadow defender\service.exe [SHA256: FBC1E1ED9EB024283DC76393109B328DCDD50D8088B3369290614B22DE4647B1] [MD5: 441F0A2CF30AA4B2BB54ACFBA797BB11] [Flags: 40191410.2016]
    [X] c:\windows\system32\credssp.dll [SHA256: 6B0410675CBF8D9FA552161429B9D8E22516CCB0D88218E9E25802477452A711] [MD5: 3BE47B97A0AF471972EE27CC692F8868] [Flags: 00010400.17819]
    [X] c:\windows\system32\kbdbu.dll [SHA256: CABA66710B352F2413A264EACB0E23848371B25E75638CC76E45845C58D3B0F8] [MD5: EA679BF1A55112FE12CA6CD6EA27C3CD] [Flags: 00010400.17820]
    [X] c:\windows\system32\kbdus.dll [SHA256: D02BCC19AB89EE188DD31D17DEBAECDE26CFC0B30B6E5B0CC5889CCC85202E63] [MD5: 974F03FF3BDB6786F890329340E29CFF] [Flags: 00010400.17821]
    [X] c:\windows\system32\kbdda.dll [SHA256: FC28E1DD1583D757A46DC537F94136228990584818FB5CFDCB2AE2EA5A0B2CDD] [MD5: 9C2B8BC8911F937672FEE63658A42F9D] [Flags: 00010400.9687]
    [X] c:\windows\system32\kbdhe.dll [SHA256: F311D43A2661C4676B153A2B16C01DDB26B59503AAD6BFED972E6B9FBFEEF161] [MD5: 3EC34E38B2EE272CA6B909866E615B0E] [Flags: 00010400.17822]
    [X] c:\windows\system32\kbdfr.dll [SHA256: 7244C14876A91423A537D92C299B5344DCA34DB5845FFE51ABF6E31BC40D99A3] [MD5: 079FAB910411BB917D3FD30BB9E7A54C] [Flags: 00010400.9692]
    [X] c:\windows\system32\kbdheb.dll [SHA256: 9FC933682F529A7FB78138FCE78C9B98A336ACBE33A7346EDAEB44CC3980FD8A] [MD5: A0C1E51F732E8A8D2F6A002503AC57B1] [Flags: 00010400.9693]
    [X] c:\windows\system32\kbdhu.dll [SHA256: 3D23531064B4E9A1D1E35837A0580D963D7BFAFDF18E0FFF042E28A310422D1A] [MD5: B95518E48160F6EB4389F26B352C8AEB] [Flags: 00010400.17823]
    [X] c:\windows\system32\kbdit.dll [SHA256: 51453D1D656AE5819816912827BA94CD654DE419D85D206126DB046D1ABA6151] [MD5: BFFF1EAE658958753F472D302D5C76F9] [Flags: 00010400.17824]
    [X] c:\windows\system32\kbdne.dll [SHA256: EF3270ABC8D495E39936A3784591726ED2A8F464F8CB0AD332CC5C984BDA1B13] [MD5: 4C5B6B8F6414F845C93AD761C3B823CF] [Flags: 00010400.17825]
    [X] c:\windows\system32\kbdpl1.dll [SHA256: 065C9F0EC92EEB01CDCB6C36A48ADC5846EE32947BDF6F9CEEACC9F950AB87FC] [MD5: 553D255A9F2D22BCE6E6AE4AECB06CA9] [Flags: 00010400.17826]
    [X] c:\windows\system32\kbdbr.dll [SHA256: 756EC25E5B8858E360506F736613FC72616DEA2F8D9677B7A11A53E9B208D018] [MD5: 47C8D486DD2ACD7FA92A6A277912D176] [Flags: 00010400.9702]
     
    Tarnak, Jun 13, 2017
    #3202
  3. Triple Helix

    Triple Helix Specialist

    Triple Helix, Jun 13, 2017
    #3203
  4. Triple Helix

    Triple Helix Specialist

    [X] stands for no determination from the Cloud. X can mean offline (as it no cloud determination made). So do a WSA scan again and make sure it's allowed to contact the Cloud meaning don't let any other Security Software block WSA from using the Internet.
     
    Triple Helix, Jun 13, 2017
    #3204
  5. Tarnak

    Tarnak Registered Member

    No, not that so much. More like why is the WSA scan showing all those entries in the scan log?
     
    Tarnak, Jun 13, 2017
    #3205
  6. Triple Helix

    Triple Helix Specialist

    See my above post!
     
    Triple Helix, Jun 13, 2017
    #3206
  7. Triple Helix

    Triple Helix Specialist

    By the way WSA version 9.0.17.24 is now Released to all users. No release notes at this time.
     
