Webroot SecureAnywhere Discussion & Update Thread

I ran this tool, yesterday: See Wilders' topic : Application Whitelist Auditor - https://www.wilderssecurity.com/threads/application-whitelist-auditor.394699/page-2

 

When I ran checked the last WSA scan, I got a lot entries [x]. Not sure what that means. Obviously, not malware, but interesting nonetheless. I have only posted a few of these entries.

[X] c:\program files\secureage\everything\everything.ini
[X] c:\windows\system32\drivers\acpidev.sys [SHA256: A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0] [MD5: 0935496EF9624B46B935CB35ECE1F205] [Flags: 00010400.17809]
[X] c:\windows\system32\drivers\acpitime.sys [SHA256: 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971] [MD5: C247E35A21682DA8D0DC3AF9F025FCC5] [Flags: 00010400.17810]
[X] c:\windows\system32\drivers\bthhfenum.sys [SHA256: 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5] [MD5: C2E31BE025D46D189E38DD1EDF07837A] [Flags: 00010400.17811]
c:\windows\system32\drivers\diskpt.sys [SHA256: A0EB8A72E30D09159EBDD323A8BF10875246985EAF0E17258A0777C0CB764349] [MD5: 28312CEFADBBA6128B9574C4EFBDC999] [Flags: 40091410.2029]
[X] c:\windows\system32\drivers\errdev.sys [SHA256: 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248] [MD5: 77B60DEC7DCB4233E4A69D3F52E5DB24] [Flags: 00010400.17812]
[X] c:\windows\system32\drivers\gpuenergydrv.sys [SHA256: FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E] [MD5: 7ACD8F69B5D6EC97E6D2C006E19BED88] [Flags: 00010400.8610]
[X] c:\windows\system32\drivers\http.sys [SHA256: D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397] [MD5: A10C7C1E69FC90620C7BF2E51302A01F] [Flags: 00011400.7786]
[X] c:\windows\system32\drivers\iai2c.sys [SHA256: 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463] [MD5: 9A2A2F3C69B9A30B6E78536F6D258BAD] [Flags: 00010400.17813]
[X] c:\windows\system32\drivers\irenum.sys [SHA256: 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116] [MD5: 9725E7F0C64CE9916A5CDABE8D6E13C3] [Flags: 00010400.17814]
[X] c:\windows\system32\drivers\mshidkmdf.sys [SHA256: 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1] [MD5: FD870F6968A145E4D2BA8A8842686B03] [Flags: 00010400.17815]
[X] c:\windows\system32\drivers\mtconfig.sys [SHA256: BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553] [MD5: 130B16970154BA9876B09E5C4BAC63BE] [Flags: 00010400.17816]
c:\windows\system32\drivers\procloggerdrv.sys [SHA256: 4E122FC140E854B9EE752C6595AD7F70C27C3D0D5D80E9F5C8D1E02CD6C4E3F4] [MD5: 811402852A889BF82B6374A0ED6AFBAA] [Flags: 00091411.13321]
[X] c:\windows\system32\drivers\vms3cap.sys [SHA256: C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5] [MD5: B5DAEE69BACA64D2BB004568E22D8756] [Flags: 00010400.8828]
c:\windows\system32\drivers\sascan.sys [SHA256: 955D6C57E1BFE1CE1B026C7736CEEECE263DCED3733027EB6E0631C563C0BD33] [MD5: D57AEBEB8B2DBBECA57A16B0B743B44C] [Flags: 00091410.15304]