    Triple Helix, Jun 13, 2017
    #3207
  8. Tarnak

    Tarnak Registered Member

    I usually wait until WSA does it automatically, i.e. once every 24 hours, or so. :) So, when the scan is done those [x] ones will bed gone, probably.
     
    Tarnak, Jun 13, 2017
    #3208
  9. Tarnak

    Tarnak Registered Member

    I did, and see my reply, above. :)
     
    Tarnak, Jun 13, 2017
    #3209
  10. Tarnak

    Tarnak Registered Member

    Also, got a whole heap of new ones, too:

    U] c:\$sysreset\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\$sysreset\mdm\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\$sysreset\oldos\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\$sysreset\scratch\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\$sysreset\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\$windows.~ws\sources\panther\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\$windows.~ws\sources\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\$windows.~ws\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\drivers\disk\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\drivers\network\ven_11ab_dev_2b38\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\drivers\network\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\drivers\usb\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\drivers\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\wa10kfiles\fwfiles\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\wa10kfiles\media\boot\fonts\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\wa10kfiles\media\boot\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\wa10kfiles\media\drivers\disk\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\wa10kfiles\media\drivers\network\ven_11ab_dev_2b38\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\wa10kfiles\media\drivers\network\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    c:\boot\macrium\wa10kfiles\media\drivers\usb\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\media\drivers\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\media\efi\boot\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\media\efi\microsoft\boot\fonts\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\media\efi\microsoft\boot\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\media\efi\microsoft\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\media\efi\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\media\sources\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\media\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\mount\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\wa10kfiles\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\macrium\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\boot\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\esd\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\frst\hives\users\00000001\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\frst\hives\users\00000002\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\frst\hives\users\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\frst\hives\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\frst\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\frst\quarantine\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\frst\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\intel\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\intel\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\netfilter2\ssl\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\netfilter2\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\exclusions\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\logs\desktop-mjgji06\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\logs\desktop-mjgji06\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\logs\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\32-bit\procloggersvc\exclusions\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\32-bit\procloggersvc\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\32-bit\procloggersvc\service\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\32-bit\procloggersvc\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\32-bit\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\64-bit\procloggersvc\exclusions\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\64-bit\procloggersvc\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\64-bit\procloggersvc\service\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\64-bit\procloggersvc\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\64-bit\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\service\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\processloggerservice\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\service\logs\desktop-mjgji06\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\service\logs\desktop-mjgji06\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\service\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\service\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\procloggersvc\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\installmate\{d7c29dfd-dd4c-4c58-b79f-e2b576142af8}\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\macrium\reflectdl\resume\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\mcafee\mclogs\partnercustom\securityscan_inner\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\mcafee\mclogs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\microsoft\netframework\breadcrumbstore\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\microsoft\datamart\paidwifi\networkscache\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
    [U] c:\programdata\microsoft\datamart\paidwifi\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
    [U] c:\programdata\microsoft\netframework\breadcrumbstore\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
    [U] c:\programdata\microsoft\user account pictures\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\microsoft\user account pictures\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
    [U] c:\programdata\microsoft\windows\wer\reportarchive\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
    [U] c:\programdata\microsoft onedrive\setup\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\microsoft\windows\wer\reportqueue\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
    [U] c:\programdata\updshl\01004fcc1cf65a4b\update\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\wrdata\pkg\firefox\webrootsecure_socketserver\locale\en-us\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\programdata\wrdata\pkg\firefox\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\installmate\{d7c29dfd-dd4c-4c58-b79f-e2b576142af8}\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\macrium\reflectdl\resume\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\mcafee\mclogs\partnercustom\securityscan_inner\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\mcafee\mclogs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\microsoft\netframework\breadcrumbstore\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\microsoft\user account pictures\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\microsoft onedrive\setup\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\updshl\01004fcc1cf65a4b\update\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\wrdata\pkg\firefox\webrootsecure_socketserver\locale\en-us\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\all users\wrdata\pkg\firefox\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\default\appdata\roaming\microsoft\windows\recent\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\default\recent\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\no\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\uk\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_tw\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__macosx\_locales\cs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__macosx\_locales\fi\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__macosx\_locales\lt\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\feeds cache\81f6nc08\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\feeds cache\au90n4yk\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\feeds cache\pnjm5c45\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\feeds cache\xjlge2hd\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\internet explorer\domstore\5hozdg11\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\onedrive\17.3.6799.0327\de\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\onedrive\17.3.6799.0327\imageformats\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\onedrive\17.3.6799.0327\ms\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\windows\burn\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\windows\pricache\microsoft.windows.shellexperiencehost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\windows\safety\download\local\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\windows\settingsync\metastore\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\windows\settingsync\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\windows\temporary internet files\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\microsoft\windows sidebar\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.aad.brokerplugin_cw5n1h2txyewy\tempstate\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.accountscontrol_cw5n1h2txyewy\ac\temp\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.bingsports_8wekyb3d8bbwe\localcache\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.bingsports_8wekyb3d8bbwe\localstate\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.bioenrollment_cw5n1h2txyewy\localstate\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.desktopappinstaller_8wekyb3d8bbwe\tempstate\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.freshpaint_8wekyb3d8bbwe\localstate\applicationinsights\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.lockapp_cw5n1h2txyewy\ac\microsoft\systemcertificates\my\certificates\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.lockapp_cw5n1h2txyewy\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\ac\#!001\microsoftedge\cache\wr7gqf8y\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\ac\#!001\microsoftedge\cache\zmbrkiqq\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
    [U] c:\users\owner\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\ac\#!001\microsoftedge\user\default\appcache\6tfk3dia\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]


    P.S. I don't know why that BB code is playing up. I didn't mean to underline these entries. But, I can't remove it.[/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U]
     
    Last edited: Jun 13, 2017
    Tarnak, Jun 13, 2017
    #3210
  11. Triple Helix

    Triple Helix Specialist

    [U ] is unknown to the Webroot Cloud Database so contact support and ask them to Whitelist them. Webroot Customer Service
     
    Triple Helix, Jun 13, 2017
    #3211
  12. Tarnak

    Tarnak Registered Member

    Sorry, Dan but that is too much of a hassle. I'll just hope they will go away. Thanks, anyway. :)
     
    Tarnak, Jun 13, 2017
    #3212
  13. Triple Helix

    Triple Helix Specialist

    It's just as fast as posting them here, but here nothing will get Whitelisted.
     
    Triple Helix, Jun 13, 2017
    #3213
  14. Tarnak

    Tarnak Registered Member

    Not as fast as when I could PM/email Prevx Joe. :) He would fix in no time. :)
     
    Tarnak, Jun 13, 2017
    #3214
  15. Triple Helix

    Triple Helix Specialist

    Your just to lazy!

    Took me 5 seconds to send a ticket.

    2017-06-13_19-41-01.png
     
    Triple Helix, Jun 13, 2017
    #3215
  16. Triple Helix

    Triple Helix Specialist

    And 12 Minutes for a reply!

    2017-06-13_19-55-54.png
     
    Triple Helix, Jun 13, 2017
    #3216
  17. Dragon1952

    Dragon1952 Registered Member

    What does G stand for ...

    v9.0.15.40
    Windows 7 Service Pack 1 (Build 7601) 64bit (Hostname: USER-PC - Local IP: xxxxxxxxxx
    Scan Started: Tue 2017-06-13 19:48:43
    [G] c:\windows\system32\smss.exe [MD5: 40F6E4AAFC115348C080F7A160C7FB36] [Flags: 00190000.8552]
    [G] c:\windows\system32\csrss.exe [MD5: 60C2862B4BF0FD9F582EF344C2B1EC72] [Flags: 40190000.177]
    [G] c:\windows\system32\wininit.exe [MD5: 94355C28C1970635A31B3FE52EB7CEBA] [Flags: 40190000.170]
    [G] c:\windows\system32\services.exe [MD5: 71C85477DF9347FE8E7BC55768473FCA] [Flags: 40190000.127]
    [G] c:\windows\system32\lsass.exe [MD5: 7404CDF0B904C6B8AA36C1D167D9F286] [Flags: 10110000.8559]
    [G] c:\windows\system32\lsm.exe [MD5: 9662EE182644511439F1C53745DC1C88] [Flags: 40110000.120]
    [G] c:\windows\system32\svchost.exe [MD5: C78655BC80301D76ED4FEF1C1EA40A7D] [Flags: 50190000.162]
    [G] c:\windows\syswow64\kernelbase.dll [MD5: DCCBF8EA42BD498A8194C8A0229F7A42] [Flags: 00000000.8575]
    [G] c:\program files\webroot\wrsa.exe [MD5: 14BF7CC16D2E2F91A5F79D1CD79A03CE] [Flags: 58181000.259]
    [G] c:\windows\syswow64\sechost.dll [MD5: 65A5E27C2217D606E212B6088CCD6104] [Flags: 40000000.149]
    [G] c:\windows\syswow64\kernel32.dll [MD5: 8C4A94C3B6C16C4A853CC0C8F2DDB4D8] [Flags: 00000000.8577]
    [G] c:\windows\syswow64\ntdll.dll [MD5: 620650F241808CB846985A5567A2D58B] [Flags: 00001000.8579]
    [G] c:\windows\syswow64\advapi32.dll [MD5: 005DF3E0A9EFB600CDA2A357E93A37C5] [Flags: 00000000.8580]
    [G] c:\windows\syswow64\sspicli.dll [MD5: D0CFCC820431FDB910E8021A11E7012E] [Flags: 00000000.8576]
    [G] c:\windows\syswow64\msvcrt.dll [MD5: 9DC80A8AAAAAC397BDAB3C67165A824E] [Flags: 40000000.178]
    [G] c:\windows\syswow64\cryptbase.dll [MD5: C132F6B85619F4C3EF6377C2D021820F] [Flags: 00000000.8578]
     
    Dragon1952, Jun 13, 2017
    #3217
  18. Triple Helix

    Triple Helix Specialist

    [G] Known Good to the Webroot Cloud Database! Also note that v9.0.17.24 is released so be on the look out. No release notes yet.
     