[X] c:\windows\system32\drivers\serenum.sys [SHA256: 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE] [MD5: 3FF478A8ED32A83C36581425F6282B6C] [Flags: 00010400.17817]
[X] c:\windows\system32\snmptrap.exe [SHA256: CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20] [MD5: 6F4CE07D420FB657B5936F71101ABD41] [Flags: 00010400.17818]
[X] c:\windows\system32\drivers\spbcx.sys [SHA256: D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D] [MD5: E03264C4C25B568F92ED1656AD541E64] [Flags: 00011400.8760]
[X] c:\programdata\vmware\hostd\config.xml
c:\program files\shadow defender\service.exe [SHA256: FBC1E1ED9EB024283DC76393109B328DCDD50D8088B3369290614B22DE4647B1] [MD5: 441F0A2CF30AA4B2BB54ACFBA797BB11] [Flags: 40191410.2016]
[X] c:\windows\system32\credssp.dll [SHA256: 6B0410675CBF8D9FA552161429B9D8E22516CCB0D88218E9E25802477452A711] [MD5: 3BE47B97A0AF471972EE27CC692F8868] [Flags: 00010400.17819]
[X] c:\windows\system32\kbdbu.dll [SHA256: CABA66710B352F2413A264EACB0E23848371B25E75638CC76E45845C58D3B0F8] [MD5: EA679BF1A55112FE12CA6CD6EA27C3CD] [Flags: 00010400.17820]
[X] c:\windows\system32\kbdus.dll [SHA256: D02BCC19AB89EE188DD31D17DEBAECDE26CFC0B30B6E5B0CC5889CCC85202E63] [MD5: 974F03FF3BDB6786F890329340E29CFF] [Flags: 00010400.17821]
[X] c:\windows\system32\kbdda.dll [SHA256: FC28E1DD1583D757A46DC537F94136228990584818FB5CFDCB2AE2EA5A0B2CDD] [MD5: 9C2B8BC8911F937672FEE63658A42F9D] [Flags: 00010400.9687]
[X] c:\windows\system32\kbdhe.dll [SHA256: F311D43A2661C4676B153A2B16C01DDB26B59503AAD6BFED972E6B9FBFEEF161] [MD5: 3EC34E38B2EE272CA6B909866E615B0E] [Flags: 00010400.17822]
[X] c:\windows\system32\kbdfr.dll [SHA256: 7244C14876A91423A537D92C299B5344DCA34DB5845FFE51ABF6E31BC40D99A3] [MD5: 079FAB910411BB917D3FD30BB9E7A54C] [Flags: 00010400.9692]
[X] c:\windows\system32\kbdheb.dll [SHA256: 9FC933682F529A7FB78138FCE78C9B98A336ACBE33A7346EDAEB44CC3980FD8A] [MD5: A0C1E51F732E8A8D2F6A002503AC57B1] [Flags: 00010400.9693]
[X] c:\windows\system32\kbdhu.dll [SHA256: 3D23531064B4E9A1D1E35837A0580D963D7BFAFDF18E0FFF042E28A310422D1A] [MD5: B95518E48160F6EB4389F26B352C8AEB] [Flags: 00010400.17823]
[X] c:\windows\system32\kbdit.dll [SHA256: 51453D1D656AE5819816912827BA94CD654DE419D85D206126DB046D1ABA6151] [MD5: BFFF1EAE658958753F472D302D5C76F9] [Flags: 00010400.17824]
[X] c:\windows\system32\kbdne.dll [SHA256: EF3270ABC8D495E39936A3784591726ED2A8F464F8CB0AD332CC5C984BDA1B13] [MD5: 4C5B6B8F6414F845C93AD761C3B823CF] [Flags: 00010400.17825]
[X] c:\windows\system32\kbdpl1.dll [SHA256: 065C9F0EC92EEB01CDCB6C36A48ADC5846EE32947BDF6F9CEEACC9F950AB87FC] [MD5: 553D255A9F2D22BCE6E6AE4AECB06CA9] [Flags: 00010400.17826]
[X] c:\windows\system32\kbdbr.dll [SHA256: 756EC25E5B8858E360506F736613FC72616DEA2F8D9677B7A11A53E9B208D018] [MD5: 47C8D486DD2ACD7FA92A6A277912D176] [Flags: 00010400.9702]

 

What about it? Are you saying WSA doesn't play nice with it?

 

[X] stands for no determination from the Cloud. X can mean offline (as it no cloud determination made). So do a WSA scan again and make sure it's allowed to contact the Cloud meaning don't let any other Security Software block WSA from using the Internet.

 

No, not that so much. More like why is the WSA scan showing all those entries in the scan log?

 

See my above post!

 

By the way WSA version 9.0.17.24 is now Released to all users. No release notes at this time.

 

I usually wait until WSA does it automatically, i.e. once every 24 hours, or so. So, when the scan is done those [x] ones will bed gone, probably.

 

I did, and see my reply, above.

 

Also, got a whole heap of new ones, too:

U] c:\$sysreset\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\$sysreset\mdm\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\$sysreset\oldos\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\$sysreset\scratch\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\$sysreset\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\$windows.~ws\sources\panther\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\$windows.~ws\sources\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\$windows.~ws\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\drivers\disk\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\drivers\network\ven_11ab_dev_2b38\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\drivers\network\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\drivers\usb\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\drivers\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\wa10kfiles\fwfiles\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\wa10kfiles\media\boot\fonts\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\wa10kfiles\media\boot\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\wa10kfiles\media\drivers\disk\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\wa10kfiles\media\drivers\network\ven_11ab_dev_2b38\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\wa10kfiles\media\drivers\network\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
c:\boot\macrium\wa10kfiles\media\drivers\usb\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\media\drivers\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\media\efi\boot\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\media\efi\microsoft\boot\fonts\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\media\efi\microsoft\boot\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\media\efi\microsoft\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\media\efi\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\media\sources\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\media\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\mount\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\wa10kfiles\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\macrium\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\boot\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\esd\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\frst\hives\users\00000001\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\frst\hives\users\00000002\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\frst\hives\users\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\frst\hives\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\frst\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\frst\quarantine\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\frst\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\intel\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\intel\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\netfilter2\ssl\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\netfilter2\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\exclusions\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\logs\desktop-mjgji06\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\logs\desktop-mjgji06\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\logs\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\32-bit\procloggersvc\exclusions\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\32-bit\procloggersvc\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\32-bit\procloggersvc\service\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\32-bit\procloggersvc\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\32-bit\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\64-bit\procloggersvc\exclusions\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\64-bit\procloggersvc\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\64-bit\procloggersvc\service\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\64-bit\procloggersvc\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\64-bit\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\service\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\processloggerservice\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\service\logs\desktop-mjgji06\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\service\logs\desktop-mjgji06\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\service\logs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\service\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\procloggersvc\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\installmate\{d7c29dfd-dd4c-4c58-b79f-e2b576142af8}\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\macrium\reflectdl\resume\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\mcafee\mclogs\partnercustom\securityscan_inner\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\mcafee\mclogs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\microsoft\netframework\breadcrumbstore\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\microsoft\datamart\paidwifi\networkscache\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
[U] c:\programdata\microsoft\datamart\paidwifi\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
[U] c:\programdata\microsoft\netframework\breadcrumbstore\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
[U] c:\programdata\microsoft\user account pictures\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\microsoft\user account pictures\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
[U] c:\programdata\microsoft\windows\wer\reportarchive\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
[U] c:\programdata\microsoft onedrive\setup\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\microsoft\windows\wer\reportqueue\applockerauditdll.dll [SHA256: 30E05FE8AE0A5DEAFF19311D7775830ED159925543448519987F80DC6332BAC0] [MD5: 83621F137063E2E22968177FDC9834D9] [Flags: 00081401.17802]
[U] c:\programdata\updshl\01004fcc1cf65a4b\update\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\wrdata\pkg\firefox\webrootsecure_socketserver\locale\en-us\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\programdata\wrdata\pkg\firefox\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\installmate\{d7c29dfd-dd4c-4c58-b79f-e2b576142af8}\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\macrium\reflectdl\resume\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\mcafee\mclogs\partnercustom\securityscan_inner\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\mcafee\mclogs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\microsoft\netframework\breadcrumbstore\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\microsoft\user account pictures\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\microsoft onedrive\setup\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\updshl\01004fcc1cf65a4b\update\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\wrdata\pkg\firefox\webrootsecure_socketserver\locale\en-us\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\all users\wrdata\pkg\firefox\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\default\appdata\roaming\microsoft\windows\recent\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\default\recent\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\no\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\uk\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_tw\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__macosx\_locales\cs\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__macosx\_locales\fi\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__macosx\_locales\lt\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\google\chrome\user data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\feeds cache\81f6nc08\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\feeds cache\au90n4yk\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\feeds cache\pnjm5c45\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\feeds cache\xjlge2hd\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\internet explorer\domstore\5hozdg11\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\onedrive\17.3.6799.0327\de\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\onedrive\17.3.6799.0327\imageformats\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\onedrive\17.3.6799.0327\ms\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\windows\burn\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\windows\pricache\microsoft.windows.shellexperiencehost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\windows\safety\download\local\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\windows\settingsync\metastore\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\windows\settingsync\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\windows\temporary internet files\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\microsoft\windows sidebar\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.aad.brokerplugin_cw5n1h2txyewy\tempstate\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.accountscontrol_cw5n1h2txyewy\ac\temp\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.bingsports_8wekyb3d8bbwe\localcache\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.bingsports_8wekyb3d8bbwe\localstate\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.bioenrollment_cw5n1h2txyewy\localstate\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.desktopappinstaller_8wekyb3d8bbwe\tempstate\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.freshpaint_8wekyb3d8bbwe\localstate\applicationinsights\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.lockapp_cw5n1h2txyewy\ac\microsoft\systemcertificates\my\certificates\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.lockapp_cw5n1h2txyewy\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\ac\#!001\microsoftedge\cache\wr7gqf8y\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\ac\#!001\microsoftedge\cache\zmbrkiqq\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]
[U] c:\users\owner\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\ac\#!001\microsoftedge\user\default\appcache\6tfk3dia\applockerauditexe.exe [SHA256: 9AA2B848D553D71BA3CD4BFD11EA3B6F3857D8248316F5C72AFFCDCC16610506] [MD5: 84432AA8039B4484F5A383971F423AC1] [Flags: 00081011.17801]


P.S. I don't know why that BB code is playing up. I didn't mean to underline these entries. But, I can't remove it.[/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U]

 

[U ] is unknown to the Webroot Cloud Database so contact support and ask them to Whitelist them. Webroot Customer Service

 

Sorry, Dan but that is too much of a hassle. I'll just hope they will go away. Thanks, anyway.

 

It's just as fast as posting them here, but here nothing will get Whitelisted.

 

Not as fast as when I could PM/email Prevx Joe. He would fix in no time.

 

Your just to lazy!

Took me 5 seconds to send a ticket.

 

And 12 Minutes for a reply!

 

What does G stand for ...

v9.0.15.40
Windows 7 Service Pack 1 (Build 7601) 64bit (Hostname: USER-PC - Local IP: xxxxxxxxxx
Scan Started: Tue 2017-06-13 19:48:43
[G] c:\windows\system32\smss.exe [MD5: 40F6E4AAFC115348C080F7A160C7FB36] [Flags: 00190000.8552]
[G] c:\windows\system32\csrss.exe [MD5: 60C2862B4BF0FD9F582EF344C2B1EC72] [Flags: 40190000.177]
[G] c:\windows\system32\wininit.exe [MD5: 94355C28C1970635A31B3FE52EB7CEBA] [Flags: 40190000.170]
[G] c:\windows\system32\services.exe [MD5: 71C85477DF9347FE8E7BC55768473FCA] [Flags: 40190000.127]
[G] c:\windows\system32\lsass.exe [MD5: 7404CDF0B904C6B8AA36C1D167D9F286] [Flags: 10110000.8559]
[G] c:\windows\system32\lsm.exe [MD5: 9662EE182644511439F1C53745DC1C88] [Flags: 40110000.120]
[G] c:\windows\system32\svchost.exe [MD5: C78655BC80301D76ED4FEF1C1EA40A7D] [Flags: 50190000.162]
[G] c:\windows\syswow64\kernelbase.dll [MD5: DCCBF8EA42BD498A8194C8A0229F7A42] [Flags: 00000000.8575]
[G] c:\program files\webroot\wrsa.exe [MD5: 14BF7CC16D2E2F91A5F79D1CD79A03CE] [Flags: 58181000.259]
[G] c:\windows\syswow64\sechost.dll [MD5: 65A5E27C2217D606E212B6088CCD6104] [Flags: 40000000.149]
[G] c:\windows\syswow64\kernel32.dll [MD5: 8C4A94C3B6C16C4A853CC0C8F2DDB4D8] [Flags: 00000000.8577]
[G] c:\windows\syswow64\ntdll.dll [MD5: 620650F241808CB846985A5567A2D58B] [Flags: 00001000.8579]
[G] c:\windows\syswow64\advapi32.dll [MD5: 005DF3E0A9EFB600CDA2A357E93A37C5] [Flags: 00000000.8580]
[G] c:\windows\syswow64\sspicli.dll [MD5: D0CFCC820431FDB910E8021A11E7012E] [Flags: 00000000.8576]
[G] c:\windows\syswow64\msvcrt.dll [MD5: 9DC80A8AAAAAC397BDAB3C67165A824E] [Flags: 40000000.178]
[G] c:\windows\syswow64\cryptbase.dll [MD5: C132F6B85619F4C3EF6377C2D021820F] [Flags: 00000000.8578]

 

[G] Known Good to the Webroot Cloud Database! Also note that v9.0.17.24 is released so be on the look out. No release notes yet.

 

These scans are fast now...
G] c:\windows\system32\basesrv.dll [MD5: 168EA9CD9BD6056BB6F60B57D5304BBE] [Flags: 40010000.529]
[G] c:\program files\webroot\wrsa.exe [MD5: 14BF7CC16D2E2F91A5F79D1CD79A03CE] [Flags: 58181000.259]
[G] c:\windows\system32\mstask.dll [MD5: 862596399AAFD2A21DB2AF9270CD4F70] [Flags: 00010000.3342]
[G] c:\windows\system32\structuredquery.dll [MD5: BA4107750C9F39D1FB9F65FC5C9E3E97] [Flags: 40010000.633]
[G] c:\windows\system32\kerberos.dll [MD5: F3745551F0BA76C7A6E7F04D29CC8C3F] [Flags: 00010000.8752]
[G] c:\program files (x86)\adobe\reader 11.0\reader\pe.dll [MD5: FE0E8BB569F4954799E75C81DA69FAC1] [Flags: 00001000.5409]
[G] c:\windows\system32\catsrvut.dll [MD5: 75DFE3CE6A8BFC995CC1D615B74DF8B0] [Flags: 40010000.1422]
[G] c:\windows\sysnative\drivers\mpsdrv.sys [MD5: 6C38C9E45AE0EA2FA5E551F2ED5E978F] [Flags: 40010000.1742]
[G] c:\windows\sysnative\kerberos.dll [MD5: F3745551F0BA76C7A6E7F04D29CC8C3F] [Flags: 00010000.8752]
[G] c:\windows\system32\drivers\mpsdrv.sys [MD5: 6C38C9E45AE0EA2FA5E551F2ED5E978F] [Flags: 40010000.1742]
[G] c:\windows\system32\kbdfc.dll [MD5: AD88C5881E8D96839B12227BCD563EE1] [Flags: 40090000.2302]
[G] c:\windows\system32\kbdcz2.dll [MD5: 76A9A2DF0E26A3C9D2413CF5591C5B3C] [Flags: 40010000.2367]
Files Scanned: 17913
Malicious Files: 0
Duration: 22s

 

22 seconds is very good. Mine is between 25 to 40 seconds.

 

My wsa scan is usually about 35 seconds. I don't know why it is 22 today or when this faster scan happened.

 

Still waiting on webroot to catch up with other AV vendors and add a option to exclude folders.

 

It's not catch up. Joe never wanted to add an Exclusion to WSA way back, but they do have it in the Enterprise Version and hopefully soon they will add it to the Consumer version. And look when the Request was started 3/29/2012: https://community.webroot.com/t5/Id...-specific-files-folders-from-scans/idi-p/3300

And the Business version: https://community.webroot.com/t5/Feature-Requests/Folder-Excluding/idi-p/6406
https://community.webroot.com/t5/Pr...-Update-Bulletin-21-0-July-28-2015/m-p/209909

 

5 years and still under consideration!...As I've said before I will resubscribe to what otherwise is a excellent AV, but they should realise that many end users are capable of making exclusion decisions themselves.

 

Don't shoot the messenger.