    Triple Helix, Jun 13, 2017
    #3218
  19. Dragon1952

    Dragon1952 Registered Member

    These scans are fast now...
    G] c:\windows\system32\basesrv.dll [MD5: 168EA9CD9BD6056BB6F60B57D5304BBE] [Flags: 40010000.529]
    [G] c:\program files\webroot\wrsa.exe [MD5: 14BF7CC16D2E2F91A5F79D1CD79A03CE] [Flags: 58181000.259]
    [G] c:\windows\system32\mstask.dll [MD5: 862596399AAFD2A21DB2AF9270CD4F70] [Flags: 00010000.3342]
    [G] c:\windows\system32\structuredquery.dll [MD5: BA4107750C9F39D1FB9F65FC5C9E3E97] [Flags: 40010000.633]
    [G] c:\windows\system32\kerberos.dll [MD5: F3745551F0BA76C7A6E7F04D29CC8C3F] [Flags: 00010000.8752]
    [G] c:\program files (x86)\adobe\reader 11.0\reader\pe.dll [MD5: FE0E8BB569F4954799E75C81DA69FAC1] [Flags: 00001000.5409]
    [G] c:\windows\system32\catsrvut.dll [MD5: 75DFE3CE6A8BFC995CC1D615B74DF8B0] [Flags: 40010000.1422]
    [G] c:\windows\sysnative\drivers\mpsdrv.sys [MD5: 6C38C9E45AE0EA2FA5E551F2ED5E978F] [Flags: 40010000.1742]
    [G] c:\windows\sysnative\kerberos.dll [MD5: F3745551F0BA76C7A6E7F04D29CC8C3F] [Flags: 00010000.8752]
    [G] c:\windows\system32\drivers\mpsdrv.sys [MD5: 6C38C9E45AE0EA2FA5E551F2ED5E978F] [Flags: 40010000.1742]
    [G] c:\windows\system32\kbdfc.dll [MD5: AD88C5881E8D96839B12227BCD563EE1] [Flags: 40090000.2302]
    [G] c:\windows\system32\kbdcz2.dll [MD5: 76A9A2DF0E26A3C9D2413CF5591C5B3C] [Flags: 40010000.2367]
    Files Scanned: 17913
    Malicious Files: 0
    Duration: 22s
     
    Dragon1952, Jun 13, 2017
    #3219
  20. Triple Helix

    Triple Helix Specialist

    22 seconds is very good. Mine is between 25 to 40 seconds.

    2017-06-13_20-18-43.png
     
    Triple Helix, Jun 13, 2017
    #3220
  21. Dragon1952

    Dragon1952 Registered Member

    My wsa scan is usually about 35 seconds. I don't know why it is 22 today or when this faster scan happened.
     
    Dragon1952, Jun 13, 2017
    #3221
  22. clubhouse1

    clubhouse1 Registered Member

    Still waiting on webroot to catch up with other AV vendors and add a option to exclude folders.
     
    clubhouse1, Jun 13, 2017
    #3222
  23. Triple Helix

    Triple Helix Specialist

    It's not catch up. Joe never wanted to add an Exclusion to WSA way back, but they do have it in the Enterprise Version and hopefully soon they will add it to the Consumer version. And look when the Request was started 3/29/2012: https://community.webroot.com/t5/Id...-specific-files-folders-from-scans/idi-p/3300

    And the Business version: https://community.webroot.com/t5/Feature-Requests/Folder-Excluding/idi-p/6406
    https://community.webroot.com/t5/Pr...-Update-Bulletin-21-0-July-28-2015/m-p/209909
     
    Triple Helix, Jun 13, 2017
    #3223
  24. clubhouse1

    clubhouse1 Registered Member

    5 years and still under consideration!...As I've said before I will resubscribe to what otherwise is a excellent AV, but they should realise that many end users are capable of making exclusion decisions themselves.
     
    clubhouse1, Jun 13, 2017
    #3224
  25. Triple Helix

    Triple Helix Specialist

    Don't shoot the messenger. ;)
     
    Triple Helix, Jun 13, 2017
    #3225
Page 129 of 189
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice