1 3652 6132 2 00000000:001961fc 131545711620239703 0 0 1 High USDEVR9K0NHD\sramka Procmon64.exe C:\Users\IBM_AD~1\AppData\Local\Temp\Procmon64.exe "C:\Users\IBM_AD~1\AppData\Local\Temp\Procmon64.exe" /originalpath "C:\ProcessMonitor\Procmon.exe" Sysinternals - www.sysinternals.com 3.4 Process Monitor 131545711769831208 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711769831208 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711769831208 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711769831208 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711769831208 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711769831208 0x13f680000 1208320 C:\Users\IBM_AD~1\AppData\Local\Temp\Procmon64.exe 3.4 Sysinternals - www.sysinternals.com Process Monitor 131545711769831208 0x7fef5650000 36864 C:\windows\system32\FLTLIB.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Filter Library 131545711769831208 0x7fef5680000 1200128 C:\windows\system32\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545711769831208 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711769831208 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711769831208 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711769831208 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711769831208 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711769831208 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711769831208 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711769831208 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711769831208 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711769831208 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711769831208 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711769831208 0x7fefd250000 618496 C:\windows\system32\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711769831208 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711769831208 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711769831208 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711769831208 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711769831208 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711769831208 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711769831208 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711769831208 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711769831208 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711769831208 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711769831208 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711769831208 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711769831208 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711769831208 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711769831208 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711769831208 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 2 6132 2720 7 00000000:0019621a 131545711577674298 0 0 0 Medium USDEVR9K0NHD\sramka Procmon.exe C:\ProcessMonitor\Procmon.exe "C:\ProcessMonitor\Procmon.exe" Sysinternals - www.sysinternals.com 3.4 Process Monitor 131545711771458121 0xa10000 2170880 C:\ProcessMonitor\Procmon.exe 3.4 Sysinternals - www.sysinternals.com Process Monitor 131545711771458121 0x694a0000 8900608 C:\PROGRA~2\MICROS~1\Office15\1033\GrooveIntlResource.dll 15.0.4907.1000 Microsoft Corporation Microsoft OneDrive for Business Intl Resource Module 131545711771458121 0x6a440000 1249280 C:\windows\SysWOW64\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545711771458121 0x6b0c0000 16384 C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771458121 0x6c340000 1740800 C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL 15.0.4907.1000 Microsoft Corporation Microsoft OneDrive for Business Extensions 131545711771458121 0x6cc10000 1695744 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771458121 0x6d570000 2383872 C:\windows\SysWOW64\msi.dll 5.0.7601.23593 Microsoft Corporation Windows Installer 131545711771458121 0x6d7d0000 102400 C:\windows\SysWOW64\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771458121 0x6d7f0000 36864 C:\windows\SysWOW64\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771458121 0x6d880000 200704 C:\windows\SysWOW64\EhStorShell.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Enhanced Storage Shell Extension DLL 131545711771458121 0x6dca0000 458752 C:\windows\SysWOW64\ntshrui.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell extensions for sharing 131545711771458121 0x6de40000 155648 C:\windows\SysWOW64\ATL100.DLL 10.00.40219.325 Microsoft Corporation ATL Module for Windows 131545711771458121 0x6deb0000 1003520 C:\windows\SysWOW64\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771458121 0x6e4f0000 32768 C:\windows\SysWOW64\Secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771458121 0x6fb60000 524288 C:\windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771458121 0x70f40000 311296 C:\windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771458121 0x710d0000 782336 C:\windows\SysWOW64\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771458121 0x71190000 73728 C:\windows\SysWOW64\mpr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545711771458121 0x72d40000 40960 C:\windows\SysWOW64\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771458121 0x72ff0000 241664 C:\windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771458121 0x73030000 94208 C:\windows\SysWOW64\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771458121 0x731d0000 45056 C:\windows\SysWOW64\cscapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Offline Files Win32 API 131545711771458121 0x731e0000 28672 C:\windows\SysWOW64\FLTLIB.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Filter Library 131545711771458121 0x732b0000 57344 C:\windows\SysWOW64\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771458121 0x732c0000 430080 C:\windows\SysWOW64\MSVCP100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771458121 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771458121 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771458121 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771458121 0x74890000 57344 C:\windows\SysWOW64\DEVRTL.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771458121 0x748a0000 135168 C:\windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771458121 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771458121 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771458121 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771458121 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771458121 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771458121 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771458121 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771458121 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771458121 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771458121 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771458121 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771458121 0x75050000 503808 C:\windows\syswow64\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771458121 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771458121 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771458121 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771458121 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771458121 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771458121 0x754f0000 282624 C:\windows\syswow64\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771458121 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771458121 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771458121 0x75820000 16384 C:\windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771458121 0x75be0000 24576 C:\windows\syswow64\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771458121 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771458121 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771458121 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771458121 0x75f80000 217088 C:\windows\syswow64\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771458121 0x760b0000 20480 C:\windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771458121 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771458121 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771458121 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771458121 0x76ef0000 536576 C:\windows\syswow64\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771458121 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771458121 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 3 4 0 4 00000000:000003e7 131545696655076284 0 0 1 System NT AUTHORITY\SYSTEM System System 131545711769833742 0x47c60000 131072 C:\Windows\System32\smss.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Session Manager 131545711769833742 0x75cc0000 12288 C:\Windows\SysWOW64\normaliz.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711769833742 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711769833742 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711769833742 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711769833742 0x77360000 28672 C:\Windows\System32\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711769833742 0x77370000 12288 C:\Windows\System32\normaliz.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711769833742 0xff950000 790528 C:\Windows\System32\autochk.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Auto Check Utility 131545711769833742 0x7fefce90000 61440 C:\Windows\System32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711769833742 0x7fefcea0000 61440 C:\Windows\System32\msasn1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711769833742 0x7fefceb0000 126976 C:\Windows\System32\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711769833742 0x7fefced0000 12288 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711769833742 0x7fefcee0000 106496 C:\Windows\System32\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711769833742 0x7fefcf00000 241664 C:\Windows\System32\wintrust.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711769833742 0x7fefcf40000 20480 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711769833742 0x7fefcf50000 221184 C:\Windows\System32\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711769833742 0x7fefcf90000 1495040 C:\Windows\System32\crypt32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711769833742 0x7fefd100000 16384 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711769833742 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711769833742 0x7fefd180000 16384 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711769833742 0x7fefd190000 16384 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711769833742 0x7fefd1a0000 16384 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711769833742 0x7fefd250000 618496 C:\Windows\System32\comdlg32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711769833742 0x7fefd2f0000 2928640 C:\Windows\System32\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711769833742 0x7fefd5c0000 626688 C:\Windows\System32\clbcatq.dll 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711769833742 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711769833742 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711769833742 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711769833742 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711769833742 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711769833742 0x7fefda10000 14196736 C:\Windows\System32\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711769833742 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711769833742 0x7fefe7b0000 102400 C:\Windows\System32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711769833742 0x7fefe7d0000 1929216 C:\Windows\System32\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711769833742 0x7fefe9b0000 32768 C:\Windows\System32\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711769833742 0x7fefea40000 315392 C:\Windows\System32\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711769833742 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711769833742 0x7fefeb30000 462848 C:\Windows\System32\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711769833742 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711769833742 0x7fefec80000 892928 C:\Windows\System32\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545711769833742 0x7fefed60000 1593344 C:\Windows\System32\urlmon.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation OLE32 Extensions for Win32 131545711769833742 0x7fefeef0000 335872 C:\Windows\System32\Wldap32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711769833742 0x7fefef50000 3280896 C:\Windows\System32\wininet.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711769833742 0x7feff280000 2080768 C:\Windows\System32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711769833742 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711769833742 0x7feff4c0000 327680 C:\Windows\System32\apisetschema.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation ApiSet Schema DLL 131545711769833742 0xfffff80000bc7000 40960 C:\windows\system32\kdcom.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Serial Kernel Debugger 131545711769833742 0xfffff800033f0000 299008 C:\windows\system32\hal.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Hardware Abstraction Layer DLL 131545711769833742 0xfffff88000c5c000 299008 C:\windows\System32\drivers\fwpkclnt.sys 6.1.7601.23821 (win7sp1_ldr.170529-1924) Microsoft Corporation FWP/IPsec Kernel-Mode API 131545711769833742 0xfffff88000d09000 81920 C:\windows\system32\PSHED.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Platform Specific Hardware Error Driver 131545711769833742 0xfffff88000d7c000 479232 C:\windows\system32\CI.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Code Integrity Module 131545711769833742 0xfffff88000e15000 36864 C:\windows\system32\drivers\compbatt.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Composite Battery Driver 131545711769833742 0xfffff88000e2a000 81920 C:\windows\system32\drivers\volmgr.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Volume Manager Driver 131545711769833742 0xfffff88000e58000 81920 C:\windows\system32\drivers\fileinfo.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation FileInfo Filter Driver 131545711769833742 0xfffff88000e73000 794624 C:\windows\system32\drivers\Wdf01000.sys 1.11.9200.16384 (win8_rtm.120725-1247) Microsoft Corporation Kernel Mode Driver Framework Runtime 131545711769833742 0xfffff88000f45000 356352 C:\windows\system32\drivers\ACPI.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ACPI Driver for NT 131545711769833742 0xfffff88000fa5000 40960 C:\windows\system32\drivers\msisadrv.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ISA Driver 131545711769833742 0xfffff88000fe2000 53248 C:\windows\system32\drivers\vdrvroot.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Virtual Drive Root Enumerator 131545711769833742 0xfffff88001001000 3817472 C:\windows\system32\drivers\iaStor.sys 11.2.0.1006 Intel Corporation Intel Rapid Storage Technology driver - x64 131545711769833742 0xfffff880013b0000 303104 C:\windows\system32\drivers\fltmgr.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Filesystem Filter Manager 131545711769833742 0xfffff8800159c000 385024 C:\windows\System32\Drivers\msrpc.sys 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Kernel Remote Procedure Call Provider 131545711769833742 0xfffff88001600000 176128 C:\windows\System32\Drivers\ksecpkg.sys 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Kernel Security Support Provider Interface Packages 131545711769833742 0xfffff8800162d000 1732608 C:\windows\System32\Drivers\Ntfs.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT File System Driver 131545711769833742 0xfffff880017ef000 65536 C:\windows\system32\drivers\vmstorfl.sys 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Virtual Storage Filter Driver 131545711769833742 0xfffff8800187c000 69632 C:\windows\System32\drivers\pcw.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Performance Counters for Windows Driver 131545711769833742 0xfffff88001897000 991232 C:\windows\system32\drivers\ndis.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NDIS 6.20 driver 131545711769833742 0xfffff880019ea000 36864 C:\windows\system32\DRIVERS\wfplwf.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation WFP NDIS 6.20 Lightweight Filter Driver 131545711769833742 0xfffff88001a03000 2080768 C:\windows\System32\drivers\tcpip.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation TCP/IP Driver 131545711769833742 0xfffff88001c18000 311296 C:\windows\system32\drivers\volsnap.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Volume Shadow Copy Driver 131545711769833742 0xfffff88001c6f000 32768 C:\windows\System32\Drivers\spldr.sys 6.1.7127.0 (fbl_security_bugfix(sepbld-s).090511-0943) Microsoft Corporation loader for security processor 131545711769833742 0xfffff88001cb1000 167936 C:\windows\System32\DRIVERS\Apsx64.sys 1.80.01.03 Lenovo. Shockproof Disk Driver 131545711769833742 0xfffff88001ce5000 126976 C:\windows\System32\Drivers\mup.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multiple UNC Provider Driver 131545711769833742 0xfffff88001d0d000 208896 C:\windows\System32\DRIVERS\fvevol.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation BitLocker Drive Encryption Driver 131545711769833742 0xfffff88001d55000 204800 C:\windows\system32\drivers\CLASSPNP.SYS 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation SCSI Class System Dll 131545711769833742 0xfffff88001d95000 180224 C:\windows\system32\Drivers\SEP\0C011B95\19C8.105\x64\ccSetx64.sys 12.11.0.13 Symantec Corporation Common Client Settings Driver 131545711769833742 0xfffff88003000000 200704 C:\windows\system32\DRIVERS\Teefer.sys 12.1.6531.6300 Symantec Corporation Symantec CMC Firewall Teefer3 131545711769833742 0xfffff8800304b000 913408 C:\windows\system32\Drivers\SEP\0C011B95\19C8.105\x64\SRTSP64.SYS 14.6.6.1 Symantec Corporation Symantec AutoProtect 131545711769833742 0xfffff8800313f000 278528 C:\windows\system32\Drivers\SEP\0C011B95\19C8.105\x64\Ironx64.SYS 4.0.6.11 Symantec Corporation Iron Driver 131545711769833742 0xfffff880031bb000 90112 C:\windows\system32\DRIVERS\vwififlt.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Virtual WiFi Filter Driver 131545711769833742 0xfffff88004000000 507904 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 117.2.1.25 Symantec Corporation Symantec Eraser Control Driver 131545711769833742 0xfffff88004193000 163840 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 117.2.1.25 Symantec Corporation Symantec Eraser Utility Driver 131545711769833742 0xfffff880041ca000 147456 C:\windows\system32\DRIVERS\rasl2tp.sys 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation RAS L2TP mini-port/call-manager driver 131545711769833742 0xfffff8800462b000 3817472 C:\windows\System32\Drivers\dump_iastor.sys 131545711769833742 0xfffff88004c45000 155648 C:\windows\system32\DRIVERS\pacer.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation QoS Packet Scheduler 131545711769833742 0xfffff88004c77000 2166784 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Data\Definitions\VirusDefs\20171106.001\EX64.SYS 20151.1.4.18 Symantec Corporation AV Engine 131545711769833742 0xfffff88004eab000 36864 C:\windows\System32\Drivers\Null.SYS 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NULL Driver 131545711769833742 0xfffff88004ebb000 57344 C:\windows\System32\drivers\vga.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation VGA/Super VGA Video Driver 131545711769833742 0xfffff88004eee000 65536 C:\windows\System32\drivers\watchdog.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Watchdog Driver 131545711769833742 0xfffff88004f07000 36864 C:\windows\system32\drivers\rdpencdd.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation RDP Encoder Miniport 131545711769833742 0xfffff88004f19000 45056 C:\windows\System32\Drivers\Msfs.SYS 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Mailslot driver 131545711769833742 0xfffff88004f35000 139264 C:\windows\system32\DRIVERS\tdx.sys 6.1.7601.23880 (win7sp1_ldr.170729-0600) Microsoft Corporation TDI Translation Driver 131545711769833742 0xfffff88004f64000 561152 C:\windows\system32\drivers\afd.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Ancillary Function Driver for WinSock 131545711769833742 0xfffff8800510c000 81920 C:\windows\system32\drivers\termdd.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Remote Desktop Server Driver 131545711769833742 0xfffff88005150000 614400 C:\windows\system32\Drivers\SEP\0C011B95\19C8.105\x64\SYMNETS.SYS 14.0.5.2 Symantec Corporation Network Security Driver 131545711769833742 0xfffff88005200000 253952 C:\windows\system32\DRIVERS\VBoxNetAdp6.sys 5.1.30.118389 Oracle Corporation VirtualBox NDIS 6.0 Host-Only Network Adapter Driver 131545711769833742 0xfffff8800527a000 266240 C:\windows\system32\DRIVERS\VBoxNetLwf.sys 5.1.30.118389 Oracle Corporation VirtualBox NDIS 6.0 Lightweight Filter Driver 131545711769833742 0xfffff880052ca000 118784 C:\windows\system32\drivers\serial.sys 1.0.1.6 (vbl_wcp_d2_drivers.060801-2007) Brother Industries Ltd. Brotehr Serial I/F Driver (WDM) 131545711769833742 0xfffff88005302000 196608 C:\windows\system32\DRIVERS\VBoxUSBMon.sys 5.1.30.118389 Oracle Corporation VirtualBox USB Monitor Driver 131545711769833742 0xfffff88005385000 315392 C:\windows\system32\DRIVERS\nvkflt.sys 10.18.13.5445 NVIDIA Corporation NVIDIA Windows Kernel Mode Driver, Version 354.45 131545711769833742 0xfffff8800541a000 192512 C:\windows\system32\DRIVERS\BazisVirtualCDBus.sys 4.1 Sysprogs OU WinCDEmu virtual CDROM bus 131545711769833742 0xfffff8800544f000 1003520 C:\windows\System32\drivers\dxgkrnl.sys 6.1.7601.23809 (win7sp1_ldr.170516-0600) Microsoft Corporation DirectX Graphics Kernel 131545711769833742 0xfffff8800558a000 49152 C:\windows\system32\drivers\nsiproxy.sys 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI Proxy 131545711769833742 0xfffff880055a1000 28672 C:\windows\system32\DRIVERS\smiifx64.sys 1.05 built by: WinDDK Lenovo Group Limited SMI Driver for Lenovo system 131545711769833742 0xfffff880055d7000 135168 C:\windows\system32\DRIVERS\raspptp.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Peer-to-Peer Tunneling Protocol 131545711769833742 0xfffff88005600000 483328 C:\windows\system32\DRIVERS\SynTP.sys 16.2.19.7 17Apr13 Synaptics Incorporated Synaptics Touchpad Driver 131545711769833742 0xfffff8800569d000 86016 C:\windows\system32\DRIVERS\ibmpmdrv.sys 1.67.13.12 Lenovo. Lenovo Power Management Driver 131545711769833742 0xfffff880056c1000 65536 C:\windows\system32\DRIVERS\CompositeBus.sys 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Multi-Transport Composite Bus Enumerator 131545711769833742 0xfffff880056e7000 49152 C:\windows\system32\DRIVERS\ndistapi.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation NDIS 3.0 connection wrapper driver 131545711769833742 0xfffff8800577e000 126976 C:\windows\System32\Drivers\dfsc.sys 6.1.7601.23542 (win7sp1_ldr.160908-0600) Microsoft Corporation DFS Namespace Client Driver 131545711769833742 0xfffff880057ae000 90112 C:\windows\system32\DRIVERS\intelppm.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Processor Device Driver 131545711769833742 0xfffff880057e2000 110592 C:\windows\system32\DRIVERS\raspppoe.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation RAS PPPoE mini-port/call-manager driver 131545711769833742 0xfffff88005a03000 1884160 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Data\Definitions\BASHDefs\20171030.001\BHDrvx64.sys 11.3.2.9 Symantec Corporation BASH Driver 131545711769833742 0xfffff88005bf5000 45056 C:\windows\system32\DRIVERS\rdpbus.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft RDP Bus Device driver 131545711769833742 0xfffff88006276000 274432 C:\windows\system32\drivers\ks.sys 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Kernel CSA Library 131545711769833742 0xfffff880062cb000 368640 C:\windows\system32\drivers\usbhub.sys 6.1.7601.23529 (win7sp1_ldr.160816-0600) Microsoft Corporation Default Hub Driver for USB 131545711769833742 0xfffff8800633e000 86016 C:\windows\System32\Drivers\NDProxy.SYS 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation NDIS Proxy 131545711769833742 0xfffff880063a5000 344064 C:\windows\system32\DRIVERS\nwifi.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NativeWiFi Miniport Driver 131545711769833742 0xfffff88006800000 147456 C:\windows\system32\DRIVERS\HDAudBus.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation High Definition Audio Bus Driver 131545711769833742 0xfffff88006826000 11399168 C:\windows\system32\DRIVERS\nvlddmkm.sys 10.18.13.5445 NVIDIA Corporation NVIDIA Windows Kernel Mode Driver, Version 354.45 131545711769833742 0xfffff88007381000 73728 C:\windows\system32\DRIVERS\usbehci.sys 6.1.7601.23529 (win7sp1_ldr.160816-0600) Microsoft Corporation EHCI eUSB Miniport Driver 131545711769833742 0xfffff880073ea000 61440 C:\windows\system32\DRIVERS\mouclass.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Mouse Class Driver 131545711769833742 0xfffff88007600000 36864 C:\windows\system32\drivers\wmiacpi.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Management Interface for ACPI 131545711769833742 0xfffff880081c7000 143360 C:\windows\system32\DRIVERS\TeeDriverx64.sys 10.0.30.1054 Intel Corporation Intel(R) Management Engine Interface 131545711769833742 0xfffff880081f6000 20480 C:\windows\system32\DRIVERS\CmBatt.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Control Method Battery Driver 131545711769833742 0xfffff8800923e000 200704 C:\windows\system32\DRIVERS\nusb3xhc.sys 2.0.32.0 (nusb3drv.121010-1343) Renesas Electronics Corporation USB 3.0 Host Controller Driver 131545711769833742 0xfffff88009271000 8192 C:\windows\system32\drivers\swenum.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Plug and Play Software Device Enumerator 131545711769833742 0xfffff88009dc5000 53248 C:\windows\system32\DRIVERS\vwifibus.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Virtual WiFi Bus Driver 131545711769833742 0xfffff88009df0000 61440 C:\windows\system32\DRIVERS\kbdclass.sys 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Keyboard Class Driver 131545711769833742 0xfffff8800a400000 24576 C:\windows\system32\drivers\ksthunk.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Kernel Streaming WOW Thunk Service 131545711769833742 0xfffff8800a5a1000 249856 C:\windows\system32\drivers\portcls.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Port Class (Class Driver for Port/Miniport Devices) 131545711769833742 0xfffff8800a600000 86016 C:\windows\system32\DRIVERS\lltdio.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Link-Layer Topology Mapper I/O Driver 131545711769833742 0xfffff8800a628000 98304 C:\windows\system32\DRIVERS\rspndr.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Link-Layer Topology Responder Driver for NDIS 6 131545711769833742 0xfffff8800a7d7000 143360 C:\windows\system32\drivers\luafv.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation LUA File Virtualization Filter Driver 131545711769833742 0xfffff8800a809000 53248 C:\windows\system32\DRIVERS\mouhid.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation HID Mouse Filter Driver 131545711769833742 0xfffff8800a824000 57344 C:\windows\system32\DRIVERS\kbdhid.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation HID Keyboard Filter Driver 131545711769833742 0xfffff8800a83d000 831488 C:\windows\system32\DRIVERS\CAX_CNXT.sys 7.80.5.0 built by: WinDDK Conexant Systems, Inc. HSF_CNXT driver 131545711769833742 0xfffff8800a917000 49152 C:\windows\System32\drivers\Dxapi.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DirectX API Driver 131545711769833742 0xfffff8800a931000 77824 C:\windows\System32\Drivers\dump_dumpfve.sys 131545711769833742 0xfffff8800a961000 118784 C:\windows\System32\Drivers\LenovoRd.sys 4, 1, 0, 1 Lenovo Smart Card Reader Driver 131545711769833742 0xfffff8800a98a000 57344 C:\windows\System32\DRIVERS\scfilter.sys 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Smart Card Reader Filter Driver 131545711769833742 0xfffff8800a9c1000 73728 C:\windows\system32\DRIVERS\STREAM.SYS 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation WDM CODEC Class Device Driver 2.0 131545711769833742 0xfffff8800a9e1000 102400 C:\windows\system32\DRIVERS\HIDCLASS.SYS 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Hid Class Library 131545711769833742 0xfffff8800f036000 819200 C:\windows\system32\drivers\HTTP.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation HTTP Protocol Stack 131545711769833742 0xfffff8800f108000 118784 C:\windows\system32\DRIVERS\bowser.sys 6.1.7601.23567 (win7sp1_ldr.161005-0600) Microsoft Corporation NT Lan Manager Datagram Receiver Driver 131545711769833742 0xfffff8800f13d000 184320 C:\windows\system32\DRIVERS\mrxsmb.sys 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows NT SMB Minirdr 131545711769833742 0xfffff8800f1b8000 147456 C:\windows\system32\DRIVERS\mrxsmb20.sys 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Longhorn SMB 2.0 Redirector 131545711769833742 0xfffff8800f1de000 20480 C:\windows\system32\DRIVERS\mdmxsdk.sys 1.0.2.012 Conexant Diagnostic Interface x64 Driver 131545711769833742 0xfffff8801f67a000 696320 C:\windows\system32\drivers\peauth.sys 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Protected Environment Authentication and Authorization Export Driver 131545711769833742 0xfffff8801f76e000 73728 C:\windows\System32\drivers\tcpipreg.sys 6.1.7601.23496 (win7sp1_ldr.160707-0600) Microsoft Corporation TCP/IP Registry Compatibility Driver 131545711769833742 0xfffff8801f788000 425984 C:\windows\System32\DRIVERS\srv2.sys 6.1.7601.23913 (win7sp1_ldr.170907-0600) Microsoft Corporation Smb 2.0 Server driver 131545711769833742 0xfffff8801fc3f000 610304 C:\windows\System32\DRIVERS\srv.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Server driver 131545711769833742 0xfffff8801fd45000 45056 C:\windows\system32\DRIVERS\asyncmac.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MS Remote Access serial network driver 131545711769833742 0xfffff88021a26000 102400 C:\windows\system32\Drivers\PROCMON23.SYS 131545711769833742 0xfffff88021ab3000 1241088 C:\Program Files\Oracle\VirtualBox\VMMR0.r0 5.1.30.118389 Oracle Corporation VirtualBox VMM - ring-0 context parts 131545711769833742 0xfffff960000b0000 3305472 C:\windows\System32\win32k.sys 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multi-User Win32 Driver 131545711769833742 0xfffff960005e0000 40960 C:\windows\System32\TSDDD.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Framebuffer Display Driver 131545711769833742 0xfffff960006c0000 159744 C:\windows\System32\cdd.dll 6.1.7601.23809 (win7sp1_ldr.170516-0600) Microsoft Corporation Canonical Display Driver 131545711769833742 0xfffff96000870000 405504 C:\windows\System32\ATMFD.DLL 5.1 Build 252 Adobe Systems Incorporated Windows NT OpenType/Type 1 Font Driver 4 0 0 4 00000000:00000000 131545696485000000 0 4294967295 1 Idle Idle 131545711771420346 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771420346 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771420346 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771420346 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771420346 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771420346 0x13f680000 1208320 C:\Users\IBM_AD~1\AppData\Local\Temp\Procmon64.exe 3.4 Sysinternals - www.sysinternals.com Process Monitor 131545711771420346 0x7fef5650000 36864 C:\windows\system32\FLTLIB.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Filter Library 131545711771420346 0x7fef5680000 1200128 C:\windows\system32\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545711771420346 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771420346 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771420346 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771420346 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771420346 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771420346 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771420346 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771420346 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771420346 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771420346 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771420346 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771420346 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771420346 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771420346 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771420346 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771420346 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771420346 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771420346 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771420346 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771420346 0x7fefd250000 618496 C:\windows\system32\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771420346 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771420346 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771420346 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771420346 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771420346 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771420346 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771420346 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771420346 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771420346 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771420346 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771420346 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771420346 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771420346 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771420346 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771420346 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771420346 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771420346 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 5 4424 824 6 00000000:000003e7 131545698429677400 0 0 1 System NT AUTHORITY\SYSTEM SearchIndexer.exe C:\windows\system32\SearchIndexer.exe C:\windows\system32\SearchIndexer.exe /Embedding Microsoft Corporation 7.00.7600.16385 (win7_rtm.090713-1255) Microsoft Windows Search Indexer 131545711769852114 0x69d20000 2633728 C:\windows\System32\NLSLexicons0009.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft English Natural Language Server Data and Code 131545711769852114 0x6b250000 12042240 C:\windows\System32\NLSLexicons0007.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft German Natural Language Server Data and Code 131545711769852114 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711769852114 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711769852114 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711769852114 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711769852114 0x77360000 28672 C:\windows\system32\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711769852114 0xff0c0000 598016 C:\windows\system32\SearchIndexer.exe 7.00.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Search Indexer 131545711769852114 0x7fee2500000 2154496 C:\windows\System32\NLSData0007.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft German Natural Language Server Data and Code 131545711769852114 0x7fee2710000 667648 C:\windows\system32\ElsLad.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation ELS Language Detection 131545711769852114 0x7fee46a0000 6287360 C:\windows\System32\NLSData0009.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft English Natural Language Server Data and Code 131545711769852114 0x7fee4ca0000 1343488 C:\windows\System32\NaturalLanguage6.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Natural Language Development Platform 6 131545711769852114 0x7fee6fb0000 118784 C:\windows\system32\mssprxy.dll 7.00.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation Microsoft Search Proxy 131545711769852114 0x7feef3c0000 61440 C:\windows\system32\elscore.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Els Core Platform DLL 131545711769852114 0x7fef4110000 2240512 C:\windows\system32\MSSRCH.DLL 7.00.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation mssrch.dll 131545711769852114 0x7fef4340000 2334720 C:\windows\system32\TQUERY.DLL 7.00.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation tquery.dll 131545711769852114 0x7fef4860000 200704 C:\windows\system32\en-us\tQuery.dll.mui 7.00.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation tquery.dll 131545711769852114 0x7fef4b60000 2596864 C:\windows\system32\ESENT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Extensible Storage Engine for Microsoft(R) Windows(R) 131545711769852114 0x7fef4e00000 28672 C:\windows\system32\Msidle.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Idle Monitor 131545711769852114 0x7fef6a20000 94208 C:\windows\system32\VssTrace.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft® Volume Shadow Copy Service Tracing Library 131545711769852114 0x7fef7120000 1769472 C:\windows\system32\VSSAPI.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL 131545711769852114 0x7fef9f70000 81920 C:\windows\system32\samcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Security Accounts Manager Client DLL 131545711769852114 0x7fefae00000 118784 C:\windows\system32\SAMLIB.dll 6.1.7601.23677 (win7sp1_ldr.170209-0600) Microsoft Corporation SAM Library DLL 131545711769852114 0x7fefb320000 421888 C:\windows\system32\es.dll 2001.12.8530.16385 (win7_rtm.090713-1255) Microsoft Corporation COM+ 131545711769852114 0x7fefb3b0000 102400 C:\windows\system32\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711769852114 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711769852114 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711769852114 0x7fefb790000 1228800 C:\windows\system32\propsys.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711769852114 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711769852114 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711769852114 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711769852114 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711769852114 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711769852114 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711769852114 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711769852114 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711769852114 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711769852114 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711769852114 0x7fefccf0000 593920 C:\windows\system32\SXS.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711769852114 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711769852114 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711769852114 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711769852114 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711769852114 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711769852114 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711769852114 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711769852114 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711769852114 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711769852114 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711769852114 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711769852114 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711769852114 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711769852114 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711769852114 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711769852114 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711769852114 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711769852114 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711769852114 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711769852114 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711769852114 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711769852114 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711769852114 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711769852114 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711769852114 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711769852114 0x7feff480000 188416 C:\windows\system32\IMM32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 6 824 748 12 00000000:000003e7 131545696784868512 0 0 1 System NT AUTHORITY\SYSTEM services.exe C:\windows\system32\services.exe C:\windows\system32\services.exe Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Services and Controller app 131545711771422906 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771422906 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771422906 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771422906 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771422906 0xffb60000 339968 C:\windows\system32\services.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Services and Controller app 131545711771422906 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771422906 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771422906 0x7fefbea0000 233472 C:\windows\system32\UBPM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unified Background Process Manager DLL 131545711771422906 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771422906 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771422906 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771422906 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771422906 0x7fefc7c0000 143360 C:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771422906 0x7fefc810000 421888 C:\windows\system32\SCESRV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Security Configuration Editor Engine 131545711771422906 0x7fefc880000 45056 C:\windows\system32\Secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771422906 0x7fefc890000 102400 C:\windows\system32\scext.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Service Control Manager Extension DLL for non-minwin 131545711771422906 0x7fefc930000 192512 C:\windows\system32\AUTHZ.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Authorization Framework 131545711771422906 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771422906 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771422906 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771422906 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771422906 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771422906 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771422906 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771422906 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771422906 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771422906 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771422906 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771422906 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771422906 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771422906 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771422906 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771422906 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771422906 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771422906 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771422906 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 7 2720 4272 8 00000000:0019621a 131545708227274609 0 0 1 Medium USDEVR9K0NHD\sramka Explorer.EXE C:\windows\Explorer.EXE C:\windows\Explorer.EXE Microsoft Corporation 6.1.7601.23403 (win7sp1_ldr.160325-0600) Windows Explorer 131545711770957503 0x5940000 241664 C:\Program Files (x86)\Notepad++\NppShell_06.dll 0.1 ShellHandler for Notepad++ (64 bit) 131545711770957503 0x5a10000 94208 C:\Program Files\7-Zip\7-zip.dll 16.00 Igor Pavlov 7-Zip Shell Extension 131545711993924606 0x60b60000 20275200 C:\Windows\System32\imageres.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Image Resource 131545711993865638 0x61ec0000 20275200 C:\Windows\System32\imageres.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Image Resource 131545711770957503 0x69fb0000 929792 C:\windows\system32\FXSRESM.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Fax Resource DLL 131545711770957503 0x6db40000 1073152 C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\bin64\ccL120U.dll 12.12.2.10 Symantec Corporation Symantec Library 131545711770957503 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711770957503 0x6e130000 802816 C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Bin64\vpshell2.dll 12.1.7061.6600 Symantec Corporation Symantec Endpoint Protection 131545711770957503 0x6e200000 667648 C:\windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C Runtime Library 131545711770957503 0x6e2b0000 864256 C:\windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCP90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C++ Runtime Library 131545714313820924 0x6fb40000 12288 C:\Windows\System32\sfc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows File Protection 131545711770957503 0x72b10000 622592 C:\windows\system32\MSVCP100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711770957503 0x731f0000 102400 C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 3, 28, 0, 0 fzshellext Dynamic Link Library 131545711770957503 0x747f0000 176128 C:\windows\system32\ATL100.DLL 10.00.40219.325 Microsoft Corporation ATL Module for Windows 131545711770957503 0x74860000 24576 C:\windows\system32\ksuser.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation User CSA Library 131545711770957503 0x74a90000 860160 C:\windows\system32\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711770957503 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711770957503 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711770957503 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711770957503 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711770957503 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711770957503 0x77370000 12288 C:\windows\system32\normaliz.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711770957503 0xff180000 3248128 C:\windows\Explorer.EXE 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Explorer 131545711770957503 0x110000000 434176 C:\Program Files (x86)\Beyond Compare 3\BCShellEx64.dll 3.0.0.15 Scooter Software Beyond Compare 131545711770957503 0x180000000 94208 C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll 1.16.8 http://winmerge.org WinMerge Shell Integration library 131545711770957503 0x7fee0770000 15290368 C:\windows\system32\ieframe.DLL 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Browser 131545711770957503 0x7fee45d0000 36864 C:\windows\system32\SensApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SENS Connectivity API DLL 131545711770957503 0x7fee4e70000 761856 C:\Program Files\Internet Explorer\ieproxy.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation IE ActiveX Interface Marshaling Library 131545711770957503 0x7fee5d40000 643072 C:\windows\system32\FXSAPI.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Fax API Support DLL 131545711770957503 0x7fee5de0000 880640 C:\windows\system32\fxsst.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fax Service 131545711770957503 0x7fee6470000 200704 C:\windows\System32\provsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HomeGroup 131545711770957503 0x7fee64b0000 348160 C:\windows\System32\hgcpl.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation HomeGroup Control Panel 131545711770957503 0x7fee6510000 524288 C:\Windows\system32\imapi2.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Image Mastering API v2 131545711770957503 0x7fee6710000 237568 C:\windows\System32\UIAnimation.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Windows Animation Manager 131545711770957503 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711770957503 0x7fee67a0000 147456 C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll 6.5.1.2700 Broadcom Corporation. KeyBoard Hook DLL 131545711770957503 0x7fee67d0000 794624 C:\windows\System32\Actioncenter.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Action Center 131545711770957503 0x7fee68a0000 2273280 C:\windows\System32\SyncCenter.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Sync Center 131545711770957503 0x7fee6ad0000 360448 C:\windows\System32\srchadmin.dll 7.00.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Indexing Options 131545711770957503 0x7fee6b30000 282624 C:\windows\System32\QAgent.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Quarantine Agent Proxy 131545711770957503 0x7fee6b80000 258048 C:\windows\System32\cscobj.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation In-proc COM object used by clients of CSC API 131545711770957503 0x7fee6bc0000 53248 C:\windows\system32\wwapi.dll 08.01.02.00 (win7_rtm.090713-1255) Microsoft Corporation WWAN API 131545711770957503 0x7fee6bd0000 385024 C:\windows\system32\wwanapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Mbnapi 131545711770957503 0x7fee6c30000 131072 C:\windows\system32\Wlanapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows WLAN AutoConfig Client Side API DLL 131545711770957503 0x7fee6dd0000 126976 C:\windows\System32\QUtil.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Quarantine Utilities 131545711770957503 0x7fee6df0000 1822720 C:\windows\System32\pnidui.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Network System Icon 131545711770957503 0x7fee6fb0000 118784 C:\windows\system32\mssprxy.dll 7.00.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation Microsoft Search Proxy 131545711770957503 0x7fee6fd0000 233472 C:\windows\system32\PortableDeviceTypes.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Portable Device (Parameter) Types Component 131545711770957503 0x7fee7010000 131072 C:\windows\system32\wpdshserviceobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Portable Device Shell Service Object 131545711770957503 0x7fee7050000 65536 C:\windows\System32\AltTab.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Shell Alt Tab 131545711770957503 0x7fee7210000 2666496 C:\windows\System32\netshell.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Connections Shell 131545711770957503 0x7fee7650000 475136 C:\windows\system32\dxp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Device Stage Shell Extension 131545711770957503 0x7fee76d0000 430080 C:\windows\system32\prnfldr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation prnfldr dll 131545711770957503 0x7fee7740000 761856 C:\windows\system32\BatMeter.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Battery Meter Helper DLL 131545711770957503 0x7fee93e0000 811008 C:\windows\system32\MsftEdit.dll 5.41.21.2512 Microsoft Corporation Rich Text Edit Control, v4.1 131545711770957503 0x7feef610000 1687552 C:\windows\system32\NetworkExplorer.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Explorer 131545711770957503 0x7feefa70000 446464 C:\Program Files\ThinkPad\Bluetooth Software\btncopy.dll 6.5.1.2700 Broadcom Corporation. BTNCopy Module 131545711770957503 0x7feefae0000 110592 C:\windows\system32\SYNCENG.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Briefcase Engine 131545711770957503 0x7feefb00000 217088 C:\windows\system32\syncui.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Briefcase 131545711770957503 0x7feefb40000 565248 C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7061.6600.105\Bin64\srtsp64.dll 14.6.6.6 Symantec Corporation Symantec AutoProtect 131545711770957503 0x7feefc40000 278528 C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll 4.0 Sysprogs OU WinCDEmu Explorer context menu module 131545711770957503 0x7feefc90000 188416 C:\windows\system32\twext.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Previous Versions property page 131545711995325485 0x7feefcc0000 118784 C:\Windows\System32\wshext.dll 5.8.7600.16385 Microsoft Corporation Microsoft ® Shell Extension for Windows Script Host 131545711770957503 0x7feefce0000 45056 C:\windows\System32\hcproviders.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Action Center Providers 131545711770957503 0x7feefcf0000 102400 C:\windows\System32\wercplsupport.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Problem Reports and Solutions 131545711770957503 0x7feefd10000 1294336 C:\windows\System32\werconcpl.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PRS CPL 131545711770957503 0x7feefe50000 1175552 C:\windows\System32\wscui.cpl 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Action Center 131545711770957503 0x7feeff70000 77824 C:\windows\System32\WSCAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Security Center API 131545711770957503 0x7feeff90000 163840 C:\windows\System32\wscinterop.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Health Center WSC Interop 131545711770957503 0x7feeffc0000 77824 C:\windows\system32\dfscli.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT Distributed File System Client DLL 131545711770957503 0x7feeffe0000 45056 C:\Windows\system32\fdWNet.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Function Discovery WNet Provider Dll 131545711770957503 0x7fef0080000 139264 C:\windows\System32\wcnapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Connect Now - API Helper DLL 131545711770957503 0x7fef00b0000 118784 C:\windows\System32\fdwcn.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Connect Now - Config Function Discovery Provider DLL 131545711770957503 0x7fef00d0000 94208 C:\Windows\system32\fdproxy.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Function Discovery Proxy Dll 131545711770957503 0x7fef0110000 241664 C:\windows\system32\MLANG.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multi Language Support DLL 131545711770957503 0x7fef0190000 159744 C:\windows\system32\EhStorAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Enhanced Storage API 131545711770957503 0x7fef01c0000 2560000 C:\windows\system32\wpdshext.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Portable Devices Shell Extension 131545711770957503 0x7fef0440000 53248 C:\windows\system32\dtsh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Detection and Sharing Status API 131545711770957503 0x7fef0450000 69632 C:\windows\system32\NetworkItemFactory.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NetworkItem Factory 131545711770957503 0x7fef0470000 503808 C:\windows\System32\StructuredQuery.dll 7.00.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Structured Query 131545711770957503 0x7fef04f0000 380928 C:\windows\system32\zipfldr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Compressed (zipped) Folders 131545711770957503 0x7fef0550000 126976 C:\Windows\system32\thumbcache.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Thumbnail Cache 131545711770957503 0x7fef0570000 765952 C:\windows\system32\UIAutomationCore.dll 7.0.0.0 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UI Automation Core 131545711995348954 0x7fef0630000 81920 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll 5.1.50907.0 Microsoft Corporation 5.1.50907.0 131545711770957503 0x7fef0650000 520192 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Tablet PC Input Panel Text Services Framework 131545711770957503 0x7fef07a0000 2764800 C:\Windows\System32\gameux.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Games Explorer 131545711770957503 0x7fef0a50000 8900608 C:\PROGRA~1\MICROS~1\Office15\1033\GrooveIntlResource.dll 15.0.4907.1000 Microsoft Corporation Microsoft OneDrive for Business Intl Resource Module 131545711770957503 0x7fef17d0000 3268608 C:\windows\system32\msi.dll 5.0.7601.23593 Microsoft Corporation Windows Installer 131545711770957503 0x7fef1af0000 1875968 C:\windows\system32\EXPLORERFRAME.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation ExplorerFrame 131545711770957503 0x7fef2da0000 270336 C:\windows\system32\msls31.dll 3.10.349.0 Microsoft Corporation Microsoft Line Services library file 131545711770957503 0x7fef2df0000 2359296 C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL 15.0.4907.1000 Microsoft Corporation Microsoft OneDrive for Business Extensions 131545711770957503 0x7fef4580000 974848 C:\Windows\system32\actxprxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ActiveX Interface Marshaling Library 131545711770957503 0x7fef4670000 536576 C:\windows\system32\timedate.cpl 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Time Date Control Panel Applet 131545711995341091 0x7fef47d0000 45056 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Crypto SIP provider for signing and verifying PowerShell script files (.ps1/.ps1xml) 131545711770957503 0x7fef47e0000 16384 C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711770957503 0x7fef47f0000 212992 C:\windows\System32\shdocvw.dll 6.1.7601.23896 (win7sp1_ldr.170819-0600) Microsoft Corporation Shell Doc Object and Control Library 131545711770957503 0x7fef4ef0000 516096 C:\windows\System32\cscui.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Client Side Caching UI 131545711770957503 0x7fef5370000 208896 C:\Windows\system32\FunDisc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Function Discovery Dll 131545711770957503 0x7fef5460000 61440 C:\windows\system32\CSCAPI.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Offline Files Win32 API 131545711770957503 0x7fef54d0000 217088 C:\windows\system32\EhStorShell.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Enhanced Storage Shell Extension DLL 131545711770957503 0x7fef5660000 73728 C:\windows\system32\browcli.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Browser Service Client DLL 131545711770957503 0x7fef5880000 311296 C:\windows\System32\framedynos.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI SDK Provider Framework 131545714313082796 0x7fef5a80000 81920 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll 5.1.50907.0 Microsoft Corporation 5.1.50907.0 131545714313058221 0x7fef5aa0000 118784 C:\Windows\System32\wshext.dll 5.8.7600.16385 Microsoft Corporation Microsoft ® Shell Extension for Windows Script Host 131545714313038527 0x7fef5ac0000 45056 C:\Windows\System32\msisip.dll 5.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSI Signature SIP Provider 131545711770957503 0x7fef5b30000 774144 C:\windows\system32\PortableDeviceApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Portable Device API Components 131545711770957503 0x7fef5c70000 69632 C:\Program Files\Windows Defender\MpOav.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation IOfficeAntiVirus Module 131545711770957503 0x7fef5d80000 49152 C:\windows\System32\npmproxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network List Manager Proxy 131545711770957503 0x7fef5d90000 512000 C:\Windows\System32\wer.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Error Reporting DLL 131545711770957503 0x7fef6210000 475136 C:\windows\System32\netprofm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network List Manager 131545711770957503 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711770957503 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545714313832935 0x7fef6ff0000 65536 C:\Windows\System32\sfc_os.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows File Protection 131545711770957503 0x7fef72d0000 159744 C:\windows\system32\cryptnet.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto Network Related API 131545711770957503 0x7fef8410000 36864 C:\windows\system32\msiltcfg.dll 5.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Installer Configuration API Stub 131545711770957503 0x7fef88b0000 2035712 C:\windows\System32\msxml6.dll 6.30.7601.23403 Microsoft Corporation MSXML 6.0 SP3 131545711770957503 0x7fef8af0000 28672 C:\windows\system32\wlanutil.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Wireless LAN 802.11 Utility DLL 131545711770957503 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711770957503 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711770957503 0x7fef8ed0000 339968 C:\windows\System32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711770957503 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711770957503 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711770957503 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711770957503 0x7fef9870000 45056 C:\windows\System32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711770957503 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711770957503 0x7fef99b0000 159744 C:\windows\System32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711770957503 0x7fef9f20000 274432 C:\windows\system32\stobject.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Systray shell service object 131545711770957503 0x7fef9f70000 81920 C:\windows\system32\samcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Security Accounts Manager Client DLL 131545711770957503 0x7fef9fa0000 45056 C:\Windows\ehome\ehSSO.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Media Center Shell Service Object 131545711770957503 0x7fefa040000 344064 C:\windows\system32\OLEACC.dll 7.0.0.0 (win7sp1_ldr.160325-0600) Microsoft Corporation Active Accessibility Core Component 131545711770957503 0x7fefa0a0000 462848 C:\windows\system32\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711770957503 0x7fefa390000 32768 C:\windows\system32\WINBRAND.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Branding Resources 131545711770957503 0x7fefa3a0000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711770957503 0x7fefa410000 1445888 C:\windows\system32\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545714313074243 0x7fefa580000 45056 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Crypto SIP provider for signing and verifying PowerShell script files (.ps1/.ps1xml) 131545711770957503 0x7fefa590000 49152 C:\windows\system32\LINKINFO.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Volume Tracking 131545711770957503 0x7fefa5a0000 32768 C:\windows\system32\IconCodecService.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Converts a PNG part of the icon to a legacy bmp icon 131545711770957503 0x7fefa620000 40960 C:\windows\System32\DAVHLPR.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DAV Helper DLL 131545711770957503 0x7fefa630000 49152 C:\windows\System32\CSCDLL.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Offline Files Temporary Shim 131545711770957503 0x7fefa640000 122880 C:\windows\System32\davclnt.dll 6.1.7601.23542 (win7sp1_ldr.160908-0600) Microsoft Corporation Web DAV Client DLL 131545711770957503 0x7fefa660000 139264 C:\windows\System32\ntlanman.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft® Lan Manager 131545711770957503 0x7fefa690000 40960 C:\windows\System32\drprov.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Remote Desktop Session Host Server Network Provider 131545711770957503 0x7fefa6a0000 98304 C:\windows\system32\MPR.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545711770957503 0x7fefa710000 212992 C:\windows\system32\xmllite.dll 1.3.1001.0 Microsoft Corporation Microsoft XmlLite Library 131545711770957503 0x7fefa780000 90112 C:\windows\system32\Syncreg.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft Synchronization Framework Registration 131545711770957503 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711770957503 0x7fefa870000 241664 C:\windows\system32\SndVolSSO.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SCA Volume 131545711770957503 0x7fefa8b0000 36864 C:\windows\system32\midimap.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft MIDI Mapper 131545711770957503 0x7fefa8c0000 274432 C:\windows\system32\DUser.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows DirectUser Engine 131545711770957503 0x7fefa910000 98304 C:\windows\system32\MSACM32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft ACM Audio Filter 131545711770957503 0x7fefa930000 40960 C:\windows\system32\msacm32.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Sound Mapper 131545711770957503 0x7fefa940000 323584 C:\windows\system32\AUDIOSES.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Audio Session 131545711770957503 0x7fefaa00000 991232 C:\windows\system32\DUI70.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows DirectUI Engine 131545711770957503 0x7fefab00000 241664 C:\windows\system32\wdmaud.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winmm audio system driver 131545711770957503 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711770957503 0x7fefab80000 2191360 C:\windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_145eb2808b8d6928\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711770957503 0x7fefada0000 352256 C:\windows\system32\UxTheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711770957503 0x7fefae00000 118784 C:\windows\system32\SAMLIB.dll 6.1.7601.23677 (win7sp1_ldr.170209-0600) Microsoft Corporation SAM Library DLL 131545711770957503 0x7fefae20000 147456 C:\windows\System32\shacct.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Shell Accounts Classes 131545711770957503 0x7fefae50000 1089536 C:\windows\system32\CRYPTUI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft Trust UI Provider 131545711770957503 0x7fefaf60000 1957888 C:\windows\system32\authui.dll 6.1.7601.23593 (win7sp1_ldr.161109-0600) Microsoft Corporation Windows Authentication UI 131545711770957503 0x7fefb190000 1208320 C:\Windows\system32\taskschd.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler COM API 131545711770957503 0x7fefb2e0000 45056 C:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711770957503 0x7fefb320000 421888 C:\windows\system32\es.dll 2001.12.8530.16385 (win7_rtm.090713-1255) Microsoft Corporation COM+ 131545711770957503 0x7fefb3b0000 102400 C:\windows\system32\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711770957503 0x7fefb3d0000 86016 C:\windows\System32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711770957503 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711770957503 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711770957503 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711770957503 0x7fefb630000 36864 C:\windows\system32\AVRT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545711770957503 0x7fefb780000 16384 C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711770957503 0x7fefb790000 1228800 C:\windows\system32\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711770957503 0x7fefb8c0000 307200 C:\windows\System32\MMDevApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545711770957503 0x7fefbb60000 770048 C:\windows\system32\FirewallAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711770957503 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711770957503 0x7fefbd00000 180224 C:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711770957503 0x7fefbd30000 45056 C:\windows\system32\HID.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Hid User Library 131545711770957503 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711770957503 0x7fefbdb0000 73728 C:\windows\system32\DEVRTL.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711770957503 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711770957503 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711770957503 0x7fefc0e0000 741376 C:\Windows\System32\bthprops.cpl 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Bluetooth Control Panel Applet 131545711770957503 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711770957503 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711770957503 0x7fefc280000 28672 C:\windows\system32\MSIMG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545711770957503 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711770957503 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711770957503 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711770957503 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711770957503 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711770957503 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711770957503 0x7fefc7c0000 143360 C:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711770957503 0x7fefc880000 45056 C:\windows\system32\Secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711770957503 0x7fefc8b0000 139264 C:\windows\System32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711770957503 0x7fefc8e0000 327680 C:\windows\system32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711770957503 0x7fefc970000 446464 C:\windows\System32\wevtapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eventing Consumption and Configuration API 131545711770957503 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711770957503 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711770957503 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711770957503 0x7fefccf0000 593920 C:\windows\system32\SXS.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711770957503 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711770957503 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711770957503 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711770957503 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711770957503 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711770957503 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711770957503 0x7fefced0000 12288 C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711770957503 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711770957503 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711770957503 0x7fefcf40000 20480 C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711770957503 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711770957503 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711770957503 0x7fefd100000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711770957503 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711770957503 0x7fefd180000 16384 C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711770957503 0x7fefd190000 16384 C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711770957503 0x7fefd1a0000 16384 C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545714313061325 0x7fefd250000 618496 C:\Windows\System32\comdlg32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711770957503 0x7fefd2f0000 2928640 C:\windows\system32\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711770957503 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711770957503 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711770957503 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711770957503 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711770957503 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711770957503 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711770957503 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711770957503 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711770957503 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711770957503 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711770957503 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711770957503 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711770957503 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711770957503 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711770957503 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711770957503 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711770957503 0x7fefed60000 1593344 C:\Windows\system32\urlmon.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation OLE32 Extensions for Win32 131545711770957503 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711770957503 0x7fefef50000 3280896 C:\windows\system32\WININET.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711770957503 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711770957503 0x7feff480000 188416 C:\windows\system32\IMM32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 9 456 4 3 00000000:000003e7 131545696655232284 0 0 1 System NT AUTHORITY\SYSTEM smss.exe C:\windows\System32\smss.exe \SystemRoot\System32\smss.exe Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Windows Session Manager 131545711771421125 0x47c60000 131072 C:\windows\System32\smss.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Session Manager 131545711771421125 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 10 632 532 11 00000000:000003e7 131545696727928412 0 0 1 System NT AUTHORITY\SYSTEM csrss.exe C:\windows\system32\csrss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Client Server Runtime Process 131545711771421604 0x498e0000 24576 C:\windows\system32\csrss.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Client Server Runtime Process 131545711771421604 0x76f80000 1175552 C:\windows\SYSTEM32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771421604 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771421604 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771421604 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771421604 0x7fefccf0000 593920 C:\windows\system32\sxs.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711771421604 0x7fefce00000 49152 C:\windows\system32\sxssrv.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows SxS Server DLL 131545711771421604 0x7fefce10000 233472 C:\windows\system32\winsrv.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multi-User Windows Server DLL 131545711771421604 0x7fefce50000 69632 C:\windows\system32\basesrv.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Server DLL 131545711771421604 0x7fefce70000 77824 C:\windows\system32\CSRSRV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Client Server Runtime Process 131545711771421604 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771421604 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771421604 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771421604 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771421604 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771421604 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771421604 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771421604 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 12 748 532 11 00000000:000003e7 131545696775976496 0 0 1 System NT AUTHORITY\SYSTEM wininit.exe C:\windows\system32\wininit.exe wininit.exe Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Windows Start-Up Application 131545711771422182 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771422182 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771422182 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771422182 0xff560000 143360 C:\windows\system32\wininit.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Start-Up Application 131545711771422182 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771422182 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771422182 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771422182 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771422182 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771422182 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771422182 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771422182 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771422182 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771422182 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771422182 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771422182 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771422182 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771422182 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771422182 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771422182 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771422182 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771422182 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771422182 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771422182 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771422182 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771422182 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771422182 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771422182 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 13 772 756 14 00000000:000003e7 131545696776288497 0 0 1 System NT AUTHORITY\SYSTEM csrss.exe C:\windows\system32\csrss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Client Server Runtime Process 131545711771422546 0x498e0000 24576 C:\windows\system32\csrss.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Client Server Runtime Process 131545711771422546 0x76f80000 1175552 C:\windows\SYSTEM32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771422546 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771422546 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771422546 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771422546 0x7fefccf0000 593920 C:\windows\system32\sxs.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711771422546 0x7fefce00000 49152 C:\windows\system32\sxssrv.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows SxS Server DLL 131545711771422546 0x7fefce10000 233472 C:\windows\system32\winsrv.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multi-User Windows Server DLL 131545711771422546 0x7fefce50000 69632 C:\windows\system32\basesrv.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Server DLL 131545711771422546 0x7fefce70000 77824 C:\windows\system32\CSRSRV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Client Server Runtime Process 131545711771422546 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771422546 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771422546 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771422546 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771422546 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771422546 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771422546 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771422546 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 15 848 748 12 00000000:000003e7 131545696786116514 0 0 1 System NT AUTHORITY\SYSTEM lsass.exe C:\windows\system32\lsass.exe C:\windows\system32\lsass.exe Microsoft Corporation 6.1.7601.23915 (win7sp1_ldr.170913-0600) Local Security Authority Process 131545711771423265 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771423265 0x74a90000 860160 C:\windows\system32\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771423265 0x74b70000 8192 C:\windows\system32\msprivs.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Privilege Translations 131545711771423265 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771423265 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771423265 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771423265 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771423265 0xffe20000 49152 C:\windows\system32\lsass.exe 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Local Security Authority Process 131545711771423265 0x7fee65d0000 90112 C:\windows\system32\certpoleng.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Certificate Policy Engine 131545711771423265 0x7fef5420000 204800 C:\windows\system32\dssenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider 131545711771423265 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771423265 0x7fef6a40000 49152 C:\windows\system32\EFSUTIL.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation EFS Utility Library 131545711771423265 0x7fef6bb0000 319488 C:\windows\system32\EFSCORE.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation EFS Core Library 131545711771423265 0x7fef6c50000 53248 C:\windows\system32\efssvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation EFS Service 131545711771423265 0x7fef8ed0000 339968 C:\windows\System32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771423265 0x7fef8fd0000 45056 C:\windows\system32\keyiso.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation CNG Key Isolation Service 131545711771423265 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771423265 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771423265 0x7fefb2e0000 45056 C:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771423265 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771423265 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771423265 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771423265 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771423265 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771423265 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771423265 0x7fefc0e0000 741376 C:\windows\system32\bthprops.cpl 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Bluetooth Control Panel Applet 131545711771423265 0x7fefc1a0000 212992 C:\windows\system32\credui.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Credential Manager User Interface 131545711771423265 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771423265 0x7fefc200000 172032 C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll 6.4.0.640 Broadcom Corporation. BtwProximityCP DLL 131545711771423265 0x7fefc230000 253952 C:\windows\system32\scecli.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Security Configuration Editor Client Engine 131545711771423265 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771423265 0x7fefc280000 28672 C:\windows\system32\MSIMG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545711771423265 0x7fefc290000 73728 C:\windows\system32\efslsaext.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation LSA extension for EFS 131545711771423265 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771423265 0x7fefc300000 282624 C:\windows\system32\pku2u.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Pku2u Security Package 131545711771423265 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771423265 0x7fefc3a0000 221184 C:\windows\system32\wdigest.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Microsoft Digest Access 131545711771423265 0x7fefc3e0000 360448 C:\windows\system32\schannel.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation TLS / SSL Security Provider 131545711771423265 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771423265 0x7fefc580000 335872 C:\windows\system32\msv1_0.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Authentication Package v1.0 131545711771423265 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771423265 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771423265 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771423265 0x7fefc670000 753664 C:\windows\system32\kerberos.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Kerberos Security Package 131545711771423265 0x7fefc730000 147456 C:\windows\system32\negoexts.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NegoExtender Security Package 131545711771423265 0x7fefc760000 204800 C:\windows\system32\netjoin.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Domain Join DLL 131545711771423265 0x7fefc7a0000 102400 C:\windows\system32\tspkg.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Web Service Security Package 131545711771423265 0x7fefc880000 45056 C:\windows\system32\Secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771423265 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771423265 0x7fefc930000 192512 C:\windows\system32\AUTHZ.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Authorization Framework 131545711771423265 0x7fefc960000 36864 C:\windows\system32\cngaudit.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Cryptographic Next Generation audit library 131545711771423265 0x7fefc970000 446464 C:\windows\system32\wevtapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eventing Consumption and Configuration API 131545711771423265 0x7fefc9e0000 81920 C:\windows\system32\cryptdll.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Cryptography Manager 131545711771423265 0x7fefca00000 790528 C:\windows\system32\SAMSRV.dll 6.1.7601.23716 (win7sp1_ldr.170309-0600) Microsoft Corporation SAM Server DLL 131545711771423265 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771423265 0x7fefcb00000 1482752 C:\windows\system32\lsasrv.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation LSA Server DLL 131545711771423265 0x7fefcc70000 45056 C:\windows\system32\SspiSrv.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation LSA SSPI RPC interface DLL 131545711771423265 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771423265 0x7fefcce0000 61440 C:\windows\system32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771423265 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771423265 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771423265 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771423265 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771423265 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771423265 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771423265 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771423265 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771423265 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771423265 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771423265 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771423265 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771423265 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771423265 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771423265 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771423265 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771423265 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771423265 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771423265 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771423265 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771423265 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771423265 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771423265 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771423265 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771423265 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771423265 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771423265 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 16 856 748 12 00000000:000003e7 131545696786428515 0 0 1 System NT AUTHORITY\SYSTEM lsm.exe C:\windows\system32\lsm.exe C:\windows\system32\lsm.exe Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Local Session Manager Service 131545711771423620 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771423620 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771423620 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771423620 0xffec0000 356352 C:\windows\system32\lsm.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Local Session Manager Service 131545711771423620 0x7fefbd50000 53248 C:\windows\system32\pcwum.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Performance Counters for Windows Native DLL 131545711771423620 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771423620 0x7fefc7f0000 32768 C:\windows\system32\WMsgAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WinLogon IPC Client 131545711771423620 0x7fefc800000 40960 C:\windows\system32\SYSNTFY.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Notifications Dynamic Link Library 131545711771423620 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771423620 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771423620 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771423620 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771423620 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771423620 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771423620 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771423620 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771423620 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 17 948 756 14 00000000:000003e7 131545696790796522 0 0 1 System NT AUTHORITY\SYSTEM winlogon.exe C:\windows\system32\winlogon.exe winlogon.exe Microsoft Corporation 6.1.7601.17514 (win7sp1_rtm.101119-1850) Windows Logon Application 131545711771424091 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771424091 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771424091 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771424091 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771424091 0xff4c0000 466944 C:\windows\system32\winlogon.exe 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Logon Application 131545711771424091 0x7fef5460000 61440 C:\windows\system32\cscapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Offline Files Win32 API 131545711771424091 0x7fef9e10000 40960 C:\windows\system32\UXINIT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows User Experience Session Initialization Dll 131545711771424091 0x7fefa410000 1445888 C:\windows\system32\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545711771424091 0x7fefa620000 40960 C:\windows\System32\DAVHLPR.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DAV Helper DLL 131545711771424091 0x7fefa640000 122880 C:\windows\System32\davclnt.dll 6.1.7601.23542 (win7sp1_ldr.160908-0600) Microsoft Corporation Web DAV Client DLL 131545711771424091 0x7fefa660000 139264 C:\windows\System32\ntlanman.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft® Lan Manager 131545711771424091 0x7fefa690000 40960 C:\windows\System32\drprov.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Remote Desktop Session Host Server Network Provider 131545711771424091 0x7fefa6a0000 98304 C:\windows\system32\MPR.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545711771424091 0x7fefada0000 352256 C:\windows\system32\UxTheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771424091 0x7fefb2e0000 45056 C:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771424091 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771424091 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771424091 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771424091 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771424091 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771424091 0x7fefc760000 204800 C:\windows\system32\netjoin.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Domain Join DLL 131545711771424091 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771424091 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771424091 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771424091 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771424091 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771424091 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771424091 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771424091 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771424091 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771424091 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771424091 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771424091 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771424091 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771424091 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771424091 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771424091 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771424091 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771424091 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 18 1008 824 6 00000000:000003e7 131545696812168560 0 0 1 System NT AUTHORITY\SYSTEM svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k DcomLaunch Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771424451 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771424451 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771424451 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771424451 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711992908726 0xff730000 28672 C:\Windows\System32\dllhost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation COM Surrogate 131545711771424451 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771424451 0x7fef6c80000 155648 C:\windows\system32\wbem\wmiutils.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771424451 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771424451 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771424451 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771424451 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771424451 0x7fef9880000 925696 C:\windows\system32\wbem\FastProx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771424451 0x7fef9970000 204800 C:\windows\system32\wbem\wmidcprv.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771424451 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771424451 0x7fefbc50000 528384 c:\windows\system32\rpcss.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Distributed COM Services 131545711771424451 0x7fefbd50000 53248 C:\windows\system32\pcwum.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Performance Counters for Windows Native DLL 131545711771424451 0x7fefbd60000 184320 c:\windows\system32\umpo.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User-mode Power Service 131545711771424451 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771424451 0x7fefbdb0000 73728 c:\windows\system32\DEVRTL.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771424451 0x7fefbdd0000 126976 c:\windows\system32\SPINF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows SPINF 131545711771424451 0x7fefbdf0000 417792 c:\windows\system32\umpnpmgr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User-mode Plug-and-Play Service 131545711771424451 0x7fefbe60000 249856 c:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771424451 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771424451 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771424451 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771424451 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771424451 0x7fefcad0000 151552 c:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771424451 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771424451 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771424451 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771424451 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771424451 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771424451 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771424451 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771424451 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771424451 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771424451 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771424451 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771424451 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771424451 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771424451 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771424451 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771424451 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771424451 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771424451 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771424451 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771424451 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771424451 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771424451 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771424451 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771424451 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771424451 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771424451 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771424451 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771424451 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771424451 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 19 652 824 6 00000000:000003e7 131545696814820565 0 0 1 System NT AUTHORITY\SYSTEM ibmpmsvc.exe C:\windows\system32\ibmpmsvc.exe C:\windows\system32\ibmpmsvc.exe Lenovo. 1.67.13.12 Lenovo Power Management Service 131545711771424815 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771424815 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771424815 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771424815 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771424815 0x13f9d0000 933888 C:\windows\system32\ibmpmsvc.exe 1.67.13.12 Lenovo. Lenovo Power Management Service 131545711771424815 0x7fefbd40000 12288 C:\windows\system32\api-ms-win-core-synch-l1-2-0.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771424815 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771424815 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771424815 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771424815 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771424815 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771424815 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771424815 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771424815 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771424815 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771424815 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771424815 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771424815 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771424815 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771424815 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771424815 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771424815 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771424815 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771424815 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771424815 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771424815 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771424815 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771424815 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 20 700 824 6 00000000:000003e7 131545696816536568 0 0 1 System NT AUTHORITY\SYSTEM LPlatSvc.exe C:\windows\system32\LPlatSvc.exe C:\windows\system32\LPlatSvc.exe Lenovo. 1.67.13.12 Lenovo Platform Service 131545711771425170 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771425170 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771425170 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771425170 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771425170 0x13f4f0000 778240 C:\windows\system32\LPlatSvc.exe 1.67.13.12 Lenovo. Lenovo Platform Service 131545711771425170 0x7fefbd00000 180224 C:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771425170 0x7fefbd30000 45056 C:\windows\system32\HID.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Hid User Library 131545711771425170 0x7fefbd40000 12288 C:\windows\system32\api-ms-win-core-synch-l1-2-0.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771425170 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771425170 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771425170 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771425170 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771425170 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771425170 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771425170 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771425170 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771425170 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771425170 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771425170 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771425170 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771425170 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771425170 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771425170 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771425170 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771425170 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771425170 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771425170 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771425170 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771425170 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771425170 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771425170 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771425170 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771425170 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771425170 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771425170 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771425170 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 21 504 824 6 00000000:000003e7 131545696817472569 0 0 1 System NT AUTHORITY\SYSTEM nvvsvc.exe C:\windows\system32\nvvsvc.exe "C:\windows\system32\nvvsvc.exe" NVIDIA Corporation 8.17.13.5445 NVIDIA Driver Helper Service, Version 354.45 131545711771425525 0x74320000 1372160 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll 8.17.13.5445 NVIDIA Corporation NVIDIA User Experience Driver Component 131545711771425525 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771425525 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771425525 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771425525 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771425525 0x13fab0000 1269760 C:\windows\system32\nvvsvc.exe 8.17.13.5445 NVIDIA Corporation NVIDIA Driver Helper Service, Version 354.45 131545711771425525 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771425525 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771425525 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771425525 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771425525 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771425525 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771425525 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771425525 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771425525 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771425525 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771425525 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771425525 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771425525 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771425525 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771425525 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771425525 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771425525 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771425525 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771425525 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771425525 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771425525 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771425525 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771425525 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771425525 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771425525 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771425525 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771425525 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771425525 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771425525 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771425525 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771425525 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771425525 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 22 908 824 6 00000000:000003e7 131545696818252571 0 0 1 System NT AUTHORITY\SYSTEM nvwmi64.exe C:\windows\system32\nvwmi64.exe "C:\windows\system32\nvwmi64.exe" 131545711771425885 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771425885 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771425885 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771425885 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771425885 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771425885 0x13fe10000 3227648 C:\windows\system32\nvwmi64.exe 131545711771425885 0x7fefbce0000 110592 C:\windows\system32\Cabinet.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft® Cabinet File API 131545711771425885 0x7fefbd50000 53248 C:\windows\system32\pcwum.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Performance Counters for Windows Native DLL 131545711771425885 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771425885 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771425885 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771425885 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771425885 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771425885 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771425885 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771425885 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771425885 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771425885 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771425885 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771425885 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771425885 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771425885 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771425885 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771425885 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771425885 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771425885 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771425885 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771425885 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771425885 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 23 1040 824 6 00000000:000003e7 131545696819500573 0 0 0 System NT AUTHORITY\SYSTEM nvSCPAPISvr.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" NVIDIA Corporation 7.17.13.5445 Stereo Vision Control Panel API Server 131545711771426249 0x8d0000 442368 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 7.17.13.5445 NVIDIA Corporation Stereo Vision Control Panel API Server 131545713659001113 0x10000000 3956736 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll 7.17.13.5445 NVIDIA Corporation NVIDIA 3D Vision Module Resource DLL 131545713658981795 0x6e4b0000 81920 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll 1.0.0.36 NVIDIA Corporation TV's white list 131545713658975246 0x6e4d0000 81920 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll 1.0.0.36 NVIDIA Corporation TV's white list 131545711771426249 0x74870000 86016 C:\windows\SysWOW64\SPINF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows SPINF 131545711771426249 0x74890000 57344 C:\windows\SysWOW64\DEVRTL.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771426249 0x748a0000 135168 C:\windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771426249 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771426249 0x74900000 331776 C:\windows\SysWOW64\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771426249 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771426249 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771426249 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771426249 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771426249 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771426249 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771426249 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771426249 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771426249 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771426249 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771426249 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771426249 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771426249 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771426249 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771426249 0x754f0000 282624 C:\windows\syswow64\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771426249 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771426249 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771426249 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771426249 0x75830000 192512 C:\windows\syswow64\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771426249 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771426249 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771426249 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771426249 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771426249 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771426249 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771426249 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 24 1072 824 6 00000000:000003e4 131545696822932579 0 0 1 System NT AUTHORITY\NETWORK SERVICE svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k RPCSS Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771426608 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771426608 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771426608 0x770a0000 1024000 C:\windows\system32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771426608 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771426608 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771426608 0x7fef8ed0000 339968 C:\windows\system32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771426608 0x7fefbb60000 770048 C:\windows\system32\FirewallAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711771426608 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771426608 0x7fefbc30000 81920 c:\windows\system32\rpcepmap.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation RPC Endpoint Mapper 131545711771426608 0x7fefbc50000 528384 c:\windows\system32\rpcss.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Distributed COM Services 131545711771426608 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771426608 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771426608 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771426608 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771426608 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771426608 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771426608 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771426608 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771426608 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771426608 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771426608 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771426608 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771426608 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771426608 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771426608 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771426608 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771426608 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771426608 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771426608 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771426608 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771426608 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771426608 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771426608 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771426608 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771426608 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771426608 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771426608 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771426608 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 25 1216 824 6 00000000:000003e5 131545696825272583 0 0 1 System NT AUTHORITY\LOCAL SERVICE svchost.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545714595542654 0x6a580000 2093056 C:\Windows\System32\FMAPO64.dll 43.06.0E.41 built by: WinDDK Fortemedia Corporation Fortemedia SAMSoft sAPO 131545711771426972 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545714595060819 0x744b0000 1957888 C:\Windows\System32\CX64AP73.dll 4.80.73.0 Conexant Systems Inc. Conexant Audio Processing Objects 131545711771426972 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771426972 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771426972 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771426972 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771426972 0xffac0000 45056 C:\windows\System32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545714595323451 0x7feef180000 1605632 C:\Windows\System32\WMALFXGFXDSP.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation SysFx DSP 131545714595333904 0x7feef430000 446464 C:\Windows\System32\mfplat.dll 12.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Media Foundation Platform DLL 131545714595557062 0x7feef4a0000 462848 C:\Windows\System32\AudioEng.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Audio Engine 131545711771426972 0x7fef4700000 724992 C:\Windows\system32\wuapi.dll 7.6.7601.23806 (win7sp1_ldr.170510-0600) Microsoft Corporation Windows Update Client API 131545711771426972 0x7fef5300000 114688 c:\windows\system32\wscsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Security Center Service 131545711771426972 0x7fef5680000 1200128 c:\windows\system32\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545711771426972 0x7fef5c30000 45056 C:\windows\System32\winrnr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation LDAP RnR Provider DLL 131545711771426972 0x7fef5c60000 65536 C:\windows\system32\wshbth.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Sockets Helper DLL 131545711771426972 0x7fef5c90000 102400 C:\windows\system32\pnrpnsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PNRP Name Space Provider 131545711771426972 0x7fef5cb0000 86016 C:\windows\system32\napinsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation E-mail Naming Shim Provider 131545711771426972 0x7fef6700000 32768 C:\windows\System32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771426972 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771426972 0x7fef8dc0000 241664 C:\windows\System32\dhcpcore6.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771426972 0x7fef8e00000 331776 c:\windows\system32\dhcpcore.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771426972 0x7fef8e80000 98304 C:\windows\System32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771426972 0x7fef8ea0000 69632 C:\windows\System32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771426972 0x7fef8ed0000 339968 C:\windows\System32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771426972 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771426972 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771426972 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771426972 0x7fef9860000 32768 c:\windows\system32\nrpsrv.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Name Resolution Proxy (NRP) RPC interface 131545711771426972 0x7fef9870000 45056 c:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771426972 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771426972 0x7fef99b0000 159744 c:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771426972 0x7fef99e0000 40960 c:\windows\system32\lmhsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation TCPIP NetBios Transport Services DLL 131545711771426972 0x7fefa940000 323584 C:\windows\System32\audioses.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Audio Session 131545714595071499 0x7fefab40000 241664 C:\Windows\System32\winmm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771426972 0x7fefb3d0000 86016 C:\windows\system32\NLAapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771426972 0x7fefb3f0000 86016 C:\windows\System32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771426972 0x7fefb410000 49152 C:\windows\System32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771426972 0x7fefb600000 184320 C:\windows\System32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771426972 0x7fefb630000 36864 c:\windows\system32\AVRT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545711771426972 0x7fefb790000 1228800 c:\windows\system32\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771426972 0x7fefb8c0000 307200 c:\windows\system32\MMDevAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545711771426972 0x7fefb910000 704512 c:\windows\system32\audiosrv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Audio Service 131545711771426972 0x7fefb9c0000 1675264 c:\windows\system32\wevtsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Event Logging Service 131545711771426972 0x7fefbb60000 770048 C:\windows\System32\firewallapi.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711771426972 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771426972 0x7fefbce0000 110592 C:\Windows\system32\Cabinet.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft® Cabinet File API 131545711771426972 0x7fefbd00000 180224 c:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771426972 0x7fefbd90000 110592 C:\windows\System32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771426972 0x7fefbe60000 249856 C:\windows\System32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771426972 0x7fefc270000 40960 C:\windows\System32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771426972 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771426972 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771426972 0x7fefc470000 372736 c:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771426972 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771426972 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771426972 0x7fefc650000 98304 C:\windows\System32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771426972 0x7fefc880000 45056 C:\windows\System32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771426972 0x7fefc8b0000 139264 C:\windows\System32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771426972 0x7fefc8e0000 327680 C:\windows\System32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771426972 0x7fefcad0000 151552 C:\windows\System32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771426972 0x7fefcce0000 61440 C:\windows\System32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771426972 0x7fefcd90000 81920 C:\windows\System32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771426972 0x7fefcdb0000 49152 C:\windows\System32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771426972 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771426972 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771426972 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771426972 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771426972 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771426972 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.DLL 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771426972 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771426972 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771426972 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771426972 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771426972 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771426972 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771426972 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771426972 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771426972 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714595545929 0x7fefda10000 14196736 C:\Windows\System32\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771426972 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771426972 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771426972 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771426972 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771426972 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771426972 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771426972 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771426972 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771426972 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771426972 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771426972 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771426972 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 26 1256 824 6 00000000:000003e7 131545696826520585 0 0 1 System NT AUTHORITY\SYSTEM svchost.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771427340 0x6fb40000 12288 c:\windows\system32\sfc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows File Protection 131545711771427340 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771427340 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771427340 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771427340 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771427340 0xffac0000 45056 C:\windows\System32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771427340 0x7fee6b80000 258048 C:\windows\system32\cscobj.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation In-proc COM object used by clients of CSC API 131545711771427340 0x7fee6c50000 237568 C:\windows\System32\MPRAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows NT MP Router Administration DLL 131545711771427340 0x7fee6c90000 884736 C:\windows\System32\RASDLG.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access Common Dialog API 131545711771427340 0x7fee6d70000 376832 c:\windows\system32\netman.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Connections Manager 131545711771427340 0x7fee7210000 2666496 C:\windows\System32\netshell.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Connections Shell 131545711771427340 0x7fef5b10000 94208 C:\Windows\System32\portabledeviceconnectapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Portable Device Connection API Components 131545711771427340 0x7fef5b30000 774144 C:\windows\system32\PortableDeviceApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Portable Device API Components 131545711771427340 0x7fef5bf0000 49152 C:\windows\SYSTEM32\APPHLPDM.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Help Module 131545711771427340 0x7fef5d50000 57344 c:\windows\system32\hidserv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation HID Service 131545711771427340 0x7fef5d90000 512000 C:\windows\System32\wer.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Error Reporting DLL 131545711771427340 0x7fef6050000 102400 c:\windows\system32\wdi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Diagnostic Infrastructure 131545711771427340 0x7fef6cb0000 237568 c:\windows\system32\AEPIC.dll 10.0.15156.1008 (WinBuild.160101.0800) Microsoft Corporation Application Experience Program Cache 131545711771427340 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771427340 0x7fef6d20000 139264 c:\windows\system32\trkwks.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Distributed Link Tracking Client 131545711771427340 0x7fef6d90000 1761280 c:\windows\system32\sysmain.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Superfetch Service Host 131545711771427340 0x7fef7000000 208896 c:\windows\system32\pcasvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Program Compatibility Assistant Service 131545711771427340 0x7fef8580000 540672 C:\Windows\system32\netcfgx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Configuration Objects 131545711771427340 0x7fef88b0000 2035712 C:\windows\System32\msxml6.dll 6.30.7601.23403 Microsoft Corporation MSXML 6.0 SP3 131545711771427340 0x7fef8ab0000 233472 c:\windows\system32\WinSCard.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Smart Card API 131545711771427340 0x7fef8af0000 28672 c:\windows\system32\wlanutil.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Wireless LAN 802.11 Utility DLL 131545711771427340 0x7fef8b00000 86016 c:\windows\system32\l2gpstore.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Policy Storage dll 131545711771427340 0x7fef8b20000 126976 c:\windows\system32\wlgpclnt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation 802.11 Group Policy Client 131545711771427340 0x7fef8b40000 278528 c:\windows\system32\eappcfg.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eap Peer Config 131545711771427340 0x7fef8b90000 81920 c:\windows\system32\eappprxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft EAPHost Peer Client DLL 131545711771427340 0x7fef8bf0000 512000 c:\windows\system32\WLANSEC.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Wireless LAN 802.11 MSM Security Module DLL 131545711771427340 0x7fef8c70000 434176 c:\windows\system32\WLANMSM.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Wireless LAN 802.11 MSM DLL 131545711771427340 0x7fef8ce0000 905216 c:\windows\system32\wlansvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows WLAN AutoConfig Service DLL 131545711771427340 0x7fef8e80000 98304 c:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771427340 0x7fef8f60000 323584 C:\Windows\system32\eapphost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft EAPHost Peer service 131545711771427340 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771427340 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771427340 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771427340 0x7fef9870000 45056 c:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771427340 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771427340 0x7fef99b0000 159744 c:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771427340 0x7fef9e20000 69632 C:\windows\System32\rtutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Routing Utilities 131545711771427340 0x7fef9e40000 114688 C:\windows\System32\rasman.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access Connection Manager 131545711771427340 0x7fef9e60000 401408 C:\windows\System32\RASAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access API 131545711771427340 0x7fef9fd0000 438272 C:\windows\system32\hnetcfg.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Home Networking Configuration Manager 131545711771427340 0x7fefb150000 249856 C:\windows\System32\mstask.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler interface DLL 131545711771427340 0x7fefb190000 1208320 C:\Windows\system32\taskschd.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler COM API 131545711771427340 0x7fefb2e0000 45056 C:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771427340 0x7fefb2f0000 196608 C:\windows\System32\PeerDist.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation BranchCache Client Library 131545711771427340 0x7fefb3a0000 49152 c:\windows\system32\dsrole.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DS Role Client DLL 131545711771427340 0x7fefb3b0000 102400 C:\windows\system32\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711771427340 0x7fefb3d0000 86016 C:\windows\System32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771427340 0x7fefb480000 708608 c:\windows\system32\cscsvc.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation CSC Service DLL 131545711771427340 0x7fefb600000 184320 C:\windows\System32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771427340 0x7fefb630000 36864 c:\windows\system32\AVRT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545711771427340 0x7fefb790000 1228800 c:\windows\system32\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771427340 0x7fefb8c0000 307200 c:\windows\system32\MMDevAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545711771427340 0x7fefb910000 704512 c:\windows\system32\audiosrv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Audio Service 131545711771427340 0x7fefbd00000 180224 c:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771427340 0x7fefbd30000 45056 c:\windows\system32\HID.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Hid User Library 131545711771427340 0x7fefbd50000 53248 C:\windows\System32\pcwum.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Performance Counters for Windows Native DLL 131545711771427340 0x7fefbd90000 110592 C:\windows\System32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771427340 0x7fefbdb0000 73728 C:\windows\System32\devrtl.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771427340 0x7fefbe60000 249856 C:\windows\System32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771427340 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771427340 0x7fefc1e0000 69632 C:\windows\System32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771427340 0x7fefc270000 40960 C:\windows\System32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771427340 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771427340 0x7fefc650000 98304 C:\windows\System32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771427340 0x7fefc670000 753664 C:\windows\system32\kerberos.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Kerberos Security Package 131545711771427340 0x7fefc800000 40960 c:\windows\system32\SYSNTFY.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Notifications Dynamic Link Library 131545711771427340 0x7fefc880000 45056 C:\windows\System32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771427340 0x7fefc8b0000 139264 c:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771427340 0x7fefc930000 192512 C:\windows\System32\AUTHZ.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Authorization Framework 131545711771427340 0x7fefc970000 446464 c:\windows\system32\wevtapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eventing Consumption and Configuration API 131545711771427340 0x7fefc9e0000 81920 C:\windows\System32\cryptdll.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Cryptography Manager 131545711771427340 0x7fefcad0000 151552 c:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771427340 0x7fefcc80000 356352 c:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771427340 0x7fefcce0000 61440 C:\windows\System32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771427340 0x7fefcd90000 81920 C:\windows\System32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771427340 0x7fefcdb0000 49152 C:\windows\System32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771427340 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771427340 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771427340 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771427340 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771427340 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771427340 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771427340 0x7fefcf40000 20480 C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771427340 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771427340 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771427340 0x7fefd100000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771427340 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771427340 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771427340 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771427340 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771427340 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771427340 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771427340 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771427340 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771427340 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771427340 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771427340 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771427340 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771427340 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771427340 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771427340 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771427340 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771427340 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771427340 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771427340 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 27 1288 824 6 00000000:000003e5 131545696826676585 0 0 1 System NT AUTHORITY\LOCAL SERVICE svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k LocalService Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771427704 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771427704 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771427704 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771427704 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771427704 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771427704 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771427704 0x7fef00d0000 94208 C:\Windows\system32\fdproxy.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Function Discovery Proxy Dll 131545711771427704 0x7fef00f0000 110592 C:\Windows\system32\fdssdp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Function Discovery SSDP Provider Dll 131545711771427704 0x7fef0110000 241664 C:\Windows\system32\MLANG.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multi Language Support DLL 131545711771427704 0x7fef0150000 143360 C:\Windows\system32\fdwsd.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Function Discovery WS Discovery Provider Dll 131545711771427704 0x7fef0180000 32768 c:\windows\system32\fdphost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Function Discovery Provider host service 131545711771427704 0x7fef4a40000 1175552 C:\Windows\system32\webservices.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Web Services Runtime 131545711771427704 0x7fef5370000 208896 C:\Windows\system32\FunDisc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Function Discovery Dll 131545711771427704 0x7fef5510000 593920 C:\Windows\system32\wsdapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Web Services for Devices API DLL 131545711771427704 0x7fef5c30000 45056 C:\windows\System32\winrnr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation LDAP RnR Provider DLL 131545711771427704 0x7fef5c60000 65536 C:\windows\system32\wshbth.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Sockets Helper DLL 131545711771427704 0x7fef5c90000 102400 C:\windows\system32\pnrpnsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PNRP Name Space Provider 131545711771427704 0x7fef5cb0000 86016 C:\windows\system32\napinsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation E-mail Naming Shim Provider 131545711771427704 0x7fef5d80000 49152 C:\windows\System32\npmproxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network List Manager Proxy 131545711771427704 0x7fef5d90000 512000 C:\windows\system32\wer.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Error Reporting DLL 131545711771427704 0x7fef5e10000 884736 C:\windows\system32\perftrack.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Performance PerfTrack 131545711771427704 0x7fef6050000 102400 c:\windows\system32\wdi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Diagnostic Infrastructure 131545711771427704 0x7fef6210000 475136 c:\windows\system32\netprofm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network List Manager 131545711771427704 0x7fef65e0000 413696 C:\windows\system32\webio.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Web Transfer Protocols API 131545711771427704 0x7fef6680000 462848 C:\windows\system32\winhttp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545711771427704 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771427704 0x7fef6cb0000 237568 C:\windows\system32\AEPIC.dll 10.0.15156.1008 (WinBuild.160101.0800) Microsoft Corporation Application Experience Program Cache 131545711771427704 0x7fef6f40000 69632 C:\Windows\system32\SSDPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SSDP Client API DLL 131545711771427704 0x7fef88b0000 2035712 C:\windows\System32\msxml6.dll 6.30.7601.23403 Microsoft Corporation MSXML 6.0 SP3 131545711771427704 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771427704 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771427704 0x7fef8ed0000 339968 C:\windows\System32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771427704 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771427704 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771427704 0x7fef99f0000 45056 c:\windows\system32\nsisvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Store Interface RPC server 131545711771427704 0x7fefa710000 212992 C:\windows\system32\XmlLite.dll 1.3.1001.0 Microsoft Corporation Microsoft XmlLite Library 131545711771427704 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771427704 0x7fefb320000 421888 c:\windows\system32\es.dll 2001.12.8530.16385 (win7_rtm.090713-1255) Microsoft Corporation COM+ 131545711771427704 0x7fefb3b0000 102400 C:\Windows\system32\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711771427704 0x7fefb3d0000 86016 c:\windows\system32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771427704 0x7fefb640000 1200128 c:\windows\system32\fntcache.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Windows Font Cache Service 131545711771427704 0x7fefbb60000 770048 C:\Windows\system32\FirewallAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711771427704 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771427704 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771427704 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771427704 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771427704 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771427704 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771427704 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771427704 0x7fefc5f0000 348160 C:\windows\System32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771427704 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771427704 0x7fefc880000 45056 C:\windows\system32\Secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771427704 0x7fefc8b0000 139264 C:\Windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771427704 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771427704 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771427704 0x7fefccf0000 593920 C:\windows\system32\SXS.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711771427704 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771427704 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771427704 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771427704 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771427704 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771427704 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771427704 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771427704 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771427704 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771427704 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771427704 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771427704 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771427704 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771427704 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771427704 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771427704 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771427704 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771427704 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771427704 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771427704 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771427704 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 28 1320 824 6 00000000:000003e7 131545696826676585 0 0 1 System NT AUTHORITY\SYSTEM svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k netsvcs Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771428068 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771428068 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771428068 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771428068 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771428068 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771428068 0x77360000 28672 C:\windows\system32\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771428068 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771428068 0x7feef320000 86016 c:\windows\system32\aelupsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Experience Service 131545711771428068 0x7fef3e80000 2670592 c:\windows\system32\wuaueng.dll 7.6.7601.23806 (win7sp1_ldr.170510-0600) Microsoft Corporation Windows Update Agent 131545711771428068 0x7fef4580000 974848 C:\Windows\system32\actxprxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ActiveX Interface Marshaling Library 131545711771428068 0x7fef4830000 159744 C:\windows\system32\SPPC.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771428068 0x7fef48a0000 860160 c:\windows\system32\qmgr.dll 7.5.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Background Intelligent Transfer Service 131545711771428068 0x7fef4b60000 2596864 c:\windows\system32\ESENT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Extensible Storage Engine for Microsoft(R) Windows(R) 131545711771428068 0x7fef4de0000 110592 C:\windows\system32\SPFILEQ.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows SPFILEQ 131545711771428068 0x7fef52f0000 61440 c:\windows\system32\mspatcha.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft File Patch Application API 131545711771428068 0x7fef5320000 282624 C:\windows\system32\upnp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation UPnP Control Point API 131545711771428068 0x7fef53b0000 86016 c:\windows\system32\appinfo.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Information Service 131545711771428068 0x7fef5470000 90112 C:\windows\system32\wbem\ncprov.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Non-COM WMI Event Provision APIs 131545711771428068 0x7fef54a0000 118784 c:\windows\system32\mmcss.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Class Scheduler Service 131545711771428068 0x7fef5c00000 73728 C:\windows\system32\bitsigd.dll 7.5.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Background Intelligent Transfer Service IGD Support 131545711771428068 0x7fef5c20000 40960 c:\windows\system32\bitsperf.dll 7.5.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Perfmon Counter Access 131545711771428068 0x7fef5d80000 49152 C:\windows\System32\npmproxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network List Manager Proxy 131545711771428068 0x7fef5d90000 512000 C:\windows\system32\wer.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Error Reporting DLL 131545711771428068 0x7fef60b0000 516096 C:\windows\system32\wbem\wbemess.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771428068 0x7fef6130000 90112 C:\windows\system32\NCObjAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation 131545711771428068 0x7fef6150000 770048 C:\windows\system32\wbem\wmiprvsd.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771428068 0x7fef6210000 475136 C:\windows\System32\netprofm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network List Manager 131545711771428068 0x7fef6290000 106496 C:\windows\system32\NCI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation CoInstaller: NET 131545711771428068 0x7fef6370000 471040 C:\windows\system32\wbem\repdrvfs.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation WMI Repository Driver 131545711771428068 0x7fef63f0000 249856 c:\windows\system32\srvsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Server Service DLL 131545711771428068 0x7fef6430000 290816 c:\windows\system32\WDSCORE.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Panther Engine Module 131545711771428068 0x7fef6480000 270336 c:\windows\system32\sqmapi.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation SQM Client 131545711771428068 0x7fef64d0000 602112 c:\windows\system32\iphlpsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Service that offers IPv6 connectivity over an IPv4 network. 131545711771428068 0x7fef6570000 454656 C:\windows\system32\wbem\esscli.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771428068 0x7fef65e0000 413696 C:\windows\system32\webio.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Web Transfer Protocols API 131545711771428068 0x7fef6650000 151552 c:\windows\system32\browser.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Computer Browser Service DLL 131545711771428068 0x7fef6680000 462848 C:\windows\system32\WINHTTP.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545711771428068 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771428068 0x7fef6740000 1241088 C:\windows\system32\wbem\wbemcore.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Management Instrumentation 131545711771428068 0x7fef6a20000 94208 C:\windows\system32\VssTrace.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft® Volume Shadow Copy Service Tracing Library 131545711771428068 0x7fef6c00000 94208 c:\windows\system32\certprop.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Smartcard Certificate Propagation Service 131545711771428068 0x7fef6c60000 102400 C:\windows\system32\RESUTILS.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Cluster Resource Utility DLL 131545711771428068 0x7fef6c80000 155648 C:\windows\system32\wbem\wmiutils.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771428068 0x7fef6cf0000 32768 C:\windows\system32\SSCORE.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Server Service Core DLL 131545711771428068 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771428068 0x7fef6d50000 262144 c:\windows\system32\wbem\wmisvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771428068 0x7fef6f40000 69632 C:\windows\system32\SSDPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SSDP Client API DLL 131545711771428068 0x7fef7040000 880640 c:\windows\system32\ikeext.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation IKE extension 131545711771428068 0x7fef7120000 1769472 C:\windows\system32\VSSAPI.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL 131545711771428068 0x7fef7520000 352256 C:\windows\System32\raschap.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access PPP CHAP 131545711771428068 0x7fef7580000 438272 C:\windows\System32\rastls.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access PPP EAP-TLS 131545711771428068 0x7fef8480000 36864 C:\Windows\system32\tschannel.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler Proxy 131545711771428068 0x7fef8610000 491520 C:\windows\system32\taskcomp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler Backward Compatibility Plug-in 131545711771428068 0x7fef8690000 36864 C:\windows\system32\FVECERTS.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation BitLocker Certificates Library 131545711771428068 0x7fef86a0000 40960 C:\windows\system32\tbs.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation TBS 131545711771428068 0x7fef86b0000 442368 C:\windows\system32\FVEAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows BitLocker Drive Encryption API 131545711771428068 0x7fef8720000 40960 c:\windows\system32\ktmw32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows KTM Win32 Client DLL 131545711771428068 0x7fef8730000 1126400 c:\windows\system32\schedsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler Service 131545711771428068 0x7fef8ab0000 233472 c:\windows\system32\WinSCard.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Smart Card API 131545711771428068 0x7fef8e60000 77824 C:\Windows\system32\umb.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation User Mode Bus Driver Interface Dll 131545711771428068 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771428068 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771428068 0x7fef8ed0000 339968 c:\windows\system32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771428068 0x7fef8f60000 323584 C:\windows\system32\eapphost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft EAPHost Peer service 131545711771428068 0x7fef8fb0000 126976 c:\windows\system32\eapsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft EAPHost service 131545711771428068 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771428068 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771428068 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771428068 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771428068 0x7fef9880000 925696 C:\windows\system32\wbem\FastProx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771428068 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771428068 0x7fef9e20000 69632 C:\windows\system32\rtutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Routing Utilities 131545711771428068 0x7fef9e40000 114688 C:\windows\system32\rasman.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access Connection Manager 131545711771428068 0x7fef9e60000 401408 C:\windows\system32\RASAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access API 131545711771428068 0x7fef9f70000 81920 C:\windows\system32\samcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Security Accounts Manager Client DLL 131545711771428068 0x7fef9fd0000 438272 C:\windows\system32\hnetcfg.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Home Networking Configuration Manager 131545711771428068 0x7fefa0a0000 462848 c:\windows\system32\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771428068 0x7fefa710000 212992 c:\windows\system32\XmlLite.dll 1.3.1001.0 Microsoft Corporation Microsoft XmlLite Library 131545711771428068 0x7fefa7f0000 385024 c:\windows\system32\shsvcs.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Shell Services Dll 131545711771428068 0x7fefada0000 352256 C:\windows\system32\UxTheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771428068 0x7fefae00000 118784 C:\windows\system32\SAMLIB.dll 6.1.7601.23677 (win7sp1_ldr.170209-0600) Microsoft Corporation SAM Library DLL 131545711771428068 0x7fefb2c0000 81920 c:\windows\system32\sens.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation System Event Notification Service (SENS) 131545711771428068 0x7fefb2e0000 45056 c:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771428068 0x7fefb320000 421888 C:\windows\system32\ES.DLL 2001.12.8530.16385 (win7_rtm.090713-1255) Microsoft Corporation COM+ 131545711771428068 0x7fefb3a0000 49152 C:\windows\system32\dsrole.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DS Role Client DLL 131545711771428068 0x7fefb3b0000 102400 c:\windows\system32\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711771428068 0x7fefb3d0000 86016 C:\windows\System32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771428068 0x7fefb3f0000 86016 c:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771428068 0x7fefb410000 49152 c:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771428068 0x7fefb420000 241664 c:\windows\system32\profsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation ProfSvc 131545711771428068 0x7fefb460000 90112 c:\windows\system32\NETAPI32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545711771428068 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771428068 0x7fefb630000 36864 c:\windows\system32\AVRT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545711771428068 0x7fefb790000 1228800 C:\windows\system32\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771428068 0x7fefbb60000 770048 c:\windows\system32\FirewallAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711771428068 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771428068 0x7fefbce0000 110592 c:\windows\system32\Cabinet.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft® Cabinet File API 131545711771428068 0x7fefbd50000 53248 c:\windows\system32\pcwum.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Performance Counters for Windows Native DLL 131545711771428068 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771428068 0x7fefbdb0000 73728 C:\windows\system32\devrtl.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771428068 0x7fefbdd0000 126976 C:\windows\system32\SPINF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows SPINF 131545711771428068 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771428068 0x7fefbea0000 233472 c:\windows\system32\UBPM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unified Background Process Manager DLL 131545711771428068 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771428068 0x7fefc1a0000 212992 C:\windows\system32\credui.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Credential Manager User Interface 131545711771428068 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771428068 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771428068 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771428068 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771428068 0x7fefc3e0000 360448 C:\windows\system32\schannel.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation TLS / SSL Security Provider 131545711771428068 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771428068 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771428068 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771428068 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771428068 0x7fefc760000 204800 C:\windows\system32\netjoin.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Domain Join DLL 131545711771428068 0x7fefc7c0000 143360 c:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771428068 0x7fefc7f0000 32768 c:\windows\system32\WMsgAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WinLogon IPC Client 131545711771428068 0x7fefc800000 40960 c:\windows\system32\SYSNTFY.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Notifications Dynamic Link Library 131545711771428068 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771428068 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771428068 0x7fefc930000 192512 c:\windows\system32\AUTHZ.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Authorization Framework 131545711771428068 0x7fefc970000 446464 c:\windows\system32\wevtapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eventing Consumption and Configuration API 131545711771428068 0x7fefc9e0000 81920 C:\windows\system32\cryptdll.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Cryptography Manager 131545711771428068 0x7fefcad0000 151552 c:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771428068 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771428068 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771428068 0x7fefccf0000 593920 C:\windows\system32\SXS.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711771428068 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771428068 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771428068 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771428068 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771428068 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771428068 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771428068 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771428068 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771428068 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771428068 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771428068 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771428068 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771428068 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771428068 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771428068 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771428068 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771428068 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771428068 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771428068 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771428068 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771428068 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771428068 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771428068 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771428068 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771428068 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771428068 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771428068 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771428068 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771428068 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 29 1432 824 6 00000000:000003e7 131545696830888593 0 0 1 System NT AUTHORITY\SYSTEM svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k GPSvcGroup Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771428427 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771428427 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771428427 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771428427 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771428427 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771428427 0x7fefae00000 118784 C:\windows\system32\SAMLIB.dll 6.1.7601.23677 (win7sp1_ldr.170209-0600) Microsoft Corporation SAM Library DLL 131545711771428427 0x7fefb2e0000 45056 C:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771428427 0x7fefb3a0000 49152 C:\windows\system32\dsrole.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DS Role Client DLL 131545711771428427 0x7fefb3d0000 86016 c:\windows\system32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771428427 0x7fefb3f0000 86016 c:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771428427 0x7fefb410000 49152 c:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771428427 0x7fefb460000 90112 c:\windows\system32\NETAPI32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545711771428427 0x7fefb530000 811008 c:\windows\system32\gpsvc.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client 131545711771428427 0x7fefbd90000 110592 c:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771428427 0x7fefc440000 196608 C:\windows\system32\LOGONCLI.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Logon Client DLL 131545711771428427 0x7fefc7c0000 143360 c:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771428427 0x7fefc800000 40960 c:\windows\system32\SYSNTFY.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Notifications Dynamic Link Library 131545711771428427 0x7fefc880000 45056 c:\windows\system32\Secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771428427 0x7fefc970000 446464 c:\windows\system32\wevtapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eventing Consumption and Configuration API 131545711771428427 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771428427 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771428427 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771428427 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771428427 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771428427 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771428427 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771428427 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771428427 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771428427 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771428427 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771428427 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771428427 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771428427 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771428427 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771428427 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771428427 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771428427 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 30 1716 504 21 00000000:000003e7 131545696856340636 0 0 1 System NT AUTHORITY\SYSTEM nvxdsync.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" NVIDIA Corporation 8.17.13.5445 NVIDIA User Experience Driver Component 131545711771428787 0x6aa00000 1658880 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll 8.17.13.5445 NVIDIA Corporation NVIDIA User Experience Driver Component 131545711771428787 0x73760000 5124096 C:\Program Files\NVIDIA Corporation\Display\NvUI.dll 8.17.13.5445 NVIDIA Corporation NVIDIA User Experience Driver Component 131545711771428787 0x73c50000 7106560 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll 8.17.13.5445 NVIDIA Corporation NVIDIA User Experience Driver Component 131545711771428787 0x74320000 1372160 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll 8.17.13.5445 NVIDIA Corporation NVIDIA User Experience Driver Component 131545711771428787 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771428787 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771428787 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771428787 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771428787 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771428787 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771428787 0x13fb30000 1282048 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 8.17.13.5445 NVIDIA Corporation NVIDIA User Experience Driver Component 131545711771428787 0x7fef8fe0000 1138688 C:\windows\system32\nvumdshimx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA D3D Shim Driver, Version 354.45 131545711771428787 0x7fef9390000 3575808 C:\windows\system32\nvapi64.dll 10.18.13.5445 NVIDIA Corporation NVIDIA NVAPI Library, Version 354.45 131545711771428787 0x7fef9730000 655360 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771428787 0x7fefa040000 344064 C:\windows\system32\OLEACC.dll 7.0.0.0 (win7sp1_ldr.160325-0600) Microsoft Corporation Active Accessibility Core Component 131545711771428787 0x7fefa0a0000 462848 C:\windows\system32\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771428787 0x7fefa170000 147456 C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 6.14.10.100.03 NVIDIA Smart Maximize Helper 131545711771428787 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771428787 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771428787 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771428787 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771428787 0x7fefab80000 2191360 C:\windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_145eb2808b8d6928\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711771428787 0x7fefada0000 352256 C:\windows\system32\UxTheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771428787 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771428787 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771428787 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771428787 0x7fefc280000 28672 C:\windows\system32\MSIMG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545711771428787 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771428787 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771428787 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771428787 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771428787 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771428787 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771428787 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771428787 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771428787 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771428787 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771428787 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771428787 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771428787 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771428787 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771428787 0x7fefd250000 618496 C:\windows\system32\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771428787 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771428787 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771428787 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771428787 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771428787 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771428787 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771428787 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771428787 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771428787 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771428787 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771428787 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771428787 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771428787 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771428787 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771428787 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771428787 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 31 1728 504 21 00000000:000003e7 131545696856740637 0 0 1 System NT AUTHORITY\SYSTEM nvvsvc.exe C:\windows\system32\nvvsvc.exe C:\windows\system32\nvvsvc.exe -session -first NVIDIA Corporation 8.17.13.5445 NVIDIA Driver Helper Service, Version 354.45 131545711771429147 0x6aa00000 1658880 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll 8.17.13.5445 NVIDIA Corporation NVIDIA User Experience Driver Component 131545711771429147 0x74320000 1372160 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll 8.17.13.5445 NVIDIA Corporation NVIDIA User Experience Driver Component 131545711771429147 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771429147 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771429147 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771429147 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771429147 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771429147 0x77370000 12288 C:\windows\system32\normaliz.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711771429147 0x13fab0000 1269760 C:\windows\system32\nvvsvc.exe 8.17.13.5445 NVIDIA Corporation NVIDIA Driver Helper Service, Version 354.45 131545711771429147 0x7fee7030000 81920 C:\Windows\System32\pngfilt.dll 11.00.9600.16428 (winblue_gdr.131013-1700) Microsoft Corporation IE PNG plugin image decoder 131545711771429147 0x7fee7060000 32768 C:\Windows\system32\DCIMAN32.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation DCI Manager 131545711771429147 0x7fee7070000 987136 C:\Windows\system32\DDRAW.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft DirectDraw 131545711771429147 0x7fee7170000 57344 C:\Windows\system32\ddrawex.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Direct Draw Ex 131545711771429147 0x7fee71a0000 331776 C:\Windows\System32\Dxtrans.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation DirectX Media -- DirectX Transform Core 131545711771429147 0x7fef9100000 2560000 C:\windows\system32\NVSVCR.DLL 8.17.13.5445 NVIDIA Corporation NVIDIA Driver Helper Service, Version 354.45 131545711771429147 0x7fef9390000 3575808 C:\windows\system32\nvapi64.dll 10.18.13.5445 NVIDIA Corporation NVIDIA NVAPI Library, Version 354.45 131545711771429147 0x7fef9a00000 638976 C:\windows\system32\mscms.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Color Matching System DLL 131545711771429147 0x7fef9aa0000 3543040 C:\windows\system32\NVSVC64.DLL 8.17.13.5445 NVIDIA Corporation NVIDIA Driver Helper Service, Version 354.45 131545711771429147 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771429147 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771429147 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771429147 0x7fefb3b0000 102400 C:\Windows\System32\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711771429147 0x7fefbd00000 180224 C:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771429147 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771429147 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771429147 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771429147 0x7fefc280000 28672 C:\windows\system32\MSIMG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545711771429147 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771429147 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771429147 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771429147 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771429147 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771429147 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771429147 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771429147 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771429147 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771429147 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771429147 0x7fefced0000 12288 C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429147 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771429147 0x7fefcf40000 20480 C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429147 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771429147 0x7fefd100000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429147 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771429147 0x7fefd180000 16384 C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429147 0x7fefd190000 16384 C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429147 0x7fefd1a0000 16384 C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429147 0x7fefd250000 618496 C:\windows\system32\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771429147 0x7fefd2f0000 2928640 C:\windows\system32\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711771429147 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771429147 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771429147 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771429147 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771429147 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771429147 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771429147 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771429147 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771429147 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771429147 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771429147 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771429147 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771429147 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771429147 0x7fefed60000 1593344 C:\windows\system32\urlmon.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation OLE32 Extensions for Win32 131545711771429147 0x7fefef50000 3280896 C:\windows\system32\WININET.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711771429147 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771429147 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 32 1740 908 22 00000000:000003e7 131545696856840637 0 0 1 System NT AUTHORITY\SYSTEM nvwmi64.exe C:\windows\system32\nvwmi64.exe C:\windows\system32\nvwmi64.exe -spawnprovider 131545711771429510 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771429510 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771429510 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771429510 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771429510 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771429510 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771429510 0x13fe10000 3227648 C:\windows\system32\nvwmi64.exe 131545711771429510 0x7fef6c80000 155648 C:\windows\system32\wbem\wmiutils.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771429510 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771429510 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771429510 0x7fef9390000 3575808 C:\windows\system32\nvapi64.dll 10.18.13.5445 NVIDIA Corporation NVIDIA NVAPI Library, Version 354.45 131545711771429510 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771429510 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771429510 0x7fef9880000 925696 C:\windows\system32\wbem\FastProx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771429510 0x7fef9970000 204800 C:\windows\system32\wbem\wmidcprv.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771429510 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771429510 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771429510 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771429510 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771429510 0x7fefbce0000 110592 C:\windows\system32\Cabinet.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft® Cabinet File API 131545711771429510 0x7fefbd50000 53248 C:\windows\system32\pcwum.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Performance Counters for Windows Native DLL 131545711771429510 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771429510 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771429510 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771429510 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771429510 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771429510 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771429510 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771429510 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771429510 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771429510 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771429510 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771429510 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771429510 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771429510 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771429510 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771429510 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771429510 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771429510 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771429510 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771429510 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771429510 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771429510 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771429510 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771429510 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771429510 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771429510 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771429510 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771429510 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771429510 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 33 1800 824 6 00000000:000003e7 131545696858340639 0 0 0 System NT AUTHORITY\SYSTEM vpnagent.exe C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe" Cisco Systems, Inc. 3, 1, 14018 VPN Agent Service 131545711771429874 0xd20000 90112 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\ac_sock_fltr_api.dll 3, 1, 14018 Cisco Systems, Inc. Cisco AnyConnect Kernel Driver Framework Socket Layer Configuration Library 131545711771429874 0xd80000 573440 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe 3, 1, 14018 Cisco Systems, Inc. VPN Agent Service 131545711771429874 0xfb00000 1544192 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acciscocrypto.dll 1.0.1q.4.13.2 The OpenSSL Project, http://www.openssl.org/ OpenSSL Shared Library 131545711771429874 0x10000000 335872 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acciscossl.dll 1.0.1q.4.13.2 The OpenSSL Project, http://www.openssl.org/ OpenSSL Shared Library 131545711771429874 0x6a340000 24576 C:\windows\SysWOW64\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771429874 0x6a350000 135168 C:\Program Files (x86)\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771429874 0x6c0b0000 278528 C:\windows\SysWOW64\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771429874 0x6fb10000 167936 C:\windows\SysWOW64\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771429874 0x72bb0000 69632 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll 1.2.3 zlib data compression library 131545711771429874 0x72bd0000 110592 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\Plugins\acfeedback.dll 3, 1, 14018 Cisco Systems, Inc. AnyConnect PhoneHome Module 131545711771429874 0x72bf0000 90112 C:\windows\SysWOW64\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771429874 0x72cc0000 249856 C:\windows\SysWOW64\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771429874 0x72d00000 233472 C:\windows\SysWOW64\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771429874 0x72d40000 40960 C:\Windows\SysWOW64\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771429874 0x72d50000 417792 C:\Windows\SysWOW64\netcfgx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Configuration Objects 131545711771429874 0x72dc0000 229376 C:\windows\SysWOW64\Fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771429874 0x72e00000 73728 C:\windows\SysWOW64\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771429874 0x72e20000 53248 C:\windows\SysWOW64\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771429874 0x72e30000 28672 C:\windows\SysWOW64\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771429874 0x72e40000 114688 C:\windows\SysWOW64\IpHlpApi.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771429874 0x72e60000 24576 C:\windows\SysWOW64\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771429874 0x72e70000 94208 C:\windows\SysWOW64\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library (Wow64) 131545711771429874 0x72e90000 1409024 C:\windows\SysWOW64\msxml6.dll 6.30.7601.23403 Microsoft Corporation MSXML 6.0 SP3 131545711771429874 0x72ff0000 241664 C:\windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771429874 0x73030000 94208 C:\windows\SysWOW64\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771429874 0x73050000 20480 C:\windows\SysWOW64\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771429874 0x73060000 245760 C:\windows\SysWOW64\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771429874 0x730a0000 962560 C:\windows\SysWOW64\Dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545711771429874 0x73290000 32768 C:\windows\SysWOW64\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771429874 0x73330000 1089536 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnapi.dll 3, 1, 14018 Cisco Systems, Inc. AnyConnect Secure Mobility Client VPN API 131545711771429874 0x73440000 86016 C:\windows\SysWOW64\rasman.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access Connection Manager 131545711771429874 0x73460000 335872 C:\windows\SysWOW64\RASAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access API 131545711771429874 0x734c0000 614400 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagentutilities.dll 3, 1, 14018 Cisco Systems, Inc. AgentUtilities 131545711771429874 0x73560000 417792 C:\windows\SysWOW64\msvcp60.dll 7.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT C++ Runtime Library DLL 131545711771429874 0x735d0000 1167360 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommon.dll 3, 1, 14018 Cisco Systems, Inc. Common 131545711771429874 0x736f0000 413696 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommoncrypt.dll 3, 1, 14018 Cisco Systems, Inc. CommonCrypt 131545711771429874 0x74890000 57344 C:\windows\SysWOW64\devrtl.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771429874 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771429874 0x74960000 36864 C:\windows\SysWOW64\version.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771429874 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771429874 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771429874 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771429874 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771429874 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771429874 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771429874 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771429874 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771429874 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771429874 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771429874 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771429874 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771429874 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771429874 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771429874 0x754e0000 16384 C:\windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429874 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771429874 0x75790000 176128 C:\windows\syswow64\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771429874 0x75820000 16384 C:\windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429874 0x75830000 192512 C:\windows\SysWOW64\Wintrust.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771429874 0x75860000 2314240 C:\windows\syswow64\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711771429874 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771429874 0x75be0000 24576 C:\windows\syswow64\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771429874 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771429874 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771429874 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771429874 0x75cc0000 12288 C:\windows\syswow64\normaliz.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711771429874 0x75cd0000 2797568 C:\windows\syswow64\WININET.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711771429874 0x75f80000 217088 C:\windows\syswow64\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771429874 0x760b0000 20480 C:\windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429874 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771429874 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771429874 0x76d60000 16384 C:\windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429874 0x76d70000 12288 C:\windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429874 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771429874 0x76d90000 1359872 C:\windows\syswow64\urlmon.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation OLE32 Extensions for Win32 131545711771429874 0x76ee0000 16384 C:\windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771429874 0x76ef0000 536576 C:\windows\syswow64\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771429874 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771429874 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771429874 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 34 1908 824 6 00000000:000003e4 131545696875140663 0 0 1 System NT AUTHORITY\NETWORK SERVICE svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k NetworkService Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771430242 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771430242 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771430242 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771430242 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771430242 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771430242 0x77360000 28672 C:\windows\system32\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771430242 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771430242 0x7fee45d0000 36864 C:\windows\system32\SensApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SENS Connectivity API DLL 131545711771430242 0x7fef4b60000 2596864 C:\windows\system32\ESENT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Extensible Storage Engine for Microsoft(R) Windows(R) 131545711771430242 0x7fef65e0000 413696 c:\windows\system32\webio.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Web Transfer Protocols API 131545711771430242 0x7fef6680000 462848 c:\windows\system32\WINHTTP.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545711771430242 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771430242 0x7fef6a20000 94208 C:\windows\system32\VssTrace.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft® Volume Shadow Copy Service Tracing Library 131545711771430242 0x7fef6f40000 69632 C:\windows\system32\ssdpapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SSDP Client API DLL 131545711771430242 0x7fef6f60000 241664 c:\windows\system32\ncsi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Connectivity Status Indicator 131545711771430242 0x7fef6fa0000 319488 c:\windows\system32\nlasvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Location Awareness 2 131545711771430242 0x7fef72d0000 159744 c:\windows\system32\CRYPTNET.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto Network Related API 131545711771430242 0x7fef7300000 208896 c:\windows\system32\cryptsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Cryptographic Services 131545711771430242 0x7fef8300000 131072 c:\windows\system32\wkssvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Workstation Service DLL 131545711771430242 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771430242 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771430242 0x7fef8ec0000 28672 C:\windows\System32\dnsext.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS extension DLL 131545711771430242 0x7fef8ed0000 339968 C:\windows\system32\Fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771430242 0x7fef8f30000 196608 c:\windows\system32\dnsrslvr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Caching Resolver Service 131545711771430242 0x7fef9870000 45056 c:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771430242 0x7fef99b0000 159744 C:\windows\system32\iphlpapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771430242 0x7fef9f70000 81920 C:\windows\system32\samcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Security Accounts Manager Client DLL 131545711771430242 0x7fefae00000 118784 C:\windows\system32\SAMLIB.dll 6.1.7601.23677 (win7sp1_ldr.170209-0600) Microsoft Corporation SAM Library DLL 131545711771430242 0x7fefb320000 421888 C:\windows\system32\es.dll 2001.12.8530.16385 (win7_rtm.090713-1255) Microsoft Corporation COM+ 131545711771430242 0x7fefb3b0000 102400 C:\windows\system32\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711771430242 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771430242 0x7fefb410000 49152 c:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771430242 0x7fefb790000 1228800 C:\windows\system32\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771430242 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771430242 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771430242 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771430242 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771430242 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771430242 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771430242 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771430242 0x7fefc470000 372736 c:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771430242 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771430242 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771430242 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771430242 0x7fefc760000 204800 c:\windows\system32\netjoin.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Domain Join DLL 131545711771430242 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771430242 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771430242 0x7fefc970000 446464 c:\windows\system32\wevtapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eventing Consumption and Configuration API 131545711771430242 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771430242 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771430242 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771430242 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771430242 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771430242 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771430242 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771430242 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771430242 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771430242 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771430242 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771430242 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771430242 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771430242 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771430242 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771430242 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771430242 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771430242 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771430242 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771430242 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771430242 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771430242 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771430242 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771430242 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771430242 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771430242 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771430242 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 35 804 824 6 00000000:000003e7 131545696895040691 0 0 1 System NT AUTHORITY\SYSTEM spoolsv.exe C:\windows\System32\spoolsv.exe C:\windows\System32\spoolsv.exe Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Spooler SubSystem App 131545711771430602 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771430602 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771430602 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771430602 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771430602 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771430602 0xffd20000 577536 C:\windows\System32\spoolsv.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Spooler SubSystem App 131545711771430602 0x7fef4980000 778240 C:\windows\System32\win32spl.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Client Side Rendering Print Provider 131545711771430602 0x7fef4a40000 1175552 C:\windows\System32\webservices.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Web Services Runtime 131545711771430602 0x7fef5370000 208896 C:\Windows\system32\FunDisc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Function Discovery Dll 131545711771430602 0x7fef53f0000 184320 C:\windows\System32\inetpp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Internet Print Provider DLL 131545711771430602 0x7fef5460000 61440 C:\windows\System32\cscapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Offline Files Win32 API 131545711771430602 0x7fef5510000 593920 C:\windows\System32\wsdapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Web Services for Devices API DLL 131545711771430602 0x7fef5d80000 49152 C:\windows\System32\npmproxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network List Manager Proxy 131545711771430602 0x7fef6040000 28672 C:\windows\system32\wls0wndh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Session0 Viewer Window Hook DLL 131545711771430602 0x7fef6210000 475136 C:\windows\System32\netprofm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network List Manager 131545711771430602 0x7fef62b0000 57344 C:\windows\system32\spool\PRTPROCS\x64\winprint.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Windows Print Processor DLL 131545711771430602 0x7fef62d0000 237568 C:\windows\System32\WSDMon.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WSD Printer Port Monitor 131545711771430602 0x7fef6310000 61440 C:\windows\System32\usbmon.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Standard Dynamic Printing Port Monitor DLL 131545711771430602 0x7fef6700000 32768 C:\windows\System32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771430602 0x7fef6870000 81920 C:\windows\System32\wsnmp32.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft WinSNMP v2.0 Manager API 131545711771430602 0x7fef6890000 45056 C:\windows\System32\snmpapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SNMP Utility Library 131545711771430602 0x7fef68a0000 212992 C:\windows\System32\tcpmon.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Standard TCP/IP Port Monitor DLL 131545711771430602 0x7fef68e0000 57344 C:\windows\System32\FXSMON.DLL 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft Fax Print Monitor 131545711771430602 0x7fef6900000 73728 C:\windows\System32\SPOOLSS.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Spooler SubSystem DLL 131545711771430602 0x7fef6920000 995328 C:\windows\System32\localspl.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Local Spooler DLL 131545711771430602 0x7fef88b0000 2035712 C:\windows\System32\msxml6.dll 6.30.7601.23403 Microsoft Corporation MSXML 6.0 SP3 131545711771430602 0x7fef8e60000 77824 C:\Windows\system32\umb.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation User Mode Bus Driver Interface Dll 131545711771430602 0x7fef8ed0000 339968 C:\windows\System32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771430602 0x7fef9870000 45056 C:\windows\System32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771430602 0x7fef99b0000 159744 C:\windows\System32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771430602 0x7fefa0a0000 462848 C:\windows\system32\winspool.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771430602 0x7fefb2e0000 45056 C:\windows\System32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771430602 0x7fefb3a0000 49152 C:\windows\System32\dsrole.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DS Role Client DLL 131545711771430602 0x7fefb3b0000 102400 C:\Windows\system32\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711771430602 0x7fefb3d0000 86016 C:\windows\System32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771430602 0x7fefb410000 49152 C:\windows\System32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771430602 0x7fefbb60000 770048 C:\windows\System32\FirewallAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711771430602 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771430602 0x7fefbd00000 180224 C:\windows\System32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771430602 0x7fefbd90000 110592 C:\windows\System32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771430602 0x7fefbdb0000 73728 C:\windows\System32\DEVRTL.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771430602 0x7fefbdd0000 126976 C:\windows\System32\SPINF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows SPINF 131545711771430602 0x7fefbe60000 249856 C:\windows\System32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771430602 0x7fefc1e0000 69632 C:\windows\System32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771430602 0x7fefc270000 40960 C:\windows\System32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771430602 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771430602 0x7fefc470000 372736 C:\windows\System32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771430602 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771430602 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771430602 0x7fefc650000 98304 C:\windows\System32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771430602 0x7fefc7c0000 143360 C:\windows\System32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771430602 0x7fefc880000 45056 C:\windows\System32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771430602 0x7fefc8b0000 139264 C:\windows\System32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771430602 0x7fefcad0000 151552 C:\windows\System32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771430602 0x7fefcce0000 61440 C:\windows\System32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771430602 0x7fefcd90000 81920 C:\windows\System32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771430602 0x7fefcdb0000 49152 C:\windows\System32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771430602 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771430602 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771430602 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771430602 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771430602 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771430602 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771430602 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771430602 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771430602 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771430602 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771430602 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771430602 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771430602 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771430602 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771430602 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771430602 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771430602 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771430602 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771430602 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771430602 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771430602 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771430602 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771430602 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771430602 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771430602 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 36 1472 824 6 00000000:000003e5 131545696897140694 0 0 1 System NT AUTHORITY\LOCAL SERVICE svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771430970 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771430970 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771430970 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771430970 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771430970 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771430970 0x7fee6c30000 131072 c:\windows\system32\Wlanapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows WLAN AutoConfig Client Side API DLL 131545711771430970 0x7feefff0000 135168 c:\windows\system32\wlanhlp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Wireless LAN 802.11 Client Side Helper API 131545711771430970 0x7fef0020000 380928 c:\windows\system32\wcncsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Connect Now - Config Registrar Service 131545711771430970 0x7fef4e10000 212992 c:\windows\system32\ssdpsrv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SSDP Service DLL 131545711771430970 0x7fef5320000 282624 C:\windows\system32\upnp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation UPnP Control Point API 131545711771430970 0x7fef65e0000 413696 C:\windows\system32\webio.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Web Transfer Protocols API 131545711771430970 0x7fef6680000 462848 C:\windows\system32\WINHTTP.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545711771430970 0x7fef6f40000 69632 C:\windows\system32\SSDPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SSDP Client API DLL 131545711771430970 0x7fef8330000 36864 C:\windows\System32\wshqos.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation QoS Winsock2 Helper DLL 131545711771430970 0x7fef8540000 208896 c:\windows\system32\scardsvr.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Smart Card Resource Management Server 131545711771430970 0x7fef8af0000 28672 c:\windows\system32\wlanutil.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Wireless LAN 802.11 Utility DLL 131545711771430970 0x7fef8b40000 278528 c:\windows\system32\eappcfg.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eap Peer Config 131545711771430970 0x7fef8b90000 81920 c:\windows\system32\eappprxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft EAPHost Peer Client DLL 131545711771430970 0x7fef8bb0000 262144 c:\windows\system32\OneX.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IEEE 802.1X supplicant library 131545711771430970 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771430970 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771430970 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771430970 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771430970 0x7fefb3b0000 102400 c:\windows\system32\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711771430970 0x7fefbb60000 770048 c:\windows\system32\FirewallAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711771430970 0x7fefbc20000 28672 C:\windows\system32\wshtcpip.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771430970 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771430970 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771430970 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771430970 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771430970 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771430970 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771430970 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771430970 0x7fefc8b0000 139264 c:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771430970 0x7fefc930000 192512 c:\windows\system32\AUTHZ.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Authorization Framework 131545711771430970 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771430970 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771430970 0x7fefccf0000 593920 C:\windows\system32\SXS.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711771430970 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771430970 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771430970 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771430970 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771430970 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771430970 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771430970 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771430970 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771430970 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771430970 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771430970 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771430970 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771430970 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771430970 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771430970 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771430970 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771430970 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771430970 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771430970 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 37 2084 824 6 00000000:000003e5 131545696897740694 0 0 1 System NT AUTHORITY\LOCAL SERVICE svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771431479 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771431479 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771431479 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771431479 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771431479 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771431479 0x7fef5d60000 53248 C:\windows\system32\wdiasqmmodule.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Adaptive SQM WDI Plugin 131545711771431479 0x7fef5d70000 32768 C:\windows\system32\pnpts.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PlugPlay Troubleshooter 131545711771431479 0x7fef5d80000 49152 C:\windows\System32\npmproxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network List Manager Proxy 131545711771431479 0x7fef5ef0000 1351680 C:\windows\system32\diagperf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Performance Diagnostics 131545711771431479 0x7fef6050000 102400 C:\windows\system32\wdi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Diagnostic Infrastructure 131545711771431479 0x7fef6210000 475136 C:\windows\System32\netprofm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network List Manager 131545711771431479 0x7fef6c20000 180224 c:\windows\system32\dps.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WDI Diagnostic Policy Service 131545711771431479 0x7fef8320000 40960 C:\windows\system32\wfapigp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Firewall GPO Helper dll 131545711771431479 0x7fef8330000 36864 C:\windows\System32\wshqos.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation QoS Winsock2 Helper DLL 131545711771431479 0x7fef8340000 843776 c:\windows\system32\mpssvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Protection Service 131545711771431479 0x7fef8490000 720896 c:\windows\system32\bfe.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Base Filtering Engine 131545711771431479 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771431479 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771431479 0x7fef8ed0000 339968 c:\windows\system32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771431479 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771431479 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771431479 0x7fefa850000 118784 C:\windows\system32\radardt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Resource Exhaustion Detector 131545711771431479 0x7fefb190000 1208320 C:\Windows\system32\taskschd.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler COM API 131545711771431479 0x7fefb2e0000 45056 c:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771431479 0x7fefb3d0000 86016 C:\windows\System32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771431479 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771431479 0x7fefbb60000 770048 c:\windows\system32\FirewallAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711771431479 0x7fefbc20000 28672 C:\windows\system32\wshtcpip.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771431479 0x7fefbd50000 53248 C:\windows\system32\pcwum.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Performance Counters for Windows Native DLL 131545711771431479 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771431479 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771431479 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771431479 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771431479 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771431479 0x7fefc5e0000 28672 C:\windows\system32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771431479 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771431479 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771431479 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771431479 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771431479 0x7fefc930000 192512 c:\windows\system32\AUTHZ.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Authorization Framework 131545711771431479 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771431479 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771431479 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771431479 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771431479 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771431479 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771431479 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771431479 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771431479 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771431479 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771431479 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771431479 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771431479 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771431479 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771431479 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771431479 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771431479 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771431479 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771431479 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771431479 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771431479 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771431479 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771431479 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771431479 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771431479 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 38 2288 824 6 00000000:000003e7 131545696904182705 0 0 0 System NT AUTHORITY\SYSTEM armsvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" Adobe Systems Incorporated 1.824.23.7067 Adobe Acrobat Update Service 131545711771431848 0x1190000 86016 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1.824.23.7067 Adobe Systems Incorporated Adobe Acrobat Update Service 131545711771431848 0x72c10000 667648 C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C Runtime Library 131545711771431848 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771431848 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771431848 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771431848 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771431848 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771431848 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771431848 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771431848 0x74c20000 393216 C:\windows\syswow64\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771431848 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771431848 0x74f10000 1114112 C:\windows\syswow64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771431848 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771431848 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771431848 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771431848 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771431848 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771431848 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771431848 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771431848 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771431848 0x75830000 192512 C:\windows\syswow64\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771431848 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771431848 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771431848 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771431848 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771431848 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771431848 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771431848 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771431848 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 39 2328 824 6 00000000:000003e7 131545696910110716 0 0 1 System NT AUTHORITY\SYSTEM aipstartd.exe C:\POS\bin\aipstartd.exe C:\POS\bin\aipstartd.exe Toshiba Global Commerce Solutions, Inc. 11.2.0.45 (x64) Toshiba Service Control Program 131545711771432216 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771432216 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771432216 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771432216 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771432216 0x13f4e0000 94208 C:\POS\bin\aipstartd.exe 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba Service Control Program 131545711771432216 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771432216 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771432216 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771432216 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771432216 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771432216 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771432216 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771432216 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771432216 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771432216 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771432216 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771432216 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771432216 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771432216 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771432216 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771432216 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771432216 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771432216 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771432216 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771432216 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771432216 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 40 2356 824 6 00000000:000003e7 131545696911670718 0 0 1 System NT AUTHORITY\SYSTEM AppleMobileDeviceService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" Apple Inc. 17.423.0.24 MobileDeviceService 131545711771432579 0x711b0000 98304 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 1.5.0 zlib data compression library 131545711771432579 0x711d0000 102400 C:\windows\system32\dnssd.dll 3,1,0,1 Apple Inc. Bonjour Client Library 131545711771432579 0x711f0000 26288128 C:\Program Files\Common Files\Apple\Apple Application Support\icudt55.dll 55, 1, 0, 2501 The ICU Project ICU Data DLL 131545711771432579 0x72b10000 622592 C:\windows\system32\MSVCP100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771432579 0x74a90000 860160 C:\windows\system32\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771432579 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771432579 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771432579 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771432579 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771432579 0x77370000 12288 C:\windows\system32\normaliz.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711771432579 0x13f560000 86016 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17.423.0.24 Apple Inc. MobileDeviceService 131545711771432579 0x7fef7360000 847872 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll 253.1.0.110 Apple Inc. SQLite3.dll 131545711771432579 0x7fef7430000 978944 C:\windows\system32\MSVCR120.dll 12.00.21005.1 built by: REL Microsoft Corporation Microsoft® C Runtime Library 131545711771432579 0x7fef75f0000 1363968 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 31.7 libxml2 131545711771432579 0x7fef7740000 2572288 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll 520.31.1.1 Apple Inc. CFNetwork 131545711771432579 0x7fef79c0000 2797568 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll 988.1.4.1.1 Apple Inc. iTunesMobileDevice 131545711771432579 0x7fef7c70000 86016 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll 15, 0, 0, 0 Open Source Software community LGPL MS C 131545711771432579 0x7fef7c90000 237568 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll 17.423.0.24 Apple Inc. Apple Mobile Device Service 131545711771432579 0x7fef7cd0000 1368064 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll 55, 1, 0, 2501 The ICU Project ICU Common DLL 131545711771432579 0x7fef7e20000 1994752 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll 55, 1, 0, 2501 The ICU Project ICU I18N DLL 131545711771432579 0x7fef8010000 118784 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll 244,1,22,130 Apple Inc. Dispatch Runtime Library 131545711771432579 0x7fef8030000 94208 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll 46.0.0.114 Apple Inc. Apple System Logging 131545711771432579 0x7fef8050000 233472 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll 1,528,0.71,347 Apple Inc. Objective-C Runtime Library 131545711771432579 0x7fef8090000 2289664 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll 1,750,35,0 Apple Inc. CoreFoundation 131545711771432579 0x7fef82c0000 69632 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.DLL 34.0.0.383 Apple Inc. YSCrashDump.dll 131545711771432579 0x7fef82e0000 32768 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll 21.0.0.120 Apple Inc. Apple Software Support Version Check Dynamic Link Library 131545711771432579 0x7fef82f0000 36864 C:\windows\system32\WSOCK32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 32-Bit DLL 131545711771432579 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771432579 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771432579 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771432579 0x7fefae50000 1089536 C:\windows\system32\CRYPTUI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft Trust UI Provider 131545711771432579 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771432579 0x7fefbd40000 12288 C:\windows\system32\api-ms-win-core-synch-l1-2-0.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771432579 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771432579 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771432579 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771432579 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771432579 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771432579 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771432579 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771432579 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771432579 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771432579 0x7fefced0000 12288 C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771432579 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771432579 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771432579 0x7fefcf40000 20480 C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771432579 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771432579 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771432579 0x7fefd100000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771432579 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771432579 0x7fefd180000 16384 C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771432579 0x7fefd1a0000 16384 C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771432579 0x7fefd2f0000 2928640 C:\windows\system32\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711771432579 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771432579 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771432579 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771432579 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771432579 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771432579 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771432579 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771432579 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771432579 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771432579 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771432579 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771432579 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771432579 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771432579 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771432579 0x7fefef50000 3280896 C:\windows\system32\WININET.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711771432579 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771432579 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 41 2444 824 6 00000000:000003e7 131545696926958745 0 0 1 System NT AUTHORITY\SYSTEM mDNSResponder.exe C:\Program Files\Bonjour\mDNSResponder.exe "C:\Program Files\Bonjour\mDNSResponder.exe" Apple Inc. 3,1,0,1 Bonjour Service 131545711771432939 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771432939 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771432939 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771432939 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771432939 0x13f890000 667648 C:\Program Files\Bonjour\mDNSResponder.exe 3,1,0,1 Apple Inc. Bonjour Service 131545711771432939 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771432939 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771432939 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771432939 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771432939 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771432939 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771432939 0x7fefb460000 90112 C:\windows\system32\NETAPI32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545711771432939 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771432939 0x7fefbd00000 180224 C:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771432939 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771432939 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771432939 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771432939 0x7fefc7c0000 143360 C:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771432939 0x7fefcce0000 61440 C:\windows\system32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771432939 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771432939 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771432939 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771432939 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771432939 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771432939 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771432939 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771432939 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771432939 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771432939 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771432939 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771432939 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771432939 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771432939 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771432939 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771432939 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771432939 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771432939 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771432939 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 42 2480 824 6 00000000:000003e7 131545696929454750 0 0 1 System NT AUTHORITY\SYSTEM btwdins.exe C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe "C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe" Broadcom Corporation. 6.5.1.2700 Bluetooth Support Server 131545711771433337 0x74a90000 860160 C:\windows\system32\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771433337 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771433337 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771433337 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771433337 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771433337 0x13fbe0000 1077248 C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe 6.5.1.2700 Broadcom Corporation. Bluetooth Support Server 131545711771433337 0x7fef7340000 126976 C:\Program Files\ThinkPad\Bluetooth Software\BtwLeAPI.dll 6.5.1.2700 Broadcom Corporation. BtwLeAPI 131545711771433337 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771433337 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771433337 0x7fefbd30000 45056 C:\windows\system32\HID.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Hid User Library 131545711771433337 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771433337 0x7fefc0e0000 741376 C:\windows\system32\bthprops.cpl 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Bluetooth Control Panel Applet 131545711771433337 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771433337 0x7fefc880000 45056 C:\windows\system32\Secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771433337 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771433337 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771433337 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771433337 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771433337 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771433337 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771433337 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771433337 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771433337 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771433337 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771433337 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771433337 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771433337 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771433337 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771433337 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771433337 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771433337 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771433337 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771433337 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771433337 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771433337 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771433337 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771433337 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771433337 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771433337 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771433337 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771433337 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771433337 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 43 2512 824 6 00000000:000003e7 131545696930702752 0 0 1 System NT AUTHORITY\SYSTEM svchost.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe -k utcsvc Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771433710 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771433710 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771433710 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771433710 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771433710 0xffac0000 45056 C:\windows\System32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771433710 0x7fef65e0000 413696 c:\windows\system32\webio.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Web Transfer Protocols API 131545711771433710 0x7fef6680000 462848 c:\windows\system32\WINHTTP.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545711771433710 0x7fef6700000 32768 C:\windows\System32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771433710 0x7fef6a50000 1409024 c:\windows\system32\diagtrack.dll 10.0.10586.3 (th2_release_sec_b.160819-1749) Microsoft Corporation Microsoft Windows Diagnostics Tracking 131545711771433710 0x7fef6cb0000 237568 C:\windows\system32\aepic.dll 10.0.15156.1008 (WinBuild.160101.0800) Microsoft Corporation Application Experience Program Cache 131545711771433710 0x7fef8e80000 98304 C:\windows\System32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771433710 0x7fef8ea0000 69632 C:\windows\System32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771433710 0x7fef9870000 45056 C:\windows\System32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771433710 0x7fef99b0000 159744 C:\windows\System32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771433710 0x7fefa710000 212992 c:\windows\system32\XmlLite.dll 1.3.1001.0 Microsoft Corporation Microsoft XmlLite Library 131545711771433710 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771433710 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771433710 0x7fefb460000 90112 C:\windows\system32\Netapi32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545711771433710 0x7fefbe60000 249856 C:\windows\System32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771433710 0x7fefc1e0000 69632 c:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771433710 0x7fefc270000 40960 C:\windows\System32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771433710 0x7fefc470000 372736 C:\windows\System32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771433710 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771433710 0x7fefc7c0000 143360 C:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771433710 0x7fefc8b0000 139264 c:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771433710 0x7fefcad0000 151552 C:\windows\System32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771433710 0x7fefcce0000 61440 C:\windows\System32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771433710 0x7fefcdb0000 49152 C:\windows\System32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771433710 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771433710 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771433710 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771433710 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771433710 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771433710 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771433710 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771433710 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771433710 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771433710 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771433710 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771433710 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771433710 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771433710 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771433710 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771433710 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771433710 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771433710 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771433710 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771433710 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771433710 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 44 2564 824 6 00000000:000003e5 131545696930702752 0 0 1 System NT AUTHORITY\LOCAL SERVICE svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k HsfXAudioService Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771434078 0x10000000 495616 c:\windows\syswow64\xaudio64.dll 1.00.23.00 Conexant Systems, Inc. Modem Audio Service 131545711771434078 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771434078 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771434078 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771434078 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771434078 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771434078 0x7fefb630000 36864 C:\windows\system32\AVRT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545711771434078 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771434078 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771434078 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771434078 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771434078 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771434078 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771434078 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771434078 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771434078 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771434078 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771434078 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771434078 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771434078 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771434078 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 45 2608 824 6 00000000:000003e7 131545696933042756 0 0 0 System NT AUTHORITY\SYSTEM nsd.exe C:\Notes\nsd.exe C:\Notes\nsd.exe -svcinvoke -ini "C:\Notes\notes.ini" IBM 9.0.10.3261 wnsd 131545711771434441 0xb00000 12431360 C:\Notes\nsd.exe 9.0.10.3261 IBM wnsd 131545711771434441 0x70f40000 311296 C:\windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771434441 0x70fb0000 1134592 C:\Notes\dbghelp_x86_v6.8.40.dll 6.8.0004.0 (debuggers(dbg).070515-1751) Microsoft Corporation Windows Image Helper 131545711771434441 0x710d0000 782336 C:\windows\SysWOW64\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771434441 0x71190000 73728 C:\windows\SysWOW64\MPR.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545711771434441 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771434441 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771434441 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771434441 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771434441 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771434441 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771434441 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771434441 0x74c20000 393216 C:\windows\syswow64\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771434441 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771434441 0x74f10000 1114112 C:\windows\syswow64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771434441 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771434441 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771434441 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771434441 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771434441 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771434441 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771434441 0x75aa0000 20480 C:\windows\syswow64\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771434441 0x75be0000 24576 C:\windows\syswow64\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771434441 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771434441 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771434441 0x75f80000 217088 C:\windows\syswow64\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771434441 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771434441 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771434441 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771434441 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 46 2708 824 6 00000000:000003e7 131545696945366778 0 0 0 System NT AUTHORITY\SYSTEM CAMMUTE.exe C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe "C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe" Lenovo Group Limited 3.1.17.0 Camera Mute Control Service for Lenovo 131545711771434805 0x400000 69632 C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe 3.1.17.0 Lenovo Group Limited Camera Mute Control Service for Lenovo 131545711771434805 0x70ed0000 45056 C:\windows\SysWOW64\msdmo.dll 6.6.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation DMO Runtime 131545711771434805 0x70f90000 118784 C:\Program Files\Lenovo\Communications Utility\CommFunc.dll 3.1.17.0 Lenovo Group Limited Communications Utility Common Library 131545711771434805 0x748a0000 135168 C:\windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771434805 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771434805 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771434805 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771434805 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771434805 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771434805 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771434805 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771434805 0x74c80000 1691648 C:\windows\syswow64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771434805 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771434805 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771434805 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771434805 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771434805 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771434805 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771434805 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771434805 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771434805 0x754f0000 282624 C:\windows\syswow64\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771434805 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771434805 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771434805 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771434805 0x75830000 192512 C:\windows\syswow64\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771434805 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771434805 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771434805 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771434805 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771434805 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771434805 0x76ef0000 536576 C:\windows\syswow64\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771434805 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771434805 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771434805 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 47 2756 824 6 00000000:000003e7 131545696946614780 0 0 0 System NT AUTHORITY\SYSTEM TPKNRSVC.exe C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe "C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe" Lenovo Group Limited 3.1.17.0 Microphone volume control service 131545711771435165 0x400000 86016 C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 3.1.17.0 Lenovo Group Limited Microphone volume control service 131545711771435165 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771435165 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771435165 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771435165 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771435165 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771435165 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771435165 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771435165 0x74c20000 393216 C:\windows\syswow64\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771435165 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771435165 0x74f10000 1114112 C:\windows\syswow64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771435165 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771435165 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771435165 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771435165 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771435165 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771435165 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771435165 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771435165 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771435165 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771435165 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771435165 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771435165 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771435165 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 48 2808 824 6 00000000:000003e7 131545696947082781 0 0 0 System NT AUTHORITY\SYSTEM vcamsvc.exe C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe "C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe" Lenovo Group Limited 3.1.17.0 Lenovo Virtual Camera Controller 131545711771435533 0x400000 212992 C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe 3.1.17.0 Lenovo Group Limited Lenovo Virtual Camera Controller 131545711771435533 0x10000000 126976 C:\windows\SysWOW64\5U877.ax 1, 1, 0, 1147 Ricoh co.,Ltd. 5U877Prop.ax 131545711771435533 0x6fc60000 204800 C:\Windows\SysWOW64\qcap.dll 6.6.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DirectShow Runtime. 131545711771435533 0x6fca0000 1642496 C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_5c0be957a009922e\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711771435533 0x6fe40000 1536000 C:\Windows\SysWOW64\quartz.dll 6.6.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DirectShow Runtime. 131545711771435533 0x6ffc0000 573440 C:\Windows\SysWOW64\ODBC32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ODBC Driver Manager 131545711771435533 0x70050000 1163264 C:\Windows\SysWOW64\MFC42.dll 6.06.8063.0 Microsoft Corporation MFCDLL Shared Library - Retail Version 131545711771435533 0x70170000 1847296 C:\Windows\SysWOW64\d3d9.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Direct3D 9 Runtime 131545711771435533 0x70340000 2654208 C:\Program Files\Lenovo\Communications Utility\cv210.dll 131545711771435533 0x705d0000 581632 C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C++ Runtime Library 131545711771435533 0x70660000 2220032 C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 131545711771435533 0x70880000 208896 C:\windows\SysWOW64\MFReadWrite.dll 12.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Media Foundation ReadWrite DLL 131545711771435533 0x708c0000 81920 C:\windows\SysWOW64\ATL.DLL 3.05.2284 Microsoft Corporation ATL Module for Windows XP (Unicode) 131545711771435533 0x708e0000 3223552 C:\windows\SysWOW64\MF.dll 12.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Media Foundation DLL 131545711771435533 0x70c00000 135168 C:\Windows\SysWOW64\MSVFW32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Video for Windows DLL 131545711771435533 0x70c30000 28672 C:\windows\SysWOW64\AVRT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545711771435533 0x70c40000 368640 C:\windows\SysWOW64\MFPlat.DLL 12.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Media Foundation Platform DLL 131545711771435533 0x70ca0000 229376 C:\Windows\SysWOW64\odbcint.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation ODBC Resources 131545711771435533 0x70ce0000 118784 C:\Windows\SysWOW64\kswdmcap.ax 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WDM Streaming Video Capture 131545711771435533 0x70d00000 634880 C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll 8.00.50727.6195 Microsoft Corporation Microsoft® C Runtime Library 131545711771435533 0x70da0000 540672 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771435533 0x70e30000 208896 C:\Windows\SysWOW64\ksproxy.ax 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WDM Streaming ActiveMovie Proxy 131545711771435533 0x70e70000 16384 C:\windows\SysWOW64\ksuser.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation User CSA Library 131545711771435533 0x70e80000 53248 C:\windows\SysWOW64\WTSAPI32.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771435533 0x70e90000 204800 C:\Windows\SysWOW64\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771435533 0x70ed0000 45056 C:\windows\SysWOW64\msdmo.dll 6.6.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation DMO Runtime 131545711771435533 0x70ee0000 77824 C:\Windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771435533 0x70f00000 81920 C:\Windows\SysWOW64\devenum.dll 6.6.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Device enumeration. 131545711771435533 0x70f30000 24576 C:\Windows\SysWOW64\d3d8thk.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Direct3D OS Thunk Layer 131545711771435533 0x70f90000 118784 C:\Program Files\Lenovo\Communications Utility\CommFunc.dll 3.1.17.0 Lenovo Group Limited Communications Utility Common Library 131545711771435533 0x72c10000 667648 C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C Runtime Library 131545711771435533 0x748a0000 135168 C:\windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771435533 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771435533 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771435533 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771435533 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771435533 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771435533 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771435533 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771435533 0x74c80000 1691648 C:\windows\syswow64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771435533 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771435533 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771435533 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771435533 0x75050000 503808 C:\windows\syswow64\comdlg32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771435533 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771435533 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771435533 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771435533 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771435533 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771435533 0x754f0000 282624 C:\windows\syswow64\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771435533 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771435533 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771435533 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771435533 0x75830000 192512 C:\windows\syswow64\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771435533 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771435533 0x75be0000 24576 C:\windows\syswow64\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771435533 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771435533 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771435533 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771435533 0x75f80000 217088 C:\windows\syswow64\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771435533 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771435533 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771435533 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771435533 0x76ef0000 536576 C:\windows\syswow64\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771435533 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771435533 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771435533 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 49 2848 824 6 00000000:000003e7 131545696952230790 0 0 0 System NT AUTHORITY\SYSTEM SUService.exe C:\Notes\SUService.exe C:\Notes\SUService.exe IBM Corp 9.0.10.13287 IBM Notes/Domino 131545711771435901 0x1350000 1687552 C:\Notes\SUService.exe 9.0.10.13287 IBM Corp IBM Notes/Domino 131545711771435901 0x6fb60000 524288 C:\windows\SysWOW64\UxTheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771435901 0x6fca0000 1642496 C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_5c0be957a009922e\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711771435901 0x70da0000 540672 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771435901 0x70e90000 204800 C:\windows\SysWOW64\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771435901 0x70ee0000 77824 C:\windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771435901 0x70f20000 20480 C:\windows\SysWOW64\MSIMG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545711771435901 0x748a0000 135168 C:\windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771435901 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771435901 0x74900000 331776 C:\windows\SysWOW64\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771435901 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771435901 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771435901 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771435901 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771435901 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771435901 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771435901 0x74c20000 393216 C:\windows\syswow64\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771435901 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771435901 0x74f10000 1114112 C:\windows\syswow64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771435901 0x75050000 503808 C:\windows\syswow64\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771435901 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771435901 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771435901 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771435901 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771435901 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771435901 0x754f0000 282624 C:\windows\syswow64\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771435901 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771435901 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771435901 0x757c0000 393216 C:\windows\syswow64\IMM32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771435901 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771435901 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771435901 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771435901 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771435901 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771435901 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771435901 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771435901 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 50 2892 824 6 00000000:000003e7 131545696955038794 0 0 0 System NT AUTHORITY\SYSTEM ntmulti.exe C:\Notes\ntmulti.exe C:\Notes\ntmulti.exe IBM Corp 9.0.10.13287 IBM Notes/Domino 131545711771436269 0x1130000 45056 C:\Notes\ntmulti.exe 9.0.10.13287 IBM Corp IBM Notes/Domino 131545711771436269 0x6fb50000 20480 C:\windows\SysWOW64\SHFOLDER.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Folder Service 131545711771436269 0x70e80000 53248 C:\windows\SysWOW64\WTSAPI32.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771436269 0x710d0000 782336 C:\windows\SysWOW64\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771436269 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771436269 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771436269 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771436269 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771436269 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771436269 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771436269 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771436269 0x74c20000 393216 C:\windows\syswow64\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771436269 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771436269 0x74f10000 1114112 C:\windows\syswow64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771436269 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771436269 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771436269 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771436269 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771436269 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771436269 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771436269 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771436269 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771436269 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771436269 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771436269 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771436269 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771436269 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771436269 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 51 3052 824 6 00000000:000003e7 131545696959616814 0 0 1 System NT AUTHORITY\SYSTEM UPOSSysMgmt.exe C:\POS\sysmgmt\UPOSSysMgmt.exe C:\POS\sysmgmt\UPOSSysMgmt.exe Toshiba Global Commerce Solutions, Inc. 1.14.2.4 (x64) Toshiba UPOS System Management Services for Windows 131545711771436633 0x12000000 2830336 C:\POS\dll\xml4c_5_8.dll 2, 7, 0 Apache Software Foundation Shared Library for Xerces-C Version 2.7.0 131545711771436633 0x6e540000 102400 C:\POS\dll\XML4CMessages5_8.dll 131545711771436633 0x6f6d0000 1298432 C:\POS\dll\icuuc48.dll 4, 8, 1, 1 The ICU Project ICU Common DLL 131545711771436633 0x74a90000 860160 C:\windows\system32\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771436633 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771436633 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771436633 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771436633 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771436633 0x13f480000 393216 C:\POS\sysmgmt\UPOSSysMgmt.exe 1.14.2.4 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba UPOS System Management Services for Windows 131545711771436633 0x7fef6c80000 155648 C:\windows\system32\wbem\wmiutils.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771436633 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771436633 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771436633 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771436633 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771436633 0x7fef9880000 925696 C:\windows\system32\wbem\FastProx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771436633 0x7fef9970000 204800 C:\windows\system32\wbem\wmidcprv.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771436633 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771436633 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771436633 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771436633 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771436633 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771436633 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771436633 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771436633 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771436633 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771436633 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771436633 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771436633 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771436633 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771436633 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771436633 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771436633 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771436633 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771436633 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771436633 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771436633 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771436633 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771436633 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771436633 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 52 1640 824 6 00000000:000003e7 131545696964764823 0 0 0 System NT AUTHORITY\SYSTEM TPHKSVC.exe C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe "C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe" Lenovo Group Limited 2.31 On screen display Fn+Fx handler 131545711771437001 0x1150000 139264 C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 2.31 Lenovo Group Limited On screen display Fn+Fx handler 131545711771437001 0x10000000 139264 C:\Program Files\LENOVO\HOTKEY\ENLPU32.DLL 1.00 Lenovo Group Limited Lenovo Patch Utility Handler 131545711771437001 0x6fb10000 167936 C:\windows\SysWOW64\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771437001 0x70e80000 53248 C:\windows\SysWOW64\WTSAPI32.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771437001 0x70f40000 311296 C:\windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771437001 0x72bf0000 90112 C:\windows\SysWOW64\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771437001 0x72cc0000 249856 C:\windows\SysWOW64\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771437001 0x72d00000 233472 C:\windows\SysWOW64\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771437001 0x72e70000 94208 C:\windows\SysWOW64\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library (Wow64) 131545711771437001 0x72ff0000 241664 C:\windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771437001 0x73030000 94208 C:\windows\SysWOW64\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771437001 0x748a0000 135168 C:\windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771437001 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771437001 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771437001 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771437001 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771437001 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771437001 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771437001 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771437001 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771437001 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771437001 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771437001 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771437001 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771437001 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771437001 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771437001 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771437001 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771437001 0x754f0000 282624 C:\windows\syswow64\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771437001 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771437001 0x75790000 176128 C:\windows\syswow64\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771437001 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771437001 0x75830000 192512 C:\windows\syswow64\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771437001 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771437001 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771437001 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771437001 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771437001 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771437001 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771437001 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771437001 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771437001 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771437001 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 53 1584 824 6 00000000:000003e7 131545696967572828 0 0 1 System NT AUTHORITY\SYSTEM TPHKLOAD.exe C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe "C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe" Lenovo Group Limited 1.41 ThinkPad Message Client Loader 131545711771437374 0x120000 110592 C:\PROGRA~1\Lenovo\Zoom\TPFSM.DLL 1.20 Lenovo Group Limited ThinkPad Message Transmitter for UltraZoom 131545711771437374 0x170000 192512 C:\Program Files\LENOVO\HOTKEY\spkvol.dll 1.02 Lenovo Group Limited Helper dll for audio volume indicator 131545711771437374 0x1d0000 196608 C:\Program Files\LENOVO\HOTKEY\lcdbl.dll 1.02 Lenovo Group Limited Helper dll for LCD brightness indicator 131545711771437374 0x4d0000 110592 C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.DLL 1.01 Lenovo Group Limited ThinkPad Message Transmitter for Shortcut Hot Keys 131545711771437374 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771437374 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771437374 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771437374 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771437374 0x13f090000 143360 C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe 1.41 Lenovo Group Limited ThinkPad Message Client Loader 131545711771437374 0x180000000 155648 C:\Program Files\LENOVO\HOTKEY\ENLPU.DLL 1.00 Lenovo Group Limited Lenovo Patch Utility Handler 131545711771437374 0x7fef6710000 147456 C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.DLL 2.10 Lenovo Group Limited ThinkPad Message Transmitter for On Screen Display 131545711771437374 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771437374 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771437374 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771437374 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771437374 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771437374 0x7fefa940000 323584 C:\windows\system32\AUDIOSES.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Audio Session 131545711771437374 0x7fefb790000 1228800 C:\windows\System32\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771437374 0x7fefb8c0000 307200 C:\windows\System32\MMDevApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545711771437374 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771437374 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771437374 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771437374 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771437374 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771437374 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771437374 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771437374 0x7fefc8e0000 327680 C:\windows\system32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771437374 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771437374 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771437374 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771437374 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771437374 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771437374 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771437374 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771437374 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771437374 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771437374 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771437374 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771437374 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771437374 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771437374 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771437374 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771437374 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771437374 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771437374 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771437374 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771437374 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771437374 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771437374 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771437374 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771437374 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771437374 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771437374 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771437374 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771437374 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771437374 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771437374 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771437374 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 54 2204 1640 52 00000000:000003e7 131545696968508830 0 0 1 System NT AUTHORITY\SYSTEM tpnumlk.exe C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe Lenovo Group Limited 1.20 NumLock indicator for ThinkPad 131545711771437793 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771437793 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771437793 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771437793 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771437793 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771437793 0x140000000 176128 C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe 1.20 Lenovo Group Limited NumLock indicator for ThinkPad 131545711771437793 0x180000000 155648 C:\PROGRA~1\LENOVO\HOTKEY\enlpu.dll 1.00 Lenovo Group Limited Lenovo Patch Utility Handler 131545711771437793 0x7fefa040000 344064 C:\windows\system32\OLEACC.DLL 7.0.0.0 (win7sp1_ldr.160325-0600) Microsoft Corporation Active Accessibility Core Component 131545711771437793 0x7fefa410000 1445888 C:\windows\system32\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545711771437793 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771437793 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771437793 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771437793 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771437793 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771437793 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771437793 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771437793 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771437793 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771437793 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771437793 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771437793 0x7fefc8e0000 327680 C:\windows\system32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771437793 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771437793 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771437793 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771437793 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771437793 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771437793 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771437793 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771437793 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771437793 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771437793 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771437793 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771437793 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771437793 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771437793 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771437793 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771437793 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771437793 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771437793 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771437793 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771437793 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771437793 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771437793 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771437793 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771437793 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771437793 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 55 2348 824 6 00000000:000003e7 131545696970380833 0 0 0 System NT AUTHORITY\SYSTEM MICMUTE.exe C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe "C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe" Lenovo Group Limited 1.31 Microphone Mute Controll Service for ThinkPad 131545711771438247 0x400000 143360 C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 1.31 Lenovo Group Limited Microphone Mute Controll Service for ThinkPad 131545711771438247 0x11f0000 212992 C:\Program Files\LENOVO\HOTKEY\micmute6.dll 1.06 Lenovo Group Limited On screen display microphone mute button helper dll for Vista 131545711771438247 0x10000000 139264 C:\Program Files\LENOVO\HOTKEY\ENLPU32.DLL 1.00 Lenovo Group Limited Lenovo Patch Utility Handler 131545711771438247 0x6dd10000 221184 C:\windows\SysWOW64\AUDIOSES.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Audio Session 131545711771438247 0x6deb0000 1003520 C:\windows\SysWOW64\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771438247 0x6dfb0000 233472 C:\windows\SysWOW64\MMDevApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545711771438247 0x6e090000 245760 C:\windows\SysWOW64\OLEACC.dll 7.0.0.0 (win7sp1_ldr.160325-0600) Microsoft Corporation Active Accessibility Core Component 131545711771438247 0x70e80000 53248 C:\windows\SysWOW64\WTSAPI32.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771438247 0x70f40000 311296 C:\windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771438247 0x72bf0000 90112 C:\windows\SysWOW64\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771438247 0x72cc0000 249856 C:\windows\SysWOW64\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771438247 0x72d00000 233472 C:\windows\SysWOW64\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771438247 0x72e70000 94208 C:\windows\SysWOW64\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library (Wow64) 131545711771438247 0x72ff0000 241664 C:\windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771438247 0x73030000 94208 C:\windows\SysWOW64\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771438247 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771438247 0x74900000 331776 C:\windows\SysWOW64\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771438247 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771438247 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771438247 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771438247 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771438247 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771438247 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771438247 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771438247 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771438247 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771438247 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771438247 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771438247 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771438247 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771438247 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771438247 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771438247 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771438247 0x75790000 176128 C:\windows\syswow64\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771438247 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771438247 0x75830000 192512 C:\windows\syswow64\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771438247 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771438247 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771438247 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771438247 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771438247 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771438247 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771438247 0x76ef0000 536576 C:\windows\syswow64\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771438247 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771438247 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771438247 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 56 3280 824 6 00000000:000003e7 131545697000332886 0 0 1 System NT AUTHORITY\SYSTEM aiptraced.exe C:\POS\bin\aiptraced.exe C:\POS\bin\aiptraced.exe Toshiba Global Commerce Solutions, Inc. 11.2.0.45 (x64) Toshiba POSS Trace Deamon 131545711771438611 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771438611 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771438611 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771438611 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771438611 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771438611 0x13f7e0000 176128 C:\POS\bin\aiptraced.exe 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba POSS Trace Deamon 131545711771438611 0x7fef5c30000 45056 C:\windows\System32\winrnr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation LDAP RnR Provider DLL 131545711771438611 0x7fef5c60000 65536 C:\windows\system32\wshbth.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Sockets Helper DLL 131545711771438611 0x7fef5c90000 102400 C:\windows\system32\pnrpnsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PNRP Name Space Provider 131545711771438611 0x7fef5cb0000 86016 C:\windows\system32\napinsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation E-mail Naming Shim Provider 131545711771438611 0x7fef6070000 212992 C:\POS\bin\aiputil64.dll 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba Point of Sale Base System Utilities (64-bit) 131545711771438611 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771438611 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771438611 0x7fef99b0000 159744 C:\windows\system32\Iphlpapi.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771438611 0x7fefb3d0000 86016 C:\windows\system32\NLAapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771438611 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771438611 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771438611 0x7fefc5f0000 348160 C:\windows\System32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771438611 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771438611 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771438611 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771438611 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771438611 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771438611 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771438611 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771438611 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771438611 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771438611 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771438611 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771438611 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771438611 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771438611 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771438611 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771438611 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771438611 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 57 3304 824 6 00000000:000003e7 131545697002516890 0 0 1 System NT AUTHORITY\SYSTEM UI0Detect.exe C:\windows\system32\UI0Detect.exe C:\windows\system32\UI0Detect.exe Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Interactive services detection 131545711771438983 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771438983 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771438983 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771438983 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771438983 0xff230000 57344 C:\windows\system32\UI0Detect.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Interactive services detection 131545711771438983 0x7fef6040000 28672 C:\windows\system32\wls0wndh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Session0 Viewer Window Hook DLL 131545711771438983 0x7fefa410000 1445888 C:\windows\system32\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545711771438983 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771438983 0x7fefa8c0000 274432 C:\windows\system32\DUser.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows DirectUser Engine 131545711771438983 0x7fefada0000 352256 C:\windows\system32\UxTheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771438983 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771438983 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771438983 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771438983 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771438983 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771438983 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771438983 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771438983 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771438983 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771438983 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771438983 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771438983 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771438983 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771438983 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771438983 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771438983 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771438983 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771438983 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771438983 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771438983 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 58 3512 824 6 00000000:000003e4 131545697004544893 0 0 1 System NT AUTHORITY\NETWORK SERVICE svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Services 131545711771439347 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771439347 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771439347 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771439347 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771439347 0xffac0000 45056 C:\windows\system32\svchost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Services 131545711771439347 0x7fef5c40000 90112 c:\windows\system32\FwRemoteSvr.DLL 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Windows Firewall Remote APIs Server 131545711771439347 0x7fef5cd0000 516096 c:\windows\system32\ipsecsvc.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows IPsec SPD Server DLL 131545711771439347 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771439347 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771439347 0x7fef8ed0000 339968 c:\windows\system32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771439347 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771439347 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771439347 0x7fefbb60000 770048 c:\windows\system32\FirewallAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711771439347 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771439347 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771439347 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771439347 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771439347 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771439347 0x7fefc930000 192512 c:\windows\system32\AUTHZ.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Authorization Framework 131545711771439347 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771439347 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771439347 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771439347 0x7fefcdb0000 49152 c:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771439347 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771439347 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771439347 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771439347 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771439347 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771439347 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771439347 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771439347 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771439347 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771439347 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771439347 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771439347 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771439347 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771439347 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771439347 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771439347 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 59 3712 824 6 00000000:000003e7 131545697012812908 0 0 1 System NT AUTHORITY\SYSTEM aipanposd.exe C:\POS\bin\aipanposd.exe C:\POS\bin\aipanposd.exe Toshiba Global Commerce Solutions, Inc. 11.2.0.45 (x64) Toshiba ANPOS Keyboard Setup 131545711771439715 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771439715 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771439715 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771439715 0x13f900000 163840 C:\POS\bin\aipanposd.exe 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba ANPOS Keyboard Setup 131545711771439715 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771439715 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771439715 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771439715 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771439715 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 60 3760 1008 18 00000000:000003e7 131545697017492916 0 0 1 System NT AUTHORITY\SYSTEM wmiprvse.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\wbem\wmiprvse.exe Microsoft Corporation 6.1.7601.17514 (win7sp1_rtm.101119-1850) WMI Provider Host 131545711771440079 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771440079 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771440079 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771440079 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771440079 0xff8d0000 389120 C:\windows\system32\wbem\wmiprvse.exe 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI Provider Host 131545711771440079 0x7fef5ad0000 245760 C:\windows\system32\wbem\wmiprov.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation WMI 131545711771440079 0x7fef6130000 90112 C:\windows\system32\NCObjAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation 131545711771440079 0x7fef6570000 454656 C:\windows\system32\wbem\esscli.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771440079 0x7fef6c80000 155648 C:\windows\system32\wbem\wmiutils.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771440079 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545714271966538 0x7fef9380000 61440 C:\Windows\System32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771440079 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771440079 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771440079 0x7fef9880000 925696 C:\windows\system32\wbem\FastProx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771440079 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771440079 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771440079 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771440079 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771440079 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771440079 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771440079 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771440079 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771440079 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771440079 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771440079 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771440079 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771440079 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771440079 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771440079 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771440079 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771440079 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771440079 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771440079 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771440079 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771440079 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771440079 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771440079 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 61 3800 1008 18 00000000:000003e4 131545697020924922 131545713493316419 0 1 System NT AUTHORITY\NETWORK SERVICE wmiprvse.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\wbem\wmiprvse.exe Microsoft Corporation 6.1.7601.17514 (win7sp1_rtm.101119-1850) WMI Provider Host 131545711771440447 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771440447 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771440447 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771440447 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771440447 0xff8d0000 389120 C:\windows\system32\wbem\wmiprvse.exe 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI Provider Host 131545711771440447 0x7fef5460000 61440 C:\windows\system32\cscapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Offline Files Win32 API 131545711771440447 0x7fef5490000 45056 C:\windows\System32\perfos.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows System Performance Objects DLL 131545711771440447 0x7fef5880000 311296 C:\windows\system32\framedynos.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI SDK Provider Framework 131545711771440447 0x7fef58d0000 2072576 C:\windows\system32\wbem\cimwin32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Win32 Provider 131545711771440447 0x7fef6130000 90112 C:\windows\system32\NCObjAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation 131545711771440447 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771440447 0x7fef6c80000 155648 C:\windows\system32\wbem\wmiutils.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771440447 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771440447 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771440447 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771440447 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771440447 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771440447 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771440447 0x7fef9880000 925696 C:\windows\system32\wbem\FastProx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771440447 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771440447 0x7fefa0a0000 462848 C:\windows\system32\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771440447 0x7fefa390000 32768 C:\windows\system32\WINBRAND.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Branding Resources 131545711771440447 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771440447 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771440447 0x7fefbd00000 180224 C:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771440447 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771440447 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771440447 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771440447 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771440447 0x7fefc3e0000 360448 C:\windows\system32\schannel.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation TLS / SSL Security Provider 131545711771440447 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771440447 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771440447 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771440447 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771440447 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771440447 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771440447 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771440447 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771440447 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771440447 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771440447 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771440447 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771440447 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771440447 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771440447 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771440447 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771440447 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771440447 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771440447 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771440447 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771440447 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771440447 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771440447 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771440447 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771440447 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771440447 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771440447 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771440447 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771440447 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771440447 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771440447 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 62 3860 824 6 00000000:000003e7 131545697025292930 0 0 1 System NT AUTHORITY\SYSTEM aipctrld.exe C:\POS\bin\aipctrld.exe C:\POS\bin\aipctrld.exe Toshiba Global Commerce Solutions, Inc. 11.2.0.45 (x64) Toshiba POSS Control Program Service 131545711771440819 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771440819 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771440819 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771440819 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771440819 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771440819 0x13f460000 204800 C:\POS\bin\aipctrld.exe 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba POSS Control Program Service 131545711771440819 0x7fef55b0000 81920 C:\POS\dll\aipkbswp.dll 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba POS USB Keyboard Mode Switcher 131545711771440819 0x7fef55d0000 331776 C:\windows\system32\newdev.dll 6.0.5054.0 Microsoft Corporation Add Hardware Device Library 131545711771440819 0x7fef5630000 102400 C:\POS\dll\aiptrace64.dll 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba POS Unified Tracing (64-bit) 131545711771440819 0x7fef5680000 1200128 C:\windows\system32\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545711771440819 0x7fef57b0000 176128 C:\POS\dll\aipusb.dll 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba POS USB Interface 131545711771440819 0x7fef57e0000 69632 C:\POS\dll\aiphid.dll 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba Point of Sale USB HID Interface 131545711771440819 0x7fef5800000 495616 C:\POS\bin\aipsys.dll 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba Point of Sale Base System 131545711771440819 0x7fef5c30000 45056 C:\windows\System32\winrnr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation LDAP RnR Provider DLL 131545711771440819 0x7fef5c60000 65536 C:\windows\system32\wshbth.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Sockets Helper DLL 131545711771440819 0x7fef5c90000 102400 C:\windows\system32\pnrpnsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PNRP Name Space Provider 131545711771440819 0x7fef5cb0000 86016 C:\windows\system32\napinsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation E-mail Naming Shim Provider 131545711771440819 0x7fef6070000 212992 C:\POS\bin\aiputil64.dll 11.2.0.45 (x64) Toshiba Global Commerce Solutions, Inc. Toshiba Point of Sale Base System Utilities (64-bit) 131545711771440819 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771440819 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771440819 0x7fef99b0000 159744 C:\windows\system32\Iphlpapi.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771440819 0x7fefada0000 352256 C:\windows\system32\UxTheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771440819 0x7fefb3d0000 86016 C:\windows\system32\NLAapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771440819 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771440819 0x7fefbd30000 45056 C:\windows\system32\hid.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Hid User Library 131545711771440819 0x7fefbdb0000 73728 C:\windows\system32\devrtl.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771440819 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771440819 0x7fefc5f0000 348160 C:\windows\System32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771440819 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771440819 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771440819 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771440819 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771440819 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771440819 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771440819 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771440819 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771440819 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771440819 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771440819 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771440819 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771440819 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771440819 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771440819 0x7fefe7d0000 1929216 C:\windows\system32\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771440819 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771440819 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771440819 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771440819 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771440819 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771440819 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771440819 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 63 4056 1008 18 00000000:000003e7 131545697067413004 0 0 1 System NT AUTHORITY\SYSTEM unsecapp.exe C:\windows\system32\wbem\unsecapp.exe C:\windows\system32\wbem\unsecapp.exe -Embedding Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Sink to receive asynchronous callbacks for WMI client application 131545711771441196 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771441196 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771441196 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771441196 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771441196 0xffaa0000 61440 C:\windows\system32\wbem\unsecapp.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Sink to receive asynchronous callbacks for WMI client application 131545711771441196 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771441196 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771441196 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771441196 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771441196 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771441196 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771441196 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771441196 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771441196 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771441196 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771441196 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771441196 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771441196 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771441196 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771441196 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771441196 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771441196 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771441196 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771441196 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771441196 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771441196 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771441196 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771441196 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771441196 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771441196 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 64 4268 5116 65 00000000:000003e7 131545698357761274 0 0 0 System NT AUTHORITY\SYSTEM GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe "C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe" Google Inc. 1.3.33.5 Google Crash Handler 131545711771442014 0x820000 303104 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe 1.3.33.5 Google Inc. Google Crash Handler 131545711771442014 0x6bdd0000 12288 C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771442014 0x6d7c0000 61440 C:\windows\SysWOW64\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771442014 0x6d7d0000 102400 C:\windows\SysWOW64\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771442014 0x6d7f0000 36864 C:\windows\SysWOW64\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771442014 0x6d800000 69632 C:\windows\SysWOW64\NETAPI32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545711771442014 0x730a0000 962560 C:\windows\SysWOW64\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545711771442014 0x748a0000 135168 C:\windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771442014 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771442014 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771442014 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771442014 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771442014 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771442014 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771442014 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771442014 0x74c20000 393216 C:\windows\syswow64\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771442014 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771442014 0x74f10000 1114112 C:\windows\syswow64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771442014 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771442014 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771442014 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771442014 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771442014 0x754f0000 282624 C:\windows\syswow64\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771442014 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771442014 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771442014 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771442014 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771442014 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771442014 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771442014 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771442014 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771442014 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771442014 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771442014 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 66 3740 5116 65 00000000:000003e7 131545698428429398 0 0 1 System NT AUTHORITY\SYSTEM GoogleCrashHandler64.exe C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe "C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe" Google Inc. 1.3.33.5 Google Crash Handler 131545711771442853 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771442853 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771442853 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771442853 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771442853 0x13ff30000 380928 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe 1.3.33.5 Google Inc. Google Crash Handler 131545711771442853 0x7fef5680000 1200128 C:\windows\system32\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545711771442853 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771442853 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771442853 0x7fefb460000 90112 C:\windows\system32\NETAPI32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545711771442853 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771442853 0x7fefbd40000 12288 C:\windows\system32\api-ms-win-core-synch-l1-2-0.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771442853 0x7fefc7c0000 143360 C:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771442853 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771442853 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771442853 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771442853 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771442853 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771442853 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771442853 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771442853 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771442853 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771442853 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771442853 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771442853 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771442853 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771442853 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771442853 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771442853 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771442853 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771442853 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771442853 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 67 1624 824 6 00000000:0019621a 131545708219318595 0 0 1 Medium USDEVR9K0NHD\sramka taskhost.exe C:\windows\system32\taskhost.exe "taskhost.exe" Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Host Process for Windows Tasks 131545711771443336 0x74860000 24576 C:\windows\system32\ksuser.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation User CSA Library 131545711771443336 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771443336 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771443336 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771443336 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771443336 0x77360000 28672 C:\windows\system32\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771443336 0x77370000 12288 C:\windows\system32\normaliz.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711771443336 0xffce0000 81920 C:\windows\system32\taskhost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host Process for Windows Tasks 131545711771443336 0x7feefbf0000 294912 C:\Program Files\Internet Explorer\sqmapi.dll 6.2.9200.16384 (win8_rtm.120725-1247) Microsoft Corporation SQM Client 131545711771443336 0x7fef4b60000 2596864 C:\windows\system32\ESENT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Extensible Storage Engine for Microsoft(R) Windows(R) 131545711771443336 0x7fef5d80000 49152 C:\windows\System32\npmproxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network List Manager Proxy 131545711771443336 0x7fef6210000 475136 C:\windows\System32\netprofm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network List Manager 131545711771443336 0x7fefa6c0000 249856 C:\windows\system32\MSUTB.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSUTB Server DLL 131545711771443336 0x7fefa700000 45056 C:\windows\system32\MsCtfMonitor.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MsCtfMonitor DLL 131545711771443336 0x7fefa750000 57344 C:\windows\system32\dimsjob.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DIMS Job DLL 131545711771443336 0x7fefa760000 98304 C:\windows\System32\PlaySndSrv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PlaySound Service 131545711771443336 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771443336 0x7fefa8b0000 36864 C:\windows\system32\midimap.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft MIDI Mapper 131545711771443336 0x7fefa910000 98304 C:\windows\system32\MSACM32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft ACM Audio Filter 131545711771443336 0x7fefa930000 40960 C:\windows\system32\msacm32.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Sound Mapper 131545711771443336 0x7fefa940000 323584 C:\windows\system32\AUDIOSES.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Audio Session 131545711771443336 0x7fefab00000 241664 C:\windows\system32\wdmaud.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winmm audio system driver 131545711771443336 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771443336 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771443336 0x7fefb2e0000 45056 C:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771443336 0x7fefb3a0000 49152 C:\windows\system32\dsrole.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DS Role Client DLL 131545711771443336 0x7fefb3d0000 86016 C:\windows\System32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771443336 0x7fefb630000 36864 C:\windows\system32\AVRT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545711771443336 0x7fefb770000 45056 C:\windows\System32\HotStartUserAgent.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows HotStart User Agent 131545711771443336 0x7fefb780000 16384 C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771443336 0x7fefb790000 1228800 C:\windows\system32\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771443336 0x7fefb8c0000 307200 C:\windows\system32\MMDevAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545711771443336 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771443336 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771443336 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771443336 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771443336 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771443336 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771443336 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771443336 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771443336 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771443336 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771443336 0x7fefced0000 12288 C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771443336 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771443336 0x7fefcf40000 20480 C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771443336 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771443336 0x7fefd100000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771443336 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771443336 0x7fefd180000 16384 C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771443336 0x7fefd190000 16384 C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771443336 0x7fefd1a0000 16384 C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771443336 0x7fefd2f0000 2928640 C:\windows\system32\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711771443336 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771443336 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771443336 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771443336 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771443336 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771443336 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771443336 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771443336 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771443336 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771443336 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771443336 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771443336 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771443336 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771443336 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771443336 0x7fefef50000 3280896 C:\windows\system32\wininet.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711771443336 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771443336 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 68 4784 700 20 00000000:0019621a 131545708219474595 0 0 1 Medium USDEVR9K0NHD\sramka LPlatSvc.exe C:\windows\system32\LPlatSvc.exe "C:\windows\system32\LPlatSvc.exe" -EM Lenovo. 1.67.13.12 Lenovo Platform Service 131545711771443726 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771443726 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771443726 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771443726 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771443726 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771443726 0x13f4f0000 778240 C:\windows\system32\LPlatSvc.exe 1.67.13.12 Lenovo. Lenovo Platform Service 131545711771443726 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771443726 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771443726 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771443726 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771443726 0x7fefbd00000 180224 C:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771443726 0x7fefbd30000 45056 C:\windows\system32\HID.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Hid User Library 131545711771443726 0x7fefbd40000 12288 C:\windows\system32\api-ms-win-core-synch-l1-2-0.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771443726 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771443726 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771443726 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771443726 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771443726 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771443726 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771443726 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771443726 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771443726 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771443726 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771443726 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771443726 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771443726 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771443726 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771443726 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771443726 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771443726 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771443726 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771443726 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771443726 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771443726 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771443726 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 69 3644 1256 26 00000000:0019621a 131545708226806608 0 0 1 Medium USDEVR9K0NHD\sramka Dwm.exe C:\windows\system32\Dwm.exe "C:\windows\system32\Dwm.exe" Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Desktop Window Manager 131545711771444094 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771444094 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771444094 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771444094 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771444094 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771444094 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771444094 0xffa20000 143360 C:\windows\system32\Dwm.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Desktop Window Manager 131545711771444094 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711771444094 0x7fef1cc0000 17637376 C:\windows\system32\nvwgf2umx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA D3D10 Driver, Version 354.45 131545711771444094 0x7fef3030000 14987264 C:\windows\system32\igd10umd64.dll 8.15.10.2538 Intel Corporation LDDM User Mode Driver for Intel(R) Graphics Technology 131545711771444094 0x7fef4f70000 1921024 C:\windows\system32\d3d11.dll 6.2.9200.20807 (win8_ldr.130822-1706) Microsoft Corporation Direct3D 11 Runtime 131545711771444094 0x7fef5150000 1646592 C:\windows\system32\dwmcore.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft DWM Core Library 131545711771444094 0x7fef8420000 356352 C:\windows\system32\uDWM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager 131545711771444094 0x7fef8850000 380928 C:\windows\system32\dxgi.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation DirectX Graphics Infrastructure 131545711771444094 0x7fef8fe0000 1138688 C:\windows\system32\nvumdshimx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA D3D Shim Driver, Version 354.45 131545711771444094 0x7fef9390000 3575808 C:\windows\system32\nvapi64.dll 10.18.13.5445 NVIDIA Corporation NVIDIA NVAPI Library, Version 354.45 131545711771444094 0x7fefa3b0000 356352 C:\windows\system32\d3d10_1core.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Direct3D 10.1 Runtime 131545711771444094 0x7fefa410000 1445888 C:\windows\system32\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545711771444094 0x7fefa5b0000 212992 C:\windows\system32\d3d10_1.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Direct3D 10.1 Runtime 131545711771444094 0x7fefa5f0000 159744 C:\windows\system32\dwmredir.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager Redirection Component 131545711771444094 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771444094 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771444094 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771444094 0x7fefada0000 352256 C:\windows\system32\UxTheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771444094 0x7fefb2e0000 45056 C:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771444094 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771444094 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771444094 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771444094 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771444094 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771444094 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771444094 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771444094 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771444094 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771444094 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771444094 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771444094 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771444094 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771444094 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771444094 0x7fefda10000 14196736 C:\windows\system32\Shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771444094 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771444094 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771444094 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771444094 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771444094 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771444094 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771444094 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771444094 0x7feff480000 188416 C:\windows\system32\IMM32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 70 1304 1320 28 00000000:0019621a 131545708228834611 0 0 1 Medium USDEVR9K0NHD\sramka taskeng.exe C:\windows\system32\taskeng.exe taskeng.exe {3214C6DA-4DBA-4898-89B7-76C94084A86B} Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Task Scheduler Engine 131545711771444462 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771444462 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771444462 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771444462 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771444462 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771444462 0xff0f0000 479232 C:\windows\system32\taskeng.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler Engine 131545711771444462 0x7fef8480000 36864 C:\Windows\system32\tschannel.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler Proxy 131545711771444462 0x7fef8720000 40960 C:\windows\system32\ktmw32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows KTM Win32 Client DLL 131545711771444462 0x7fefa710000 212992 C:\windows\system32\XmlLite.dll 1.3.1001.0 Microsoft Corporation Microsoft XmlLite Library 131545711771444462 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771444462 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771444462 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771444462 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771444462 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771444462 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771444462 0x7fefc970000 446464 C:\windows\system32\wevtapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eventing Consumption and Configuration API 131545711771444462 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771444462 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771444462 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771444462 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771444462 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771444462 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771444462 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771444462 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771444462 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771444462 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771444462 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771444462 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771444462 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771444462 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771444462 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771444462 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771444462 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771444462 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771444462 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771444462 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771444462 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771444462 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771444462 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 71 3588 1584 53 00000000:000003e7 131545708229302612 0 0 1 System NT AUTHORITY\SYSTEM rundll32.exe C:\windows\system32\rundll32.exe C:\windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Windows host process (Rundll32) 131545711771444830 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771444830 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771444830 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771444830 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771444830 0xff270000 65536 C:\windows\system32\rundll32.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows host process (Rundll32) 131545711771444830 0x180000000 114688 C:\Program Files\LENOVO\HOTKEY\hotkey.dll 1.01 Lenovo Group Limited OSD library for hotkey detection 131545711771444830 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771444830 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771444830 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771444830 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771444830 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771444830 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771444830 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771444830 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771444830 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771444830 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771444830 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771444830 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771444830 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771444830 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771444830 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771444830 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 72 1768 1584 53 00000000:0019621a 131545708229302612 0 0 0 Medium USDEVR9K0NHD\sramka TPSCREX.EXE C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.FullScreenMagnifier Lenovo Group Limited 2.40 ThinkPad UltraZoom 131545711771445301 0x400000 147456 C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE 2.40 Lenovo Group Limited ThinkPad UltraZoom 131545711771445301 0x6fb10000 167936 C:\windows\SysWOW64\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771445301 0x6fb60000 524288 C:\windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771445301 0x70e80000 53248 C:\windows\SysWOW64\wtsapi32.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771445301 0x70ee0000 77824 C:\windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771445301 0x72bf0000 90112 C:\windows\SysWOW64\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771445301 0x72cc0000 249856 C:\windows\SysWOW64\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771445301 0x72d00000 233472 C:\windows\SysWOW64\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771445301 0x72e70000 94208 C:\windows\SysWOW64\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library (Wow64) 131545711771445301 0x72ff0000 241664 C:\windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771445301 0x73030000 94208 C:\windows\SysWOW64\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771445301 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771445301 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771445301 0x74700000 946176 C:\windows\SysWOW64\DDRAW.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft DirectDraw 131545711771445301 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771445301 0x74840000 24576 C:\windows\SysWOW64\DCIMAN32.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation DCI Manager 131545711771445301 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771445301 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771445301 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771445301 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771445301 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771445301 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771445301 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771445301 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771445301 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771445301 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771445301 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771445301 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771445301 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771445301 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771445301 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771445301 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771445301 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771445301 0x75790000 176128 C:\windows\syswow64\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771445301 0x757c0000 393216 C:\windows\syswow64\IMM32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771445301 0x75830000 192512 C:\windows\syswow64\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771445301 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771445301 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771445301 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771445301 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771445301 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771445301 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771445301 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771445301 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771445301 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771445301 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 73 1848 1584 53 00000000:0019621a 131545708229614613 0 0 0 Medium USDEVR9K0NHD\sramka TPONSCR.EXE C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay Lenovo Group Limited 6.66 On screen display drawer 131545711771445682 0x1250000 344064 C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE 6.66 Lenovo Group Limited On screen display drawer 131545711771445682 0x10000000 139264 C:\PROGRA~1\Lenovo\HOTKEY\enlpu32.dll 1.00 Lenovo Group Limited Lenovo Patch Utility Handler 131545711771445682 0x6fb10000 167936 C:\windows\SysWOW64\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771445682 0x6fb60000 524288 C:\windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771445682 0x70e80000 53248 C:\windows\SysWOW64\wtsapi32.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771445682 0x70f20000 20480 C:\windows\SysWOW64\MSIMG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545711771445682 0x72bf0000 90112 C:\windows\SysWOW64\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771445682 0x72cc0000 249856 C:\windows\SysWOW64\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771445682 0x72d00000 233472 C:\windows\SysWOW64\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771445682 0x72e70000 94208 C:\windows\SysWOW64\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library (Wow64) 131545711771445682 0x72ff0000 241664 C:\windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771445682 0x73030000 94208 C:\windows\SysWOW64\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771445682 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771445682 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771445682 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771445682 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771445682 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771445682 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771445682 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771445682 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771445682 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771445682 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771445682 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771445682 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771445682 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771445682 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771445682 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771445682 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771445682 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771445682 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771445682 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771445682 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771445682 0x75790000 176128 C:\windows\syswow64\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771445682 0x757c0000 393216 C:\windows\syswow64\IMM32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771445682 0x75830000 192512 C:\windows\syswow64\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771445682 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771445682 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771445682 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771445682 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771445682 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771445682 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771445682 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771445682 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771445682 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771445682 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 74 1784 1584 53 00000000:000003e7 131545708229770613 0 0 1 System NT AUTHORITY\SYSTEM SHTCTKY.EXE C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey Lenovo Group Limited 1.20 ThinkPad Message Receiver for Shortcut Hot Keys 131545711771446050 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771446050 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771446050 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771446050 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771446050 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771446050 0x13f400000 118784 C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE 1.20 Lenovo Group Limited ThinkPad Message Receiver for Shortcut Hot Keys 131545711771446050 0x180000000 155648 C:\PROGRA~1\Lenovo\HOTKEY\enlpu.dll 1.00 Lenovo Group Limited Lenovo Patch Utility Handler 131545711771446050 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771446050 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771446050 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771446050 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771446050 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771446050 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771446050 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771446050 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771446050 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771446050 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771446050 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771446050 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771446050 0x7fefc8e0000 327680 C:\windows\system32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771446050 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771446050 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771446050 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771446050 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771446050 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771446050 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771446050 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771446050 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771446050 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771446050 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771446050 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771446050 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771446050 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771446050 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771446050 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771446050 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771446050 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771446050 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771446050 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771446050 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771446050 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771446050 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771446050 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771446050 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771446050 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771446050 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771446050 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 75 3272 1640 52 00000000:000003e7 131545708229926613 0 0 1 System NT AUTHORITY\SYSTEM tpnumlkd.exe C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe Lenovo Group Limited 1.33.1 NumLock on screen display for ThinkPad 131545711771446423 0x130000 69632 C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.dll 1.01 Lenovo Group Limited NumLock on screen display for ThinkPad 131545711771446423 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771446423 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771446423 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771446423 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771446423 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771446423 0x13f630000 118784 C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe 1.33.1 Lenovo Group Limited NumLock on screen display for ThinkPad 131545711771446423 0x180000000 155648 C:\PROGRA~1\LENOVO\HOTKEY\enlpu.dll 1.00 Lenovo Group Limited Lenovo Patch Utility Handler 131545711771446423 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771446423 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771446423 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771446423 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771446423 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771446423 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771446423 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771446423 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771446423 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771446423 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771446423 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771446423 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771446423 0x7fefc8e0000 327680 C:\windows\system32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771446423 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771446423 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771446423 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771446423 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771446423 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771446423 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771446423 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771446423 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771446423 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771446423 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771446423 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771446423 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771446423 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771446423 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771446423 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771446423 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771446423 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771446423 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771446423 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771446423 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771446423 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771446423 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771446423 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771446423 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771446423 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771446423 0x7feff480000 188416 C:\windows\system32\IMM32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 76 3704 2720 7 00000000:0019621a 131545708231174616 0 0 1 Medium USDEVR9K0NHD\sramka hkcmd.exe C:\Windows\System32\hkcmd.exe "C:\Windows\System32\hkcmd.exe" Intel Corporation 8.15.10.2538 hkcmd Module 131545711771446795 0x560000 86016 C:\windows\system32\igfxsrvc.dll 8.15.10.2538 Intel Corporation igfxsrvc Module 131545711771446795 0x2300000 303104 C:\windows\system32\igfxrENU.lrc 8.15.10.2538 Intel Corporation igfxres Module 131545711771446795 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771446795 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771446795 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771446795 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771446795 0x140000000 405504 C:\Windows\System32\hkcmd.exe 8.15.10.2538 Intel Corporation hkcmd Module 131545711771446795 0x180000000 126976 C:\Windows\System32\hccutils.DLL 8.15.10.2538 Intel Corporation hccutils Module 131545711771446795 0x7fefa7d0000 98304 C:\Windows\System32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771446795 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771446795 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771446795 0x7fefc650000 98304 C:\Windows\System32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771446795 0x7fefcce0000 61440 C:\Windows\System32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771446795 0x7fefcd90000 81920 C:\Windows\System32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771446795 0x7fefcdb0000 49152 C:\Windows\System32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771446795 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771446795 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771446795 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771446795 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771446795 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771446795 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771446795 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771446795 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771446795 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771446795 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771446795 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771446795 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771446795 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771446795 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771446795 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771446795 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 77 4216 2720 7 00000000:0019621a 131545708231486616 0 0 1 Medium USDEVR9K0NHD\sramka igfxpers.exe C:\Windows\System32\igfxpers.exe "C:\Windows\System32\igfxpers.exe" Intel Corporation 8.15.10.2538 persistence Module 131545711771447163 0x270000 86016 C:\windows\system32\igfxsrvc.dll 8.15.10.2538 Intel Corporation igfxsrvc Module 131545711771447163 0x2a0000 118784 C:\Windows\System32\IccLibDll_x64.dll 131545711771447163 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771447163 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771447163 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771447163 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771447163 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771447163 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771447163 0x140000000 430080 C:\Windows\System32\igfxpers.exe 8.15.10.2538 Intel Corporation persistence Module 131545711771447163 0x180000000 126976 C:\Windows\System32\hccutils.DLL 8.15.10.2538 Intel Corporation hccutils Module 131545711771447163 0x7fefa7d0000 98304 C:\Windows\System32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771447163 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771447163 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771447163 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771447163 0x7fefbd00000 180224 C:\Windows\System32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771447163 0x7fefbe60000 249856 C:\Windows\System32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771447163 0x7fefc1e0000 69632 C:\Windows\System32\wtsapi32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771447163 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771447163 0x7fefc650000 98304 C:\Windows\System32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771447163 0x7fefcce0000 61440 C:\Windows\System32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771447163 0x7fefcd90000 81920 C:\Windows\System32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771447163 0x7fefcdb0000 49152 C:\Windows\System32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771447163 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771447163 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771447163 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771447163 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771447163 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771447163 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771447163 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771447163 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771447163 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771447163 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771447163 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771447163 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771447163 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771447163 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771447163 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771447163 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771447163 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771447163 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771447163 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771447163 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771447163 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771447163 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 78 1676 1304 70 00000000:0019621a 131545708231642616 0 0 1 Medium USDEVR9K0NHD\sramka SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe "\Program Files\Synaptics\SynTP\SynTPEnh.exe" Synaptics Incorporated 16.2.19.7 17Apr13 Synaptics TouchPad Enhancements 131545711771447617 0x400000 2985984 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 16.2.19.7 17Apr13 Synaptics Incorporated Synaptics TouchPad Enhancements 131545711771447617 0x10000000 1138688 C:\windows\system32\SynCOM.dll 16.2.19.7 17Apr13 Synaptics Incorporated SynCOM 131545711771447617 0x63010000 245760 C:\windows\system32\SynTPAPI.dll 16.2.19.7 17Apr13 Synaptics Incorporated SynTPAPI 131545711771447617 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771447617 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771447617 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771447617 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771447617 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771447617 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771447617 0x7fef9730000 655360 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771447617 0x7fef9f70000 81920 C:\windows\system32\SAMCLI.DLL 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Security Accounts Manager Client DLL 131545711771447617 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771447617 0x7fefa940000 323584 C:\windows\system32\AUDIOSES.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Audio Session 131545711771447617 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771447617 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771447617 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771447617 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771447617 0x7fefae00000 118784 C:\windows\system32\SAMLIB.dll 6.1.7601.23677 (win7sp1_ldr.170209-0600) Microsoft Corporation SAM Library DLL 131545711771447617 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771447617 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771447617 0x7fefb460000 90112 C:\windows\system32\NETAPI32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545711771447617 0x7fefb790000 1228800 C:\windows\System32\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771447617 0x7fefb8c0000 307200 C:\windows\System32\MMDevApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545711771447617 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771447617 0x7fefc7c0000 143360 C:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771447617 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771447617 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771447617 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771447617 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771447617 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771447617 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771447617 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771447617 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771447617 0x7fefd250000 618496 C:\windows\system32\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771447617 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771447617 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771447617 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771447617 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771447617 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771447617 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771447617 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771447617 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771447617 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771447617 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771447617 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771447617 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771447617 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771447617 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771447617 0x7feff480000 188416 C:\windows\system32\IMM32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 79 4344 2720 7 00000000:0019621a 131545708231798617 0 0 1 Medium USDEVR9K0NHD\sramka TpShocks.exe C:\Windows\System32\TpShocks.exe "C:\Windows\System32\TpShocks.exe" Lenovo. 1.80.0008.0000 Active Protection System 131545711771447985 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771447985 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771447985 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771447985 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771447985 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771447985 0x13f510000 577536 C:\Windows\System32\TpShocks.exe 1.80.0008.0000 Lenovo. Active Protection System 131545711771447985 0x7feef5a0000 397312 C:\Program Files\ThinkPad\TpShocks\MUI\0409\TpShocks.dll 1.80.0008.0000 Lenovo. Active Protection System 131545711771447985 0x7fef54c0000 36864 C:\Windows\System32\Sensor64.dll 1.80.01.03 Lenovo. ThinkVantage Active Protection System - Shock Sensor Module 131545711771447985 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771447985 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771447985 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771447985 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771447985 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771447985 0x7fefa7d0000 98304 C:\Windows\System32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771447985 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771447985 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771447985 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771447985 0x7fefb600000 184320 C:\Windows\System32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771447985 0x7fefbe60000 249856 C:\Windows\System32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771447985 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771447985 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771447985 0x7fefc650000 98304 C:\Windows\System32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771447985 0x7fefcce0000 61440 C:\Windows\System32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771447985 0x7fefcd90000 81920 C:\Windows\System32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771447985 0x7fefcdb0000 49152 C:\Windows\System32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771447985 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771447985 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771447985 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771447985 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771447985 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771447985 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771447985 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771447985 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771447985 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771447985 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771447985 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771447985 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771447985 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771447985 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771447985 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771447985 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771447985 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771447985 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771447985 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771447985 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771447985 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771447985 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 80 1776 2720 7 00000000:0019621a 131545708231954617 0 0 0 Medium USDEVR9K0NHD\sramka TpKnrres.exe C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe "C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe" Lenovo Group Limited 3.1.17.0 Communications Utility launcher 131545711771448353 0x2c0000 24576 C:\Program Files\Lenovo\Communications Utility\tpknrdll.dll 3.1.17.0 Lenovo Group Limited Keyboard detection library 131545711771448353 0x400000 307200 C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe 3.1.17.0 Lenovo Group Limited Communications Utility launcher 131545711771448353 0x600000 126976 C:\windows\SysWOW64\5U877.ax 1, 1, 0, 1147 Ricoh co.,Ltd. 5U877Prop.ax 131545711771448353 0x2840000 573440 C:\Windows\SysWOW64\ODBC32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ODBC Driver Manager 131545711771448353 0x10000000 61440 C:\Program Files\Lenovo\Communications Utility\CamDll.dll 3.1.17.0 Lenovo Group Limited Camera Control Library 131545711771448353 0x6dd10000 221184 C:\windows\SysWOW64\AUDIOSES.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Audio Session 131545711771448353 0x6deb0000 1003520 C:\windows\SysWOW64\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771448353 0x6dfb0000 233472 C:\windows\SysWOW64\MMDevApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545711771448353 0x6fb10000 167936 C:\windows\SysWOW64\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771448353 0x6fb60000 524288 C:\windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771448353 0x70050000 1163264 C:\Windows\SysWOW64\MFC42.dll 6.06.8063.0 Microsoft Corporation MFCDLL Shared Library - Retail Version 131545711771448353 0x70170000 1847296 C:\Windows\SysWOW64\d3d9.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Direct3D 9 Runtime 131545711771448353 0x70ca0000 229376 C:\Windows\SysWOW64\odbcint.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation ODBC Resources 131545711771448353 0x70ce0000 118784 C:\Windows\SysWOW64\kswdmcap.ax 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WDM Streaming Video Capture 131545711771448353 0x70d00000 634880 C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll 8.00.50727.6195 Microsoft Corporation Microsoft® C Runtime Library 131545711771448353 0x70da0000 540672 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771448353 0x70e30000 208896 C:\Windows\SysWOW64\ksproxy.ax 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WDM Streaming ActiveMovie Proxy 131545711771448353 0x70e70000 16384 C:\Windows\SysWOW64\ksuser.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation User CSA Library 131545711771448353 0x70e80000 53248 C:\windows\SysWOW64\WTSAPI32.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771448353 0x70e90000 204800 C:\Windows\SysWOW64\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771448353 0x70ed0000 45056 C:\windows\SysWOW64\msdmo.dll 6.6.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation DMO Runtime 131545711771448353 0x70ee0000 77824 C:\Windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771448353 0x70f00000 81920 C:\Windows\SysWOW64\devenum.dll 6.6.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Device enumeration. 131545711771448353 0x70f30000 24576 C:\Windows\SysWOW64\d3d8thk.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Direct3D OS Thunk Layer 131545711771448353 0x70f40000 311296 C:\windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771448353 0x70f90000 118784 C:\Program Files\Lenovo\Communications Utility\CommFunc.dll 3.1.17.0 Lenovo Group Limited Communications Utility Common Library 131545711771448353 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771448353 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771448353 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771448353 0x748a0000 135168 C:\windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771448353 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771448353 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771448353 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771448353 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771448353 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771448353 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771448353 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771448353 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771448353 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771448353 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771448353 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771448353 0x75050000 503808 C:\windows\syswow64\comdlg32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771448353 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771448353 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771448353 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771448353 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771448353 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771448353 0x754f0000 282624 C:\windows\syswow64\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771448353 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771448353 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771448353 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771448353 0x75830000 192512 C:\windows\syswow64\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771448353 0x75aa0000 20480 C:\windows\syswow64\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771448353 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771448353 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771448353 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771448353 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771448353 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771448353 0x76ef0000 536576 C:\windows\syswow64\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771448353 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771448353 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771448353 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 81 3948 2720 7 00000000:0019621a 131545708232578618 0 0 0 Medium USDEVR9K0NHD\sramka NvBackend.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" NVIDIA Corporation 10.4.0.5 NVIDIA Update Backend 131545711771448721 0x13e0000 1822720 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 10.4.0.5 NVIDIA Corporation NVIDIA Update Backend 131545711771448721 0x6a340000 24576 C:\windows\SysWOW64\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771448721 0x6a350000 135168 C:\Program Files (x86)\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771448721 0x6a380000 32768 C:\windows\SysWOW64\winrnr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation LDAP RnR Provider DLL 131545711771448721 0x6a390000 53248 C:\windows\SysWOW64\wshbth.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Sockets Helper DLL 131545711771448721 0x6a3a0000 73728 C:\windows\SysWOW64\pnrpnsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PNRP Name Space Provider 131545711771448721 0x6a3d0000 65536 C:\windows\SysWOW64\NLAapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771448721 0x6c0b0000 278528 C:\windows\SysWOW64\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771448721 0x6dda0000 360448 C:\windows\SysWOW64\WINHTTP.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545711771448721 0x72dc0000 229376 C:\windows\SysWOW64\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771448721 0x72e30000 28672 C:\windows\SysWOW64\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771448721 0x72e40000 114688 C:\windows\SysWOW64\Iphlpapi.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771448721 0x73050000 20480 C:\windows\SysWOW64\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771448721 0x73060000 245760 C:\windows\SysWOW64\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771448721 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771448721 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771448721 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771448721 0x748a0000 135168 C:\windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771448721 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771448721 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771448721 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771448721 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771448721 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771448721 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771448721 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771448721 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771448721 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771448721 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771448721 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771448721 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771448721 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771448721 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771448721 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771448721 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771448721 0x754f0000 282624 C:\windows\syswow64\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771448721 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771448721 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771448721 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771448721 0x75be0000 24576 C:\windows\syswow64\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771448721 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771448721 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771448721 0x75f80000 217088 C:\windows\syswow64\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771448721 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771448721 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771448721 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771448721 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 82 3292 1216 25 00000000:000003e5 131545708232734618 0 0 1 System NT AUTHORITY\LOCAL SERVICE AUDIODG.EXE C:\windows\system32\AUDIODG.EXE C:\windows\system32\AUDIODG.EXE 0x804 Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Windows Audio Device Graph Isolation 83 3276 2720 7 00000000:0019621a 131545708233358619 0 0 1 Medium USDEVR9K0NHD\sramka iTunesHelper.exe C:\Program Files\iTunes\iTunesHelper.exe "C:\Program Files\iTunes\iTunesHelper.exe" Apple Inc. 12.7.1.14 iTunesHelper 131545711771449466 0x430000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x66540000 26288128 C:\Program Files\iTunes\icudt55.dll 55, 1, 0, 2501 The ICU Project ICU Data DLL 131545711771449466 0x72b10000 622592 C:\windows\system32\MSVCP100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771449466 0x73210000 98304 C:\Program Files\iTunes\zlib1.dll 1.5.0 zlib data compression library 131545711771449466 0x74470000 155648 C:\Program Files\iTunes\dnssd.dll 3,0,0,2 Apple Inc. Bonjour Client Library 131545711771449466 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771449466 0x74a90000 860160 C:\windows\system32\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771449466 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771449466 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771449466 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771449466 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771449466 0x77370000 12288 C:\windows\system32\normaliz.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711771449466 0x13f870000 311296 C:\Program Files\iTunes\iTunesHelper.exe 12.7.1.14 Apple Inc. iTunesHelper 131545711771449466 0x7fee7180000 12288 C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fee7200000 12288 C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fee74a0000 999424 C:\windows\system32\ucrtbase.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation Microsoft® C Runtime Library 131545711771449466 0x7fee75a0000 708608 C:\Program Files\iTunes\mDNSResponderDLL.dll 3,0,0,2 Apple Inc. Bonjour Service 131545711771449466 0x7fee82f0000 1363968 C:\Program Files\iTunes\libxml2.dll 31.7 libxml2 131545711771449466 0x7fee8440000 2572288 C:\Program Files\iTunes\CFNetwork.dll 520.31.1.1 Apple Inc. CFNetwork 131545711771449466 0x7fee86c0000 2793472 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll 988.1.4.1.1 Apple Inc. iTunesMobileDevice 131545711771449466 0x7feeec10000 1368064 C:\Program Files\iTunes\libicuuc.dll 55, 1, 0, 2501 The ICU Project ICU Common DLL 131545711771449466 0x7feeed60000 1994752 C:\Program Files\iTunes\libicuin.dll 55, 1, 0, 2501 The ICU Project ICU I18N DLL 131545711771449466 0x7feeef50000 2289664 C:\Program Files\iTunes\CoreFoundation.dll 1,750,35,0 Apple Inc. CoreFoundation 131545711771449466 0x7feef310000 16384 C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7feef3f0000 233472 C:\Program Files\iTunes\objc.dll 1,528,0.71,347 Apple Inc. Objective-C Runtime Library 131545711771449466 0x7fef06d0000 847872 C:\Program Files\iTunes\SQLite3.dll 253.1.0.110 Apple Inc. SQLite3.dll 131545711771449466 0x7fef4e50000 118784 C:\Program Files\iTunes\libdispatch.dll 244,1,22,130 Apple Inc. Dispatch Runtime Library 131545711771449466 0x7fef53d0000 94208 C:\Program Files\iTunes\ASL.dll 46.0.0.114 Apple Inc. Apple System Logging 131545711771449466 0x7fef7430000 978944 C:\windows\system32\MSVCR120.dll 12.00.21005.1 built by: REL Microsoft Corporation Microsoft® C Runtime Library 131545711771449466 0x7fef82f0000 36864 C:\windows\system32\WSOCK32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 32-Bit DLL 131545711771449466 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771449466 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771449466 0x7fef9ed0000 16384 C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fef9ee0000 12288 C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fef9ef0000 16384 C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fef9f00000 12288 C:\windows\system32\api-ms-win-core-file-l1-2-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fef9f10000 12288 C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fef9f90000 12288 C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fef9fb0000 12288 C:\windows\system32\api-ms-win-core-file-l2-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fef9fc0000 12288 C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fefa120000 16384 C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fefa130000 90112 C:\windows\system32\VCRUNTIME140.dll 14.10.25008.0 built by: VCTOOLSD15RTM Microsoft Corporation Microsoft® C Runtime Library 131545711771449466 0x7fefa150000 86016 C:\Program Files\iTunes\pthreadVC2.dll 15, 0, 0, 0 Open Source Software community LGPL MS C 131545711771449466 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771449466 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771449466 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771449466 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771449466 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771449466 0x7fefae50000 1089536 C:\windows\system32\CRYPTUI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Microsoft Trust UI Provider 131545711771449466 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771449466 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771449466 0x7fefb460000 90112 C:\windows\system32\NETAPI32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545711771449466 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771449466 0x7fefbd00000 180224 C:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771449466 0x7fefbd40000 12288 C:\windows\system32\api-ms-win-core-synch-l1-2-0.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771449466 0x7fefc1e0000 69632 C:\windows\system32\Wtsapi32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771449466 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771449466 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771449466 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771449466 0x7fefc7c0000 143360 C:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771449466 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771449466 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771449466 0x7fefccf0000 593920 C:\windows\system32\SXS.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711771449466 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771449466 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771449466 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771449466 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771449466 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771449466 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771449466 0x7fefced0000 12288 C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771449466 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771449466 0x7fefcf40000 20480 C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771449466 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771449466 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771449466 0x7fefd180000 16384 C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fefd1a0000 16384 C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771449466 0x7fefd2f0000 2928640 C:\windows\system32\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711771449466 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771449466 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771449466 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771449466 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771449466 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771449466 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771449466 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771449466 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771449466 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771449466 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771449466 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771449466 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771449466 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771449466 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771449466 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771449466 0x7fefef50000 3280896 C:\windows\system32\WININET.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711771449466 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771449466 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 84 4444 2720 7 00000000:0019621a 131545708236450630 0 0 1 Medium USDEVR9K0NHD\sramka BTTray.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe "C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe" Broadcom Corporation. 6.5.1.2700 Bluetooth Tray Application 131545711771449834 0x64f70000 5648384 C:\windows\system32\mfc100u.dll 10.00.40219.325 Microsoft Corporation MFCDLL Shared Library - Retail Version 131545711771449834 0x65fe0000 5623808 C:\windows\system32\mfc100.dll 10.00.40219.325 Microsoft Corporation MFCDLL Shared Library - Retail Version 131545711771449834 0x72b10000 622592 C:\windows\system32\MSVCP100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771449834 0x74820000 53248 C:\windows\system32\MFC100ENU.DLL 10.00.40219.325 Microsoft Corporation MFC Language Specific Resources 131545711771449834 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771449834 0x74a90000 860160 C:\windows\system32\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771449834 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771449834 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771449834 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771449834 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771449834 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771449834 0x13feb0000 1998848 C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe 6.5.1.2700 Broadcom Corporation. Bluetooth Tray Application 131545711771449834 0x7fee6050000 2371584 C:\Program Files\ThinkPad\Bluetooth Software\BtwCP.dll 6.5.1.2700 Broadcom Corporation. BtwCP DLL 131545711771449834 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711771449834 0x7fee67a0000 147456 C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll 6.5.1.2700 Broadcom Corporation. KeyBoard Hook DLL 131545711771449834 0x7feec7b0000 24608768 C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll 6.5.1.2700 Broadcom Corporation. btrez DLL 131545711771449834 0x7feeea20000 442368 C:\windows\system32\irprops.cpl 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Infrared Control Panel Applet 131545711771449834 0x7feeea90000 630784 C:\Program Files\ThinkPad\Bluetooth Software\btwhidcs.DLL 6.5.1.2700 Broadcom Corporation. Bluetooth HID Power Control Suite dll 131545711771449834 0x7feeeb30000 876544 C:\Program Files\ThinkPad\Bluetooth Software\btwapi.dll 6.5.1.2700 Broadcom Corporation. WBTApi DLL 131545711771449834 0x7feef340000 81920 C:\Program Files\ThinkPad\Bluetooth Software\BtBalloon.dll 6.5.1.2700 Broadcom Corporation. Balloon Tooltip Routine DLL 131545711771449834 0x7feef360000 339968 C:\Program Files\ThinkPad\Bluetooth Software\btosif.dll 6.5.1.2700 Broadcom Corporation. BTOSIF DLL 131545711771449834 0x7fef17d0000 3268608 C:\windows\system32\msi.dll 5.0.7601.23593 Microsoft Corporation Windows Installer 131545711771449834 0x7fef5c60000 65536 C:\windows\System32\wshBth.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Sockets Helper DLL 131545711771449834 0x7fef7340000 126976 C:\Program Files\ThinkPad\Bluetooth Software\BtwLeAPI.dll 6.5.1.2700 Broadcom Corporation. BtwLeAPI 131545711771449834 0x7fef82f0000 36864 C:\windows\system32\WSOCK32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 32-Bit DLL 131545711771449834 0x7fef9e40000 114688 C:\windows\system32\rasman.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access Connection Manager 131545711771449834 0x7fef9e60000 401408 C:\windows\system32\RASAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access API 131545711771449834 0x7fefa040000 344064 C:\windows\system32\OLEACC.dll 7.0.0.0 (win7sp1_ldr.160325-0600) Microsoft Corporation Active Accessibility Core Component 131545711771449834 0x7fefa0a0000 462848 C:\windows\system32\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771449834 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771449834 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771449834 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771449834 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771449834 0x7fefab80000 2191360 C:\windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_145eb2808b8d6928\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711771449834 0x7fefada0000 352256 C:\windows\system32\UxTheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771449834 0x7fefbd30000 45056 C:\windows\system32\hid.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Hid User Library 131545711771449834 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771449834 0x7fefc0e0000 741376 C:\windows\system32\bthprops.cpl 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Bluetooth Control Panel Applet 131545711771449834 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771449834 0x7fefc280000 28672 C:\windows\system32\MSIMG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545711771449834 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771449834 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771449834 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771449834 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771449834 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771449834 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771449834 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771449834 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771449834 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771449834 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771449834 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771449834 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771449834 0x7fefd250000 618496 C:\windows\system32\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771449834 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771449834 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771449834 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771449834 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771449834 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771449834 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771449834 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771449834 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771449834 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771449834 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771449834 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771449834 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771449834 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771449834 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771449834 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771449834 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 85 2860 5016 86 00000000:0019621a 131545708236950630 0 0 0 Medium USDEVR9K0NHD\sramka vpnui.exe C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized Cisco Systems, Inc. 3, 1, 14018 Cisco AnyConnect User Interface 131545711771450202 0xa60000 802816 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe 3, 1, 14018 Cisco Systems, Inc. Cisco AnyConnect User Interface 131545711771450202 0xfb00000 1544192 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acciscocrypto.dll 1.0.1q.4.13.2 The OpenSSL Project, http://www.openssl.org/ OpenSSL Shared Library 131545711771450202 0x10000000 335872 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acciscossl.dll 1.0.1q.4.13.2 The OpenSSL Project, http://www.openssl.org/ OpenSSL Shared Library 131545711771450202 0x6a440000 1249280 C:\windows\SysWOW64\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545711771450202 0x6b0c0000 16384 C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450202 0x6c0b0000 278528 C:\windows\SysWOW64\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771450202 0x6cc10000 1695744 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771450202 0x6dda0000 360448 C:\windows\SysWOW64\winhttp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545711771450202 0x6e4f0000 32768 C:\windows\SysWOW64\Secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771450202 0x6fb10000 167936 C:\windows\SysWOW64\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771450202 0x6fb60000 524288 C:\windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771450202 0x6fca0000 1642496 C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_5c0be957a009922e\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711771450202 0x70e80000 53248 C:\windows\SysWOW64\WTSAPI32.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771450202 0x70e90000 204800 C:\windows\SysWOW64\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771450202 0x70ee0000 77824 C:\windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771450202 0x72bb0000 69632 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll 1.2.3 zlib data compression library 131545711771450202 0x72bd0000 110592 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\Plugins\acfeedback.dll 3, 1, 14018 Cisco Systems, Inc. AnyConnect PhoneHome Module 131545711771450202 0x72bf0000 90112 C:\windows\SysWOW64\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771450202 0x72cc0000 249856 C:\windows\SysWOW64\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771450202 0x72d00000 233472 C:\windows\SysWOW64\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771450202 0x72e30000 28672 C:\windows\SysWOW64\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771450202 0x72e40000 114688 C:\windows\SysWOW64\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771450202 0x72e60000 24576 C:\windows\SysWOW64\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771450202 0x72e70000 94208 C:\windows\SysWOW64\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library (Wow64) 131545711771450202 0x72e90000 1409024 C:\windows\SysWOW64\msxml6.dll 6.30.7601.23403 Microsoft Corporation MSXML 6.0 SP3 131545711771450202 0x72ff0000 241664 C:\windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771450202 0x73030000 94208 C:\windows\SysWOW64\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771450202 0x73050000 20480 C:\windows\SysWOW64\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771450202 0x73060000 245760 C:\windows\SysWOW64\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771450202 0x730a0000 962560 C:\windows\SysWOW64\Dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545711771450202 0x73230000 147456 C:\windows\SysWOW64\winscard.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Smart Card API 131545711771450202 0x73290000 32768 C:\windows\SysWOW64\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771450202 0x73330000 1089536 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnapi.dll 3, 1, 14018 Cisco Systems, Inc. AnyConnect Secure Mobility Client VPN API 131545711771450202 0x73560000 417792 C:\windows\SysWOW64\msvcp60.dll 7.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT C++ Runtime Library DLL 131545711771450202 0x735d0000 1167360 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommon.dll 3, 1, 14018 Cisco Systems, Inc. Common 131545711771450202 0x736f0000 413696 C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommoncrypt.dll 3, 1, 14018 Cisco Systems, Inc. CommonCrypt 131545711771450202 0x744a0000 16384 C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450202 0x74690000 81920 C:\windows\SysWOW64\asycfilt.dll 6.1.7601.23713 Microsoft Corporation 131545711771450202 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771450202 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771450202 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771450202 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771450202 0x74960000 36864 C:\windows\SysWOW64\version.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771450202 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771450202 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771450202 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771450202 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771450202 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771450202 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771450202 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771450202 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771450202 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771450202 0x75050000 503808 C:\windows\syswow64\comdlg32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771450202 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771450202 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771450202 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771450202 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771450202 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771450202 0x754e0000 16384 C:\windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450202 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771450202 0x75790000 176128 C:\windows\syswow64\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771450202 0x75820000 16384 C:\windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450202 0x75860000 2314240 C:\windows\syswow64\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711771450202 0x75ab0000 1183744 C:\windows\syswow64\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771450202 0x75be0000 24576 C:\windows\syswow64\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771450202 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771450202 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771450202 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771450202 0x75cc0000 12288 C:\windows\syswow64\normaliz.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711771450202 0x75cd0000 2797568 C:\windows\syswow64\WININET.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711771450202 0x75f80000 217088 C:\windows\syswow64\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771450202 0x760b0000 20480 C:\windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450202 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771450202 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771450202 0x76d60000 16384 C:\windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450202 0x76d70000 12288 C:\windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450202 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771450202 0x76d90000 1359872 C:\windows\SysWOW64\urlmon.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation OLE32 Extensions for Win32 131545711771450202 0x76ee0000 16384 C:\windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450202 0x76ef0000 536576 C:\windows\syswow64\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771450202 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771450202 0x77350000 49152 C:\windows\syswow64\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771450202 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 87 2488 1320 28 00000000:001961fc 131545708236950630 131545712129324777 0 1 High USDEVR9K0NHD\sramka taskeng.exe C:\windows\system32\taskeng.exe taskeng.exe {168FADFB-0750-4E15-A4E6-4B9FE8958234} Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Task Scheduler Engine 131545711771450622 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771450622 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771450622 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771450622 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771450622 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771450622 0xff0f0000 479232 C:\windows\system32\taskeng.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler Engine 131545711771450622 0x7fef8480000 36864 C:\Windows\system32\tschannel.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler Proxy 131545711771450622 0x7fef8720000 40960 C:\windows\system32\ktmw32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows KTM Win32 Client DLL 131545711771450622 0x7fefa710000 212992 C:\windows\system32\XmlLite.dll 1.3.1001.0 Microsoft Corporation Microsoft XmlLite Library 131545711771450622 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771450622 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771450622 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771450622 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771450622 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771450622 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771450622 0x7fefc970000 446464 C:\windows\system32\wevtapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eventing Consumption and Configuration API 131545711771450622 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771450622 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771450622 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771450622 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771450622 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771450622 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771450622 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771450622 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771450622 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771450622 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771450622 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771450622 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771450622 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771450622 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771450622 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771450622 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771450622 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771450622 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771450622 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771450622 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771450622 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771450622 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771450622 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 88 4848 2720 7 00000000:0019621a 131545708237450631 0 0 1 Medium USDEVR9K0NHD\sramka KeePass.exe C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" "C:\Save\Database.kdbx" Dominik Reichl 2.37.0.0 KeePass 131545711771450994 0x1000000 3235840 C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe 2.37.0.0 Dominik Reichl KeePass 131545711771450994 0x1b9f0000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450994 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771450994 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771450994 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771450994 0x76f80000 1175552 C:\windows\system32\KERNEL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771450994 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771450994 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771450994 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771450994 0x77370000 12288 C:\windows\system32\normaliz.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711771450994 0x7fee45e0000 774144 C:\Program Files (x86)\KeePass Password Safe 2\KeePassLibC64.dll 1.34.0.0 Dominik Reichl KeePass Library 1.34 131545711771450994 0x7fee5ec0000 958464 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\b7aa88321bfadf205026b52a3935fa8a\System.Security.ni.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation System.Security.dll 131545711771450994 0x7fee5fb0000 647168 C:\windows\system32\RichEd20.DLL 5.31.23.1230 Microsoft Corporation Rich Text Edit Control, v3.1 131545711771450994 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711771450994 0x7fee67a0000 147456 C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll 6.5.1.2700 Broadcom Corporation. KeyBoard Hook DLL 131545711771450994 0x7fee7800000 1187840 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\6cca59afb781848b57b7c77545142bc4\System.Configuration.ni.dll 4.7.2053.0 built by: NET47REL1 Microsoft Corporation System.Configuration.dll 131545711771450994 0x7fee7930000 10219520 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\9ffe570093610de30bd95e272cdcf71d\System.Core.ni.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation .NET Framework 131545711771450994 0x7fee8b40000 9007104 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\be356224a4b53b3834e9fdeca946063a\System.Xml.ni.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation .NET Framework 131545711771450994 0x7fee94b0000 15900672 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\346cc17b5cdce2d2b8def8a0828bd737\System.Windows.Forms.ni.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation .NET Framework 131545711771450994 0x7feea3e0000 12722176 C:\windows\assembly\NativeImages_v4.0.30319_64\System\77960eb7247fd9c216cf7f9a2d4aad06\System.ni.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation .NET Framework 131545711771450994 0x7feeb010000 1130496 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation Microsoft .NET Runtime Just-In-Time Compiler 131545711771450994 0x7feeb130000 22536192 C:\windows\assembly\NativeImages_v4.0.30319_64\mscorlib\f4f76dcea0bc3dcf032689a838eeba20\mscorlib.ni.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation Microsoft Common Language Runtime Class Library 131545711771450994 0x7feec6b0000 1011712 C:\windows\system32\MSVCR120_CLR0400.dll 12.00.52519.0 built by: VSWINSERVICING Microsoft Corporation Microsoft® C Runtime Library 131545711771450994 0x7feedf30000 10350592 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation Microsoft .NET Runtime Common Language Runtime - WorkStation 131545711771450994 0x7feee910000 643072 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation Microsoft .NET Runtime Execution Engine 131545711771450994 0x7feee9b0000 454656 C:\windows\SYSTEM32\MSCOREE.DLL 4.0.40305.0 (Main.040305-0000) Microsoft Corporation Microsoft .NET Runtime Execution Engine 131545711771450994 0x7fef0650000 520192 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Tablet PC Input Panel Text Services Framework 131545711771450994 0x7fef1af0000 1875968 C:\windows\system32\explorerframe.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation ExplorerFrame 131545711771450994 0x7fef65e0000 413696 C:\windows\system32\webio.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Web Transfer Protocols API 131545711771450994 0x7fef6680000 462848 C:\windows\system32\winhttp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545711771450994 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771450994 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771450994 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771450994 0x7fef8ed0000 339968 C:\windows\System32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771450994 0x7fef9730000 655360 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771450994 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771450994 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771450994 0x7fef9e20000 69632 C:\windows\system32\rtutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Routing Utilities 131545711771450994 0x7fef9e40000 114688 C:\windows\system32\rasman.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access Connection Manager 131545711771450994 0x7fef9e60000 401408 C:\windows\system32\rasapi32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access API 131545711771450994 0x7fefa0a0000 462848 C:\windows\system32\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771450994 0x7fefa1a0000 2007040 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\c821348039792dc65872f3279899e9ed\System.Drawing.ni.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation .NET Framework 131545711771450994 0x7fefa410000 1445888 C:\windows\system32\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545711771450994 0x7fefa7a0000 90112 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll 4.7.2053.0 built by: NET47REL1 Microsoft Corporation Microsoft Collation Support 131545711771450994 0x7fefa7c0000 12288 C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771450994 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771450994 0x7fefa8c0000 274432 C:\windows\system32\DUser.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows DirectUser Engine 131545711771450994 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771450994 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771450994 0x7fefaa00000 991232 C:\windows\system32\DUI70.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows DirectUI Engine 131545711771450994 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771450994 0x7fefab80000 2191360 C:\windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_145eb2808b8d6928\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711771450994 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771450994 0x7fefb780000 16384 C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450994 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771450994 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771450994 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771450994 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771450994 0x7fefc1e0000 69632 C:\windows\system32\wtsapi32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771450994 0x7fefc270000 40960 C:\windows\system32\credssp.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Credential Delegation Security Package 131545711771450994 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771450994 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771450994 0x7fefc3e0000 360448 C:\windows\system32\schannel.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation TLS / SSL Security Provider 131545711771450994 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771450994 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771450994 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771450994 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771450994 0x7fefc880000 45056 C:\windows\system32\secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771450994 0x7fefc8b0000 139264 C:\windows\system32\BCrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771450994 0x7fefc8e0000 327680 C:\windows\system32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771450994 0x7fefcad0000 151552 C:\windows\system32\SSPICLI.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771450994 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771450994 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771450994 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771450994 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771450994 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771450994 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771450994 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771450994 0x7fefced0000 12288 C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450994 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771450994 0x7fefcf40000 20480 C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450994 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771450994 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771450994 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771450994 0x7fefd180000 16384 C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450994 0x7fefd190000 16384 C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450994 0x7fefd1a0000 16384 C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771450994 0x7fefd2f0000 2928640 C:\windows\system32\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711771450994 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771450994 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771450994 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771450994 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771450994 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771450994 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771450994 0x7fefda10000 14196736 C:\windows\system32\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771450994 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771450994 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771450994 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771450994 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771450994 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771450994 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771450994 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771450994 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771450994 0x7fefed60000 1593344 C:\windows\system32\urlmon.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation OLE32 Extensions for Win32 131545711771450994 0x7fefef50000 3280896 C:\windows\system32\wininet.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711771450994 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771450994 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 89 1572 2720 7 00000000:0019621a 131545708239250634 0 0 0 Medium USDEVR9K0NHD\sramka ONENOTEM.EXE C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE "C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE" /tsr Microsoft Corporation 15.0.4787.1000 Send to OneNote Tool 131545711771451392 0x1330000 200704 C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE 15.0.4787.1000 Microsoft Corporation Send to OneNote Tool 131545711771451392 0x6e090000 245760 C:\windows\SysWOW64\OLEACC.dll 7.0.0.0 (win7sp1_ldr.160325-0600) Microsoft Corporation Active Accessibility Core Component 131545711771451392 0x6fb60000 524288 C:\windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771451392 0x6fca0000 1642496 C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_5c0be957a009922e\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711771451392 0x70f20000 20480 C:\windows\SysWOW64\MSIMG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545711771451392 0x710d0000 782336 C:\windows\SysWOW64\MSVCR100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771451392 0x73260000 151552 C:\Program Files (x86)\Microsoft Office\Office15\1033\ONINTL.DLL 15.0.4889.1000 Microsoft Corporation Microsoft OneNote International Resources 131545711771451392 0x732c0000 430080 C:\windows\SysWOW64\MSVCP100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545711771451392 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771451392 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771451392 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771451392 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771451392 0x74900000 331776 C:\windows\SysWOW64\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771451392 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771451392 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771451392 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771451392 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771451392 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771451392 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771451392 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771451392 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771451392 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771451392 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771451392 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771451392 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771451392 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771451392 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771451392 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771451392 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771451392 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771451392 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771451392 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771451392 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771451392 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771451392 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771451392 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771451392 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 90 5248 5016 86 00000000:001961fc 131545708254178658 0 0 1 High USDEVR9K0NHD\sramka CCleaner64.exe C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac Piriform Ltd 5, 36, 00, 6278 CCleaner 131545711771451769 0x28c0000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771451769 0x6dc50000 155648 C:\Program Files\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545711771451769 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771451769 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771451769 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771451769 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771451769 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771451769 0x77360000 28672 C:\windows\system32\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771451769 0x77370000 12288 C:\windows\system32\normaliz.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545711771451769 0x13fd30000 12009472 C:\Program Files\CCleaner\CCleaner64.exe 5, 36, 00, 6278 Piriform Ltd CCleaner 131545711771451769 0x7fef4b60000 2596864 C:\windows\system32\ESENT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Extensible Storage Engine for Microsoft(R) Windows(R) 131545711771451769 0x7fef4e70000 524288 C:\windows\system32\ntshrui.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell extensions for sharing 131545711771451769 0x7fef5460000 61440 C:\windows\system32\cscapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Offline Files Win32 API 131545711771451769 0x7fef5680000 1200128 C:\windows\system32\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545711771451769 0x7fef5d80000 49152 C:\windows\System32\npmproxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network List Manager Proxy 131545711771451769 0x7fef6210000 475136 C:\windows\System32\netprofm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network List Manager 131545711771451769 0x7fef6700000 32768 C:\windows\system32\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545711771451769 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771451769 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771451769 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771451769 0x7fef8ed0000 339968 C:\windows\System32\fwpuclnt.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545711771451769 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771451769 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771451769 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771451769 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771451769 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771451769 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771451769 0x7fefa3a0000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771451769 0x7fefa410000 1445888 C:\windows\system32\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545711771451769 0x7fefa590000 49152 C:\windows\system32\LINKINFO.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Volume Tracking 131545711771451769 0x7fefa710000 212992 C:\windows\system32\XmlLite.dll 1.3.1001.0 Microsoft Corporation Microsoft XmlLite Library 131545711771451769 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771451769 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771451769 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771451769 0x7fefab80000 2191360 C:\windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_145eb2808b8d6928\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711771451769 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771451769 0x7fefb190000 1208320 C:\Windows\system32\taskschd.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler COM API 131545711771451769 0x7fefb2e0000 45056 C:\windows\system32\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545711771451769 0x7fefb3d0000 86016 C:\windows\System32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771451769 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771451769 0x7fefb780000 16384 C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771451769 0x7fefb790000 1228800 C:\windows\system32\propsys.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771451769 0x7fefbc20000 28672 C:\windows\System32\wshtcpip.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545711771451769 0x7fefbd40000 12288 C:\windows\system32\api-ms-win-core-synch-l1-2-0.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771451769 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771451769 0x7fefc280000 28672 C:\windows\system32\MSIMG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545711771451769 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771451769 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771451769 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771451769 0x7fefc5e0000 28672 C:\windows\System32\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545711771451769 0x7fefc5f0000 348160 C:\windows\system32\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545711771451769 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771451769 0x7fefc7c0000 143360 C:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771451769 0x7fefc880000 45056 C:\windows\system32\Secur32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771451769 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771451769 0x7fefcad0000 151552 C:\windows\system32\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771451769 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771451769 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771451769 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771451769 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771451769 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771451769 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771451769 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771451769 0x7fefced0000 12288 C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771451769 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771451769 0x7fefcf40000 20480 C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771451769 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771451769 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771451769 0x7fefd180000 16384 C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771451769 0x7fefd190000 16384 C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771451769 0x7fefd1a0000 16384 C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771451769 0x7fefd250000 618496 C:\windows\system32\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771451769 0x7fefd2f0000 2928640 C:\windows\system32\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545711771451769 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771451769 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771451769 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771451769 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771451769 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771451769 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771451769 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771451769 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771451769 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771451769 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771451769 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771451769 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771451769 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771451769 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771451769 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771451769 0x7fefed60000 1593344 C:\windows\system32\urlmon.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation OLE32 Extensions for Win32 131545711771451769 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771451769 0x7fefef50000 3280896 C:\windows\system32\WinInet.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545711771451769 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771451769 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 91 5744 824 6 00000000:000003e7 131545708297858735 0 0 1 System NT AUTHORITY\SYSTEM iPodService.exe C:\Program Files\iPod\bin\iPodService.exe "C:\Program Files\iPod\bin\iPodService.exe" Apple Inc. 12.7.1.14 iPod Service 131545711771452146 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771452146 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771452146 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771452146 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771452146 0x13f160000 684032 C:\Program Files\iPod\bin\iPodService.exe 12.7.1.14 Apple Inc. iPod Service 131545711771452146 0x7fefbd40000 12288 C:\windows\system32\api-ms-win-core-synch-l1-2-0.DLL 10.0.10586.788 (th2_release_sec.170113-1732) Microsoft Corporation ApiSet Stub DLL 131545711771452146 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771452146 0x7fefc1e0000 69632 C:\windows\system32\Wtsapi32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771452146 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771452146 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771452146 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771452146 0x7fefccf0000 593920 C:\windows\system32\SXS.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711771452146 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771452146 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771452146 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771452146 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771452146 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771452146 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771452146 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771452146 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771452146 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771452146 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771452146 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771452146 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771452146 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771452146 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771452146 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771452146 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771452146 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771452146 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771452146 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771452146 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771452146 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771452146 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 92 5868 4444 84 00000000:0019621a 131545708306126749 0 0 0 Medium USDEVR9K0NHD\sramka RunDll32.exe C:\windows\SysWOW64\RunDll32.exe "C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Windows host process (Rundll32) 131545711771452518 0x180000 57344 C:\windows\SysWOW64\RunDll32.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows host process (Rundll32) 131545711771452518 0x6e400000 577536 C:\windows\AppPatch\AcLayers.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Compatibility DLL 131545711771452518 0x6fb60000 524288 C:\windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771452518 0x70ee0000 77824 C:\windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771452518 0x70f40000 311296 C:\windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771452518 0x71190000 73728 C:\windows\SysWOW64\MPR.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545711771452518 0x73190000 221184 C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711771452518 0x732a0000 57344 C:\windows\AppPatch\AcWow64.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Compatibility for 32bit Apps on Win64 131545711771452518 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771452518 0x74900000 331776 C:\windows\SysWOW64\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771452518 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771452518 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771452518 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771452518 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771452518 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771452518 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771452518 0x74c20000 393216 C:\windows\syswow64\SspiCli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545711771452518 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771452518 0x74f10000 1114112 C:\windows\syswow64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771452518 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771452518 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771452518 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771452518 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771452518 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771452518 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771452518 0x75790000 176128 C:\windows\syswow64\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771452518 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771452518 0x75aa0000 20480 C:\windows\syswow64\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771452518 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771452518 0x75c90000 102400 C:\windows\syswow64\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771452518 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771452518 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771452518 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771452518 0x76d80000 45056 C:\windows\syswow64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771452518 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771452518 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 93 6032 824 6 00000000:000003e4 131545708311118758 0 0 1 System NT AUTHORITY\NETWORK SERVICE wmpnetwk.exe C:\Program Files\Windows Media Player\wmpnetwk.exe "C:\Program Files\Windows Media Player\wmpnetwk.exe" Microsoft Corporation 12.0.7600.16385 (win7_rtm.090713-1255) Windows Media Player Network Sharing Service 131545711771452980 0x67f70000 12578816 C:\windows\system32\wmploc.dll 12.0.7601.23517 (win7sp1_ldr.160812-0732) Microsoft Corporation Windows Media Player Resources 131545711771452980 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771452980 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771452980 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771452980 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771452980 0xff140000 1556480 C:\Program Files\Windows Media Player\wmpnetwk.exe 12.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Media Player Network Sharing Service 131545711771452980 0x7fee4df0000 495616 C:\Windows\System32\wmpps.dll 12.0.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Media Player Proxy Stub Dll 131545711771452980 0x7fee4e70000 761856 C:\Program Files\Internet Explorer\ieproxy.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation IE ActiveX Interface Marshaling Library 131545711771452980 0x7fee4f30000 14729216 C:\windows\system32\wmp.dll 12.0.7601.23517 (win7sp1_ldr.160812-0732) Microsoft Corporation Windows Media Player 131545711771452980 0x7fee62a0000 1216512 C:\windows\system32\drmv2clt.dll 11.0.7601.23471 Microsoft Corporation DRMv2 Client DLL 131545711771452980 0x7fee63d0000 647168 C:\windows\system32\wmdrmdev.dll 12.0.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Media DRM for Network Devices Registration DLL 131545711771452980 0x7feef430000 446464 C:\windows\system32\MFPlat.DLL 12.0.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Media Foundation Platform DLL 131545711771452980 0x7fef5320000 282624 C:\windows\system32\upnp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation UPnP Control Point API 131545711771452980 0x7fef5d80000 49152 C:\windows\System32\npmproxy.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network List Manager Proxy 131545711771452980 0x7fef6210000 475136 C:\windows\System32\netprofm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network List Manager 131545711771452980 0x7fef65e0000 413696 C:\windows\system32\webio.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Web Transfer Protocols API 131545711771452980 0x7fef6680000 462848 C:\windows\system32\WINHTTP.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545711771452980 0x7fef6f40000 69632 C:\windows\system32\SSDPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SSDP Client API DLL 131545711771452980 0x7fef82f0000 36864 C:\windows\system32\WSOCK32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 32-Bit DLL 131545711771452980 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771452980 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771452980 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771452980 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771452980 0x7fefa3a0000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771452980 0x7fefa410000 1445888 C:\windows\system32\windowscodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545711771452980 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771452980 0x7fefab80000 2191360 C:\windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_145eb2808b8d6928\gdiplus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545711771452980 0x7fefb3d0000 86016 C:\windows\System32\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545711771452980 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771452980 0x7fefb630000 36864 C:\windows\system32\AVRT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545711771452980 0x7fefbb60000 770048 C:\Windows\system32\FirewallAPI.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Firewall API 131545711771452980 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771452980 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771452980 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771452980 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771452980 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771452980 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771452980 0x7fefccf0000 593920 C:\windows\system32\SXS.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Fusion 2.5 131545711771452980 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771452980 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771452980 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771452980 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771452980 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771452980 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771452980 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771452980 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771452980 0x7fefcf40000 20480 C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771452980 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771452980 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771452980 0x7fefd100000 16384 C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545711771452980 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771452980 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771452980 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771452980 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771452980 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771452980 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771452980 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771452980 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771452980 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771452980 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771452980 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771452980 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771452980 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771452980 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771452980 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771452980 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771452980 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771452980 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771452980 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 94 3552 1676 78 00000000:0019621a 131545708349650826 0 0 1 Medium USDEVR9K0NHD\sramka SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" Synaptics Incorporated 16.2.19.7 17Apr13 TouchPad Driver Helper Application 131545711771453734 0x400000 172032 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe 16.2.19.7 17Apr13 Synaptics Incorporated TouchPad Driver Helper Application 131545711771453734 0x10000000 1138688 C:\windows\system32\SynCOM.dll 16.2.19.7 17Apr13 Synaptics Incorporated SynCOM 131545711771453734 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771453734 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771453734 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771453734 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771453734 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771453734 0x7fef9f70000 81920 C:\windows\system32\SAMCLI.DLL 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Security Accounts Manager Client DLL 131545711771453734 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771453734 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771453734 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771453734 0x7fefb3f0000 86016 C:\windows\system32\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545711771453734 0x7fefb410000 49152 C:\windows\system32\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545711771453734 0x7fefb460000 90112 C:\windows\system32\NETAPI32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545711771453734 0x7fefc7c0000 143360 C:\windows\system32\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545711771453734 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771453734 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771453734 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771453734 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771453734 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771453734 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771453734 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771453734 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771453734 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771453734 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771453734 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771453734 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771453734 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771453734 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771453734 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771453734 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771453734 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771453734 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771453734 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771453734 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771453734 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 95 5532 1692 96 00000000:0019621a 131545708352146830 0 0 1 High USDEVR9K0NHD\sramka SYNTPHELPER.EXE C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" Synaptics Incorporated 16.2.19.7 17Apr13 Synaptics Pointing Device Helper 131545711771454234 0x400000 131072 C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE 16.2.19.7 17Apr13 Synaptics Incorporated Synaptics Pointing Device Helper 131545711771454234 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771454234 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771454234 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771454234 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771454234 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771454234 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771454234 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771454234 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771454234 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771454234 0x7fefcce0000 61440 C:\windows\system32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771454234 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771454234 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771454234 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771454234 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771454234 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771454234 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771454234 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771454234 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771454234 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771454234 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771454234 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771454234 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771454234 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771454234 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771454234 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771454234 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771454234 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 97 5584 2720 7 00000000:0019621a 131545708461035021 0 0 1 Medium USDEVR9K0NHD\sramka cmd.exe C:\windows\system32\cmd.exe "C:\windows\system32\cmd.exe" Microsoft Corporation 6.1.7601.17514 (win7sp1_rtm.101119-1850) Windows Command Processor 131545711771454680 0x4a4d0000 364544 C:\windows\system32\cmd.exe 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Command Processor 131545711771454680 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771454680 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771454680 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771454680 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771454680 0x7fefa390000 32768 C:\windows\system32\WINBRAND.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Branding Resources 131545711771454680 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771454680 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771454680 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771454680 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771454680 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771454680 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771454680 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771454680 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771454680 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771454680 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771454680 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771454680 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771454680 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 98 2452 772 13 00000000:0019621a 131545708461503022 0 0 1 Medium USDEVR9K0NHD\sramka conhost.exe C:\windows\system32\conhost.exe \??\C:\windows\system32\conhost.exe "1028284891198401227-1206681980-157440163811863638110801433261617028404-1859393813 Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Console Window Host 131545711771455048 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771455048 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771455048 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771455048 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771455048 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771455048 0xffdf0000 356352 C:\windows\system32\conhost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Console Window Host 131545711771455048 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711771455048 0x7fee67a0000 147456 C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll 6.5.1.2700 Broadcom Corporation. KeyBoard Hook DLL 131545711771455048 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771455048 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771455048 0x7fefbee0000 2048000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\comctl32.DLL 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771455048 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771455048 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771455048 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771455048 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771455048 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771455048 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771455048 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771455048 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771455048 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771455048 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771455048 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771455048 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771455048 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771455048 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771455048 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771455048 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771455048 0x7feff480000 188416 C:\windows\system32\IMM32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 99 5600 2720 7 00000000:0019621a 131545708760675551 0 0 1 Medium USDEVR9K0NHD\sramka VirtualBox.exe C:\Program Files\Oracle\VirtualBox\VirtualBox.exe "C:\Program Files\Oracle\VirtualBox\VirtualBox.exe" Oracle Corporation 5.1.30.118389 VirtualBox Manager 131545711771455424 0x6c6a0000 5640192 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771455424 0x6cf30000 5656576 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771455424 0x6f930000 344064 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771455424 0x6f990000 622592 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll 10.00.40219.1 Microsoft Corporation Microsoft® C Runtime Library 131545711771455424 0x6fa30000 860160 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll 10.00.40219.1 Microsoft Corporation Microsoft® C Runtime Library 131545711771455424 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771455424 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771455424 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771455424 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771455424 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771455424 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771455424 0x13f050000 1101824 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe 5.1.30.118389 Oracle Corporation VirtualBox Manager 131545711771455424 0x7fee2900000 5206016 C:\Program Files\Oracle\VirtualBox\VBoxC.dll 5.1.30.118389 Oracle Corporation VirtualBox Interface 131545711771455424 0x7fee2e00000 741376 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll 5.1.30.118389 Oracle Corporation VirtualBox COM Proxy Stub and Typelib 131545711771455424 0x7fee2ec0000 1236992 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771455424 0x7fee2ff0000 331776 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771455424 0x7fee3050000 6254592 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771455424 0x7fee3650000 184320 C:\windows\system32\GLU32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation OpenGL Utility Library DLL 131545711771455424 0x7fee3680000 1167360 C:\windows\system32\OPENGL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation OpenGL Client DLL 131545711771455424 0x7fee37a0000 9351168 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll 5.1.30.118389 Oracle Corporation VirtualBox Manager 131545711771455424 0x7fee4090000 5500928 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll 5.1.30.118389 Oracle Corporation VirtualBox Runtime 131545711771455424 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711771455424 0x7fee7060000 32768 C:\windows\system32\DCIMAN32.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation DCI Manager 131545711771455424 0x7fee7070000 987136 C:\windows\system32\DDRAW.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft DirectDraw 131545711771455424 0x7fef47c0000 20480 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL 5.1.30.118389 Oracle Corporation VirtualBox Kernel Support 131545711771455424 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771455424 0x7fef72d0000 159744 C:\windows\system32\cryptnet.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto Network Related API 131545711771455424 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771455424 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771455424 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771455424 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771455424 0x7fefa0a0000 462848 C:\windows\system32\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771455424 0x7fefa6a0000 98304 C:\windows\system32\MPR.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545711771455424 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771455424 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771455424 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771455424 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771455424 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771455424 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771455424 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771455424 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771455424 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771455424 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771455424 0x7fefc8e0000 327680 C:\windows\system32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771455424 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771455424 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771455424 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771455424 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771455424 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771455424 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771455424 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771455424 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771455424 0x7fefcf00000 241664 C:\windows\system32\Wintrust.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771455424 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771455424 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771455424 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771455424 0x7fefd250000 618496 C:\windows\system32\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771455424 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771455424 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771455424 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771455424 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771455424 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771455424 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771455424 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771455424 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771455424 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771455424 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771455424 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771455424 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771455424 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771455424 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771455424 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771455424 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771455424 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771455424 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771455424 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 100 6020 1008 18 00000000:0019621a 131545708764887559 0 0 1 Medium USDEVR9K0NHD\sramka VBoxSVC.exe C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe "C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe" -Embedding Oracle Corporation 5.1.30.118389 VirtualBox Interface 131545711771455797 0x6f990000 622592 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll 10.00.40219.1 Microsoft Corporation Microsoft® C Runtime Library 131545711771455797 0x6fa30000 860160 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll 10.00.40219.1 Microsoft Corporation Microsoft® C Runtime Library 131545711771455797 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771455797 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771455797 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771455797 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771455797 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771455797 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771455797 0x13f4b0000 4878336 C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe 5.1.30.118389 Oracle Corporation VirtualBox Interface 131545711771455797 0x7fee2840000 360448 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll 5.1.30.118389 Oracle Corporation VirtualBox VMM Devices and Drivers Utilities 131545711771455797 0x7fee2e00000 741376 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll 5.1.30.118389 Oracle Corporation VirtualBox COM Proxy Stub and Typelib 131545711771455797 0x7fee4090000 5500928 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll 5.1.30.118389 Oracle Corporation VirtualBox Runtime 131545711771455797 0x7fef72d0000 159744 C:\windows\system32\cryptnet.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto Network Related API 131545711771455797 0x7fef8580000 540672 C:\Windows\system32\netcfgx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Configuration Objects 131545711771455797 0x7fef8e80000 98304 C:\windows\system32\dhcpcsvc.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545711771455797 0x7fef8ea0000 69632 C:\windows\system32\dhcpcsvc6.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545711771455797 0x7fef9870000 45056 C:\windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771455797 0x7fef99b0000 159744 C:\windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771455797 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771455797 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771455797 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771455797 0x7fefbd00000 180224 C:\windows\system32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771455797 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771455797 0x7fefbdb0000 73728 C:\windows\system32\devrtl.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771455797 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771455797 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771455797 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771455797 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771455797 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771455797 0x7fefc8e0000 327680 C:\windows\system32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771455797 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771455797 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771455797 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771455797 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771455797 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771455797 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771455797 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771455797 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771455797 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771455797 0x7fefcf00000 241664 C:\windows\system32\WINTRUST.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771455797 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771455797 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771455797 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771455797 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771455797 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771455797 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771455797 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771455797 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771455797 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771455797 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771455797 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771455797 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771455797 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771455797 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771455797 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771455797 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771455797 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771455797 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771455797 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771455797 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771455797 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771455797 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 101 2208 6020 100 00000000:0019621a 131545708820099506 0 0 1 Medium USDEVR9K0NHD\sramka VirtualBox.exe C:\Program Files\Oracle\VirtualBox\VirtualBox.exe "C:\Program Files\Oracle\VirtualBox\VirtualBox.exe" --comment "TCx Elevate 4690 Environment" --startvm 8caac150-3a70-479e-bb09-baa815b157d6 --no-startvm-errormsgbox "--sup-hardening-log=C:\TCx Elevate 4690 Environment\Logs\VBoxHardening.log" Oracle Corporation 5.1.30.118389 VirtualBox Manager 131545711771456178 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771456178 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771456178 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771456178 0x13f050000 1101824 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe 5.1.30.118389 Oracle Corporation VirtualBox Manager 131545711771456178 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771456178 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771456178 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771456178 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771456178 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771456178 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 102 1480 2208 101 00000000:0019621a 131545708820255506 0 0 1 Medium USDEVR9K0NHD\sramka VirtualBox.exe C:\Program Files\Oracle\VirtualBox\VirtualBox.exe 60eaff78-4bdd-042d-2e72-669728efd737-suplib-2ndchild --comment "TCx Elevate 4690 Environment" --startvm 8caac150-3a70-479e-bb09-baa815b157d6 --no-startvm-errormsgbox "--sup-hardening-log=C:\TCx Elevate 4690 Environment\Logs\VBoxHardening.log" Oracle Corporation 5.1.30.118389 VirtualBox Manager 131545711771456606 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771456606 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771456606 0x13f050000 1101824 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe 5.1.30.118389 Oracle Corporation VirtualBox Manager 131545711771456606 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771456606 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771456606 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771456606 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771456606 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.DLL 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771456606 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 103 1680 1480 102 00000000:0019621a 131545708831175525 0 0 1 Medium USDEVR9K0NHD\sramka VirtualBox.exe C:\Program Files\Oracle\VirtualBox\VirtualBox.exe 60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment "TCx Elevate 4690 Environment" --startvm 8caac150-3a70-479e-bb09-baa815b157d6 --no-startvm-errormsgbox "--sup-hardening-log=C:\TCx Elevate 4690 Environment\Logs\VBoxHardening.log" Oracle Corporation 5.1.30.118389 VirtualBox Manager 131545711771456987 0x63220000 30687232 C:\windows\system32\nvoglv64.dll 10.18.13.5445 NVIDIA Corporation NVIDIA Compatible OpenGL ICD 131545711771456987 0x6c6a0000 5640192 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771456987 0x6cf30000 5656576 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771456987 0x6f820000 1093632 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll 5.1.30.118389 Oracle Corporation VirtualBox Recompiler 131545711771456987 0x6f930000 344064 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771456987 0x6f990000 622592 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll 10.00.40219.1 Microsoft Corporation Microsoft® C Runtime Library 131545711771456987 0x6fa30000 860160 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll 10.00.40219.1 Microsoft Corporation Microsoft® C Runtime Library 131545711771456987 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771456987 0x74860000 24576 C:\windows\system32\ksuser.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation User CSA Library 131545711771456987 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771456987 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771456987 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771456987 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771456987 0x13f050000 1101824 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe 5.1.30.118389 Oracle Corporation VirtualBox Manager 131545711771456987 0x7fee1610000 557056 C:\windows\System32\dsound.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DirectSound 131545711771456987 0x7fee16a0000 53248 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL 5.1.30.118389 Oracle Corporation VirtualBox Shared Folders Host Service 131545711771456987 0x7fee16b0000 380928 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll 5.1.30.118389 Oracle Corporation VirtualBox VMM Devices and Drivers 2 131545711771456987 0x7fee1710000 10166272 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL 5.1.30.118389 Oracle Corporation VirtualBox VMM Devices and Drivers 131545711771456987 0x7fee20d0000 45056 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL 5.1.30.118389 Oracle Corporation VirtualBox Guest Control Host Service 131545711771456987 0x7fee20e0000 106496 C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll 5.1.30.118389 Oracle Corporation VirtualBox crOpenGL ICD 131545711771456987 0x7fee2100000 192512 C:\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll 5.1.30.118389 Oracle Corporation VirtualBox crOpenGL ICD 131545711771456987 0x7fee2130000 1105920 C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL 5.1.30.118389 Oracle Corporation VirtualBox crOpenGL Host Service 131545711771456987 0x7fee2240000 2875392 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL 5.1.30.118389 Oracle Corporation VirtualBox VMM 131545711771456987 0x7fee2840000 360448 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll 5.1.30.118389 Oracle Corporation VirtualBox VMM Devices and Drivers Utilities 131545711771456987 0x7fee28a0000 49152 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL 5.1.30.118389 Oracle Corporation VirtualBox Guest Properties Service 131545711771456987 0x7fee28b0000 155648 C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll 5.1.30.118389 Oracle Corporation VirtualBox crOpenGL ICD 131545711771456987 0x7fee28e0000 53248 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL 5.1.30.118389 Oracle Corporation VirtualBox Drag and Drop Host Service 131545711771456987 0x7fee28f0000 45056 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL 5.1.30.118389 Oracle Corporation VirtualBox Shared Clipboard Host Service 131545711771456987 0x7fee2900000 5206016 C:\Program Files\Oracle\VirtualBox\VBoxC.dll 5.1.30.118389 Oracle Corporation VirtualBox Interface 131545711771456987 0x7fee2e00000 741376 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll 5.1.30.118389 Oracle Corporation VirtualBox COM Proxy Stub and Typelib 131545711771456987 0x7fee2ec0000 1236992 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771456987 0x7fee2ff0000 331776 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771456987 0x7fee3050000 6254592 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll 5.6.2.0 The Qt Company Ltd C++ application development framework. 131545711771456987 0x7fee3650000 184320 C:\windows\system32\GLU32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation OpenGL Utility Library DLL 131545711771456987 0x7fee3680000 1167360 C:\windows\system32\OPENGL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation OpenGL Client DLL 131545711771456987 0x7fee37a0000 9351168 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll 5.1.30.118389 Oracle Corporation VirtualBox Manager 131545711771456987 0x7fee4090000 5500928 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll 5.1.30.118389 Oracle Corporation VirtualBox Runtime 131545711771456987 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711771456987 0x7fee67a0000 147456 C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll 6.5.1.2700 Broadcom Corporation. KeyBoard Hook DLL 131545711771456987 0x7fee7060000 32768 C:\windows\system32\DCIMAN32.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation DCI Manager 131545711771456987 0x7fee7070000 987136 C:\windows\system32\DDRAW.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft DirectDraw 131545711771456987 0x7fef47c0000 20480 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL 5.1.30.118389 Oracle Corporation VirtualBox Kernel Support 131545711771456987 0x7fef6d00000 81920 C:\windows\system32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771456987 0x7fef72d0000 159744 C:\windows\system32\cryptnet.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto Network Related API 131545711771456987 0x7fef8580000 540672 C:\Windows\system32\netcfgx.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Network Configuration Objects 131545711771456987 0x7fef9380000 61440 C:\windows\system32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545711771456987 0x7fef9700000 159744 C:\windows\system32\NTDSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545711771456987 0x7fef97d0000 548864 C:\windows\system32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545711771456987 0x7fef9870000 45056 C:\Windows\system32\WINNSI.DLL 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545711771456987 0x7fef9880000 925696 C:\windows\system32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545711771456987 0x7fef99b0000 159744 C:\Windows\system32\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545711771456987 0x7fefa0a0000 462848 C:\windows\system32\WINSPOOL.DRV 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545711771456987 0x7fefa6a0000 98304 C:\windows\system32\MPR.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545711771456987 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771456987 0x7fefa8b0000 36864 C:\windows\system32\midimap.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft MIDI Mapper 131545711771456987 0x7fefa910000 98304 C:\windows\system32\MSACM32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft ACM Audio Filter 131545711771456987 0x7fefa930000 40960 C:\windows\system32\msacm32.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Sound Mapper 131545711771456987 0x7fefa940000 323584 C:\windows\system32\AUDIOSES.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Audio Session 131545711771456987 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771456987 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771456987 0x7fefab00000 241664 C:\windows\system32\wdmaud.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winmm audio system driver 131545711771456987 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771456987 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771456987 0x7fefb600000 184320 C:\windows\system32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545711771456987 0x7fefb630000 36864 C:\windows\system32\AVRT.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545711771456987 0x7fefb790000 1228800 C:\windows\System32\PROPSYS.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711771456987 0x7fefb8c0000 307200 C:\windows\System32\MMDevApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545711771456987 0x7fefbd00000 180224 C:\windows\System32\POWRPROF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545711771456987 0x7fefbd90000 110592 C:\windows\system32\GPAPI.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545711771456987 0x7fefbdb0000 73728 C:\windows\system32\devrtl.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Management Run Time Library 131545711771456987 0x7fefbe60000 249856 C:\windows\system32\WINSTA.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545711771456987 0x7fefc1e0000 69632 C:\windows\system32\WTSAPI32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545711771456987 0x7fefc2b0000 311296 C:\windows\system32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771456987 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771456987 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771456987 0x7fefc8b0000 139264 C:\windows\system32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545711771456987 0x7fefc8e0000 327680 C:\windows\system32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545711771456987 0x7fefcc80000 356352 C:\windows\system32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711771456987 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771456987 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771456987 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771456987 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771456987 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771456987 0x7fefcea0000 61440 C:\windows\system32\MSASN1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545711771456987 0x7fefceb0000 126976 C:\windows\system32\USERENV.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545711771456987 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771456987 0x7fefcf00000 241664 C:\windows\system32\Wintrust.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545711771456987 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771456987 0x7fefcf90000 1495040 C:\windows\system32\CRYPT32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545711771456987 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771456987 0x7fefd250000 618496 C:\windows\system32\COMDLG32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545711771456987 0x7fefd5c0000 626688 C:\windows\system32\CLBCatQ.DLL 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711771456987 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771456987 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771456987 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771456987 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771456987 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771456987 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771456987 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771456987 0x7fefe7b0000 102400 C:\windows\system32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545711771456987 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771456987 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771456987 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771456987 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771456987 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771456987 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771456987 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771456987 0x7fefeef0000 335872 C:\windows\system32\WLDAP32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545711771456987 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771456987 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 104 2336 1696 105 00000000:0019621a 131545709132748831 0 0 0 Medium USDEVR9K0NHD\sramka LSCNotify.exe C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe "C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync Lenovo 1.1.0.0 Lenovo Solution Center Notifications 131545711771457363 0x1000000 1335296 C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe 1.1.0.0 Lenovo Lenovo Solution Center Notifications 131545711771457363 0x6cc10000 1695744 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c\COMCTL32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711771457363 0x6e510000 192512 C:\windows\SysWOW64\XmlLite.dll 1.3.1001.0 Microsoft Corporation Microsoft XmlLite Library 131545711771457363 0x6fb60000 524288 C:\windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771457363 0x70ee0000 77824 C:\windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771457363 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771457363 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771457363 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771457363 0x748d0000 176128 C:\windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771457363 0x74960000 36864 C:\windows\SysWOW64\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771457363 0x74970000 450560 C:\windows\SysWOW64\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771457363 0x749e0000 32768 C:\windows\SYSTEM32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545711771457363 0x749f0000 376832 C:\windows\SYSTEM32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545711771457363 0x74a50000 258048 C:\windows\SYSTEM32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545711771457363 0x74c10000 49152 C:\windows\syswow64\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771457363 0x74c80000 1691648 C:\windows\syswow64\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771457363 0x74e20000 73728 C:\windows\syswow64\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771457363 0x74e40000 839680 C:\windows\syswow64\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771457363 0x75020000 159744 C:\windows\syswow64\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771457363 0x750d0000 593920 C:\windows\syswow64\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771457363 0x75200000 659456 C:\windows\syswow64\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771457363 0x752b0000 704512 C:\windows\syswow64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771457363 0x75460000 102400 C:\windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771457363 0x75480000 356352 C:\windows\syswow64\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771457363 0x75540000 1429504 C:\windows\syswow64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771457363 0x756a0000 983040 C:\windows\syswow64\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771457363 0x757c0000 393216 C:\windows\SysWOW64\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545711771457363 0x75bf0000 643072 C:\windows\syswow64\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771457363 0x75cb0000 40960 C:\windows\syswow64\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771457363 0x760c0000 12894208 C:\windows\syswow64\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771457363 0x76d10000 290816 C:\windows\syswow64\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771457363 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771457363 0x77380000 1572864 C:\windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 106 5520 2720 7 00000000:0019621a 131545710213781105 0 0 1 Medium USDEVR9K0NHD\sramka glogg.exe C:\Program Files\glogg\glogg.exe "C:\Program Files\glogg\glogg.exe" "C:\elevate\f_drive\adxetc\ext\xpd\runtime\homes\_provision\configuration\1510097389541.log" 131545711771457787 0x400000 2048000 C:\Program Files\glogg\glogg.exe 131545711771457787 0x900000 6033408 C:\Program Files\glogg\Qt5Widgets.dll 5.5.1.0 The Qt Company Ltd C++ application development framework. 131545711771457787 0x61940000 5001216 C:\Program Files\glogg\Qt5Gui.dll 5.5.1.0 The Qt Company Ltd C++ application development framework. 131545711771457787 0x64940000 307200 C:\Program Files\glogg\libwinpthread-1.dll 1, 0, 0, 0 MingW-W64 Project. All rights reserved. POSIX WinThreads for Windows 131545711771457787 0x68880000 5197824 C:\Program Files\glogg\Qt5Core.dll 5.5.1.0 The Qt Company Ltd C++ application development framework. 131545711771457787 0x69700000 1257472 C:\Program Files\glogg\Qt5Network.dll 5.5.1.0 The Qt Company Ltd C++ application development framework. 131545711771457787 0x6a880000 1478656 C:\Program Files\glogg\platforms\qwindows.dll 5.5.1.0 The Qt Company Ltd C++ application development framework. 131545711771457787 0x74850000 24576 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 131545711771457787 0x74b80000 561152 C:\windows\System32\SYSFER.DLL 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711771457787 0x76f80000 1175552 C:\windows\system32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771457787 0x770a0000 1024000 C:\windows\system32\USER32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711771457787 0x771a0000 1744896 C:\windows\SYSTEM32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711771457787 0x77360000 28672 C:\windows\system32\PSAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711771457787 0x7fee3650000 184320 C:\windows\system32\GLU32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation OpenGL Utility Library DLL 131545711771457787 0x7fee3680000 1167360 C:\windows\system32\OPENGL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation OpenGL Client DLL 131545711771457787 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711771457787 0x7fee7060000 32768 C:\windows\system32\DCIMAN32.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation DCI Manager 131545711771457787 0x7fee7070000 987136 C:\windows\system32\DDRAW.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft DirectDraw 131545711771457787 0x7fefa6a0000 98304 C:\windows\system32\MPR.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545711771457787 0x7fefa7d0000 98304 C:\windows\system32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711771457787 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711771457787 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711771457787 0x7fefab40000 241664 C:\windows\system32\WINMM.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545711771457787 0x7fefada0000 352256 C:\windows\system32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711771457787 0x7fefc350000 290816 C:\windows\system32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711771457787 0x7fefc470000 372736 C:\windows\system32\DNSAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545711771457787 0x7fefc650000 98304 C:\windows\system32\CRYPTSP.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711771457787 0x7fefcce0000 61440 C:\windows\system32\CRYPTBASE.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711771457787 0x7fefcd90000 81920 C:\windows\system32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711771457787 0x7fefcdb0000 49152 C:\windows\system32\VERSION.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711771457787 0x7fefcdc0000 200704 C:\windows\system32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711771457787 0x7fefce90000 61440 C:\windows\system32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545711771457787 0x7fefcee0000 106496 C:\windows\system32\DEVOBJ.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711771457787 0x7fefcf50000 221184 C:\windows\system32\CFGMGR32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711771457787 0x7fefd110000 434176 C:\windows\system32\KERNELBASE.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711771457787 0x7fefd660000 1085440 C:\windows\system32\MSCTF.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711771457787 0x7fefd770000 126976 C:\windows\SYSTEM32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711771457787 0x7fefd790000 1232896 C:\windows\system32\RPCRT4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711771457787 0x7fefd8c0000 897024 C:\windows\system32\ADVAPI32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711771457787 0x7fefd9a0000 421888 C:\windows\system32\GDI32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711771457787 0x7fefda10000 14196736 C:\windows\system32\SHELL32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711771457787 0x7fefe7a0000 57344 C:\windows\system32\LPK.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711771457787 0x7fefe7d0000 1929216 C:\windows\system32\SETUPAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711771457787 0x7fefe9b0000 32768 C:\windows\system32\NSI.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545711771457787 0x7fefea40000 315392 C:\windows\system32\WS2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545711771457787 0x7fefea90000 651264 C:\windows\system32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711771457787 0x7fefeb30000 462848 C:\windows\system32\SHLWAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711771457787 0x7fefebb0000 831488 C:\windows\system32\USP10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711771457787 0x7fefec80000 892928 C:\windows\system32\OLEAUT32.dll 6.1.7601.23775 Microsoft Corporation 131545711771457787 0x7feff280000 2080768 C:\windows\system32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711771457787 0x7feff480000 188416 C:\windows\system32\IMM32.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 107 1924 1008 18 00000000:0019621a 131545711992850280 131545712043875980 0 1 Medium USDEVR9K0NHD\sramka DllHost.exe C:\windows\system32\DllHost.exe C:\windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) COM Surrogate 131545711993215062 0x74850000 24576 C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll 131545711992946463 0x74b80000 561152 C:\Windows\System32\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711992931108 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711992965648 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711992919945 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711993553673 0x77360000 28672 C:\Windows\System32\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711992918639 0xff730000 28672 C:\Windows\System32\dllhost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation COM Surrogate 131545711993530315 0x7fef0550000 126976 C:\Windows\System32\thumbcache.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Thumbnail Cache 131545711993550531 0x7fef9730000 655360 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711993255294 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545711993222510 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\coprocmanager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545711993476021 0x7fefada0000 352256 C:\Windows\System32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711993563150 0x7fefb790000 1228800 C:\Windows\System32\propsys.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545711993423346 0x7fefc350000 290816 C:\Windows\System32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545711993350269 0x7fefc650000 98304 C:\Windows\System32\cryptsp.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545711993283674 0x7fefcce0000 61440 C:\Windows\System32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711993450013 0x7fefcd90000 81920 C:\Windows\System32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545711993082723 0x7fefcdb0000 49152 C:\Windows\System32\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711993073892 0x7fefcdc0000 200704 C:\Windows\System32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711993235364 0x7fefcee0000 106496 C:\Windows\System32\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545711993228670 0x7fefcf50000 221184 C:\Windows\System32\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545711992933536 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711993292453 0x7fefd5c0000 626688 C:\Windows\System32\clbcatq.dll 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545711993058812 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711993097268 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711992973284 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711993085621 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711992963576 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711993533251 0x7fefda10000 14196736 C:\Windows\System32\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711992968991 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711993226016 0x7fefe7d0000 1929216 C:\Windows\System32\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545711992959360 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711993535764 0x7fefeb30000 462848 C:\Windows\System32\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711992970788 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711993231880 0x7fefec80000 892928 C:\Windows\System32\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545711992961851 0x7feff280000 2080768 C:\Windows\System32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711993055597 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 108 1608 2720 7 00000000:0019621a 131545711995435142 0 0 1 Medium USDEVR9K0NHD\sramka cmd.exe C:\windows\system32\cmd.exe C:\windows\system32\cmd.exe /c ""C:\elevate\client\RUN.BAT" " Microsoft Corporation 6.1.7601.17514 (win7sp1_rtm.101119-1850) Windows Command Processor 131545711995840759 0x4a4d0000 364544 C:\Windows\System32\cmd.exe 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Command Processor 131545711997270510 0x74b80000 561152 C:\Windows\System32\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711996494319 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711997297271 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711995842553 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711997294917 0x7fefa390000 32768 C:\Windows\System32\winbrand.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Branding Resources 131545711998701887 0x7fefcc80000 356352 C:\Windows\System32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545711997499896 0x7fefcdb0000 49152 C:\Windows\System32\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711997491301 0x7fefcdc0000 200704 C:\Windows\System32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711996496421 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711997473610 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711997512335 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711997515550 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711997503440 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711997299942 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711997301928 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711997284931 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711997303807 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711997469402 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 109 5908 772 13 00000000:0019621a 131545711996524792 0 0 1 Medium USDEVR9K0NHD\sramka conhost.exe C:\windows\system32\conhost.exe \??\C:\windows\system32\conhost.exe "614552335121042370331259073565847985153914028513915843691707307286-924645893" Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Console Window Host 131545711997050207 0x100000 356352 C:\Windows\System32\conhost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Console Window Host 131545711996986971 0x4a4d0000 364544 C:\Windows\System32\cmd.exe 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Command Processor 131545711996756301 0x74b80000 561152 C:\Windows\System32\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545711996741306 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711996770024 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711996529877 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711997099702 0x77360000 28672 C:\Windows\System32\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545711996528772 0xffdf0000 356352 C:\Windows\System32\conhost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Console Window Host 131545711997084211 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\BtMmHook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545711997072602 0x7fefa7d0000 98304 C:\Windows\System32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545711996964101 0x7fefada0000 352256 C:\Windows\System32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545711997178886 0x7fefbee0000 2048000 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545711997210232 0x7fefcce0000 61440 C:\Windows\System32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545711996905214 0x7fefcdb0000 49152 C:\Windows\System32\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545711996894235 0x7fefcdc0000 200704 C:\Windows\System32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545711996744033 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545711996781671 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545711996917075 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545711996785716 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545711996908446 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545711996768290 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545711997090781 0x7fefda10000 14196736 C:\Windows\System32\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545711996772293 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545711996776941 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545711997093371 0x7fefeb30000 462848 C:\Windows\System32\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545711996775173 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545711996787642 0x7fefec80000 892928 C:\Windows\System32\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545711996783846 0x7feff280000 2080768 C:\Windows\System32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545711996779655 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 110 4192 1608 108 00000000:0019621a 131545711998656561 131545712009495512 0 0 Medium USDEVR9K0NHD\sramka java.exe C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe "C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86"\bin\java.exe -Dphase=pre -cp provutil.jar com.tgcs.scrt.p2.helper.ProvisionSetup N/A 8.0.1510.12 OpenJDK Platform binary 131545711998892954 0xf10000 258048 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe 8.0.1510.12 N/A OpenJDK Platform binary 131545712007614437 0x3fe00000 1114112 C:\Windows\SysWOW64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712007624723 0x40760000 1114112 C:\Windows\SysWOW64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712009092458 0x41060000 1114112 C:\Windows\SysWOW64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712006985614 0x65990000 6578176 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll 25.71.0.01 OpenJDK Server VM 131545712006607096 0x6cc10000 1695744 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545712006961926 0x6d9c0000 782336 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\msvcr100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545712007045695 0x6e100000 135168 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll 8.0.1510.12 N/A OpenJDK Platform binary 131545712006617340 0x6e4b0000 90112 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\ojdkbuild_zlib.dll 131545712007141856 0x6e4e0000 40960 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\zip.dll 8.0.1510.12 N/A OpenJDK Platform binary 131545712007003417 0x6e500000 28672 C:\Windows\SysWOW64\wsock32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 32-Bit DLL 131545712007038033 0x6f810000 49152 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\verify.dll 8.0.1510.12 N/A OpenJDK Platform binary 131545712007019002 0x70e90000 204800 C:\Windows\SysWOW64\winmm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545712006633567 0x70f40000 311296 C:\Windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545712006911057 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545712006869832 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545712006862666 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545712006766313 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545712006776291 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545712006544328 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545712006508603 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545712006500029 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545712006490154 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545712006586760 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545712006872730 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545712006884484 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545712006752401 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545712006875482 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545712006878710 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545712006591306 0x75170000 589824 C:\Windows\SysWOW64\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545712006567840 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545712006569775 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545712006589846 0x75360000 1048576 C:\Windows\SysWOW64\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545712006578969 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545712006609181 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545712006880880 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545712006581914 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545712006748652 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545712007022375 0x75aa0000 20480 C:\Windows\SysWOW64\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545712007009204 0x75be0000 24576 C:\Windows\SysWOW64\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545712006594311 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545712006592838 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545712007006268 0x75f80000 217088 C:\Windows\SysWOW64\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545712007627591 0x760c0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545712006530497 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712007639426 0x76d80000 45056 C:\Windows\SysWOW64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545712006517579 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712006519514 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545711998894795 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545711998896421 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 111 3232 1608 108 00000000:0019621a 131545712009622043 0 0 0 Medium USDEVR9K0NHD\sramka rcplauncher.exe C:\elevate\client\rcplauncher.exe rcplauncher -clean -initialize -configuration "..\\f_drive\adxetc\ext\xpd\runtime\homes\_provision\configuration" -application org.eclipse.equinox.p2.reconciler.application -vm "C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86"\bin\java.exe -vmargs -Xbootclasspath/a:..\\client\rcplog.jar -Duser.home=..\\f_drive\adxetc\ext\xpd\runtime\homes\_provision -Djava.util.logging.config.file="..\\f_drive\adxetc\ext\xpd\logging.properties" -Dcom.ibm.OS4690.path.f_drive=..\\f_drive -Dxpd.id=_provision -Dterminal.number=400 -Dstore.number=0001 131545712010680312 0x2d0000 258048 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe 8.0.1510.12 N/A OpenJDK Platform binary 131545712009682774 0x400000 319488 C:\elevate\client\rcplauncher.exe 131545712017509916 0x47f0000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545712010163848 0x6cc10000 1695744 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545712010199868 0x6e400000 577536 C:\Windows\AppPatch\AcLayers.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Compatibility DLL 131545712017283270 0x6fb60000 524288 C:\Windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545712017482457 0x70ee0000 77824 C:\Windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545712010176278 0x70f40000 311296 C:\Windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545712010234005 0x71190000 73728 C:\Windows\SysWOW64\mpr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545712010552972 0x72000000 53248 C:\elevate\client\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.200.v20140116-2212\eclipse_1503.dll 131545712017403902 0x73190000 221184 C:\Program Files\ThinkPad\Bluetooth Software\syswow64\BtMmHook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545712010488265 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545712010462295 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545712010454569 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545712010360552 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545712010223928 0x74900000 331776 C:\Windows\SysWOW64\winspool.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545712010369892 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545712010094709 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545712010056998 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545712010047650 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545712010037942 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545712010149260 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545712010465219 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545712010470856 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545712010346521 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545712010467868 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545712010209409 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545712010132703 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545712010128692 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545712010140857 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545712010166981 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545712010206327 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545712010143990 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545712010342874 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545712017417433 0x75aa0000 20480 C:\Windows\SysWOW64\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545712010126822 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545712010211973 0x75c90000 102400 C:\Windows\SysWOW64\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545712010124103 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545712010202663 0x760c0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545712010080404 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712010214434 0x76d80000 45056 C:\Windows\SysWOW64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545712010066565 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712010068440 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545712009684486 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545712009686019 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 112 1020 3232 111 00000000:0019621a 131545712010609907 131545712016712392 0 0 Medium USDEVR9K0NHD\sramka java.exe C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe -Xmx1024m -Xms48m -Xverify:none -Dorg.eclipse.equinox.http.jetty.http.host=127.0.0.1 -Dorg.eclipse.equinox.http.jetty.http.port=8080 -Dweb.host.port=8080 -Dorg.eclipse.equinox.http.jetty.context.sessioninactiveinterval=0 -Dorg.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.JavaUtilLog -Dosgi.bundles.defaultStartLevel=6 -Xbootclasspath/a:..\\client\rcplog.jar -Duser.home=..\\f_drive\adxetc\ext\xpd\runtime\homes\_provision -Djava.util.logging.config.file=..\\f_drive\adxetc\ext\xpd\logging.properties -Dcom.ibm.OS4690.path.f_drive=..\\f_drive -Dxpd.id=_provision -Dterminal.number=400 -Dstore.number=0001 -jar C:\elevate\client\\plugins/org.eclipse.equinox.launcher_1.3.0.v20130327-1440.jar -os win32 -ws win32 -arch x86 -showsplash -launcher C:\elevate\client\rcplauncher.exe -name Rcplauncher --launcher.library C:\elevate\client\\plugins/org.eclipse.equinox.launcher.win32.win32.x86_1.1.200.v20140116-2212\eclipse_1503.dll -startup C:\elevate\client\\plugins/org.eclipse.equinox.launcher_1.3.0.v20130327-1440.jar --launcher.appendVmargs -exitdata ca0_100 -clearPersistedState -clean -initialize -configuration ..\\f_drive\adxetc\ext\xpd\runtime\homes\_provision\configuration -application org.eclipse.equinox.p2.reconciler.application -vm C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe -vmargs -Xmx1024m -Xms48m -Xverify:none -Dorg.eclipse.equinox.http.jetty.http.host=127.0.0.1 -Dorg.eclipse.equinox.http.jetty.http.port=8080 -Dweb.host.port=8080 -Dorg.eclipse.equinox.http.jetty.context.sessioninactiveinterval=0 -Dorg.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.JavaUtilLog -Dosgi.bundles.defaultStartLevel=6 -Xbootclasspath/a:..\\client\rcplog.jar -Duser.home=..\\f_drive\adxetc\ext\xpd\runtime\homes\_provision -Djava.util.logging.config.file=..\\f_drive\adxetc\ext\xpd\logging.properties -Dcom.ibm.OS4690.path.f_drive=..\\f_drive -Dxpd.id=_provision -Dterminal.number=400 -Dstore.number=0001 -jar C:\elevate\client\\plugins/org.eclipse.equinox.launcher_1.3.0.v20130327-1440.jar N/A 8.0.1510.12 OpenJDK Platform binary 131545712010778532 0xf10000 258048 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe 8.0.1510.12 N/A OpenJDK Platform binary 131545712012826455 0x55a30000 1114112 C:\Windows\SysWOW64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712014855707 0x56140000 1114112 C:\Windows\SysWOW64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712012192158 0x68e50000 6578176 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll 25.71.0.01 OpenJDK Server VM 131545712011738355 0x6cc10000 1695744 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545712012167220 0x6da80000 782336 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\msvcr100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545712011789036 0x6e400000 577536 C:\Windows\AppPatch\AcLayers.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Compatibility DLL 131545712012348746 0x6e490000 40960 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\zip.dll 8.0.1510.12 N/A OpenJDK Platform binary 131545712012249679 0x6e4a0000 135168 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll 8.0.1510.12 N/A OpenJDK Platform binary 131545712011748025 0x6e4d0000 90112 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\ojdkbuild_zlib.dll 131545712012242560 0x6e500000 49152 C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\verify.dll 8.0.1510.12 N/A OpenJDK Platform binary 131545712012207311 0x6f810000 28672 C:\Windows\SysWOW64\wsock32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 32-Bit DLL 131545712012221411 0x70e90000 204800 C:\Windows\SysWOW64\winmm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545712011759586 0x70f40000 311296 C:\Windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545712011832217 0x71190000 73728 C:\Windows\SysWOW64\mpr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545712016642796 0x72000000 53248 C:\elevate\client\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.200.v20140116-2212\eclipse_1503.dll 131545712015488254 0x72ff0000 241664 C:\Windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545712015410842 0x73030000 94208 C:\Windows\SysWOW64\cryptsp.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545712012096562 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545712012070481 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545712012063555 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545712011963790 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545712011820454 0x74900000 331776 C:\Windows\SysWOW64\winspool.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545712011973858 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545712011669902 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545712010836438 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545712010828155 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545712010819475 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545712011717248 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545712012072972 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545712012077497 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545712011949708 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545712012075006 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545712011801496 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545712011722042 0x75170000 589824 C:\Windows\SysWOW64\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545712011697601 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545712011699664 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545712011720159 0x75360000 1048576 C:\Windows\SysWOW64\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545712011708606 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545712011741180 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545712011796107 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545712011711589 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545712011945684 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545712012224334 0x75aa0000 20480 C:\Windows\SysWOW64\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545712012212653 0x75be0000 24576 C:\Windows\SysWOW64\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545712011725616 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545712011804420 0x75c90000 102400 C:\Windows\SysWOW64\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545712011723938 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545712012210110 0x75f80000 217088 C:\Windows\SysWOW64\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545712011791912 0x760c0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545712010860054 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712011809094 0x76d80000 45056 C:\Windows\SysWOW64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545712010847075 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712010848813 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545712010780060 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545712010781271 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 113 4772 772 13 00000000:0019621a 131545712010890770 131545712016750800 0 1 Medium USDEVR9K0NHD\sramka conhost.exe C:\windows\system32\conhost.exe \??\C:\windows\system32\conhost.exe "498042038-1937374520-479514044-1987163189196323318452924141929437659-1249171042" Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Console Window Host 131545712011433410 0x130000 356352 C:\Windows\System32\conhost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Console Window Host 131545712011131658 0x74b80000 561152 C:\Windows\System32\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545712011115345 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712011146083 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545712010895825 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545712011487023 0x77360000 28672 C:\Windows\System32\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545712010894460 0xffdf0000 356352 C:\Windows\System32\conhost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Console Window Host 131545712011469143 0x7fee6760000 258048 C:\Program Files\ThinkPad\Bluetooth Software\BtMmHook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545712011456683 0x7fefa7d0000 98304 C:\Windows\System32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545712011332930 0x7fefada0000 352256 C:\Windows\System32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545712011567714 0x7fefbee0000 2048000 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545712011600066 0x7fefcce0000 61440 C:\Windows\System32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545712011274425 0x7fefcdb0000 49152 C:\Windows\System32\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545712011264160 0x7fefcdc0000 200704 C:\Windows\System32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545712011118491 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545712011158454 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545712011287763 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545712011162114 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545712011278590 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545712011143917 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545712011476604 0x7fefda10000 14196736 C:\Windows\System32\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545712011148788 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545712011153861 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545712011479964 0x7fefeb30000 462848 C:\Windows\System32\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545712011152063 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545712011164451 0x7fefec80000 892928 C:\Windows\System32\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545712011160132 0x7feff280000 2080768 C:\Windows\System32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545712011156536 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 114 4804 1320 28 00000000:001961fc 131545714229260129 0 0 1 High USDEVR9K0NHD\sramka taskeng.exe C:\windows\system32\taskeng.exe taskeng.exe {792C5366-92CA-4446-AEED-3494B4A069BC} S-1-5-21-1528177278-3501378545-2987531103-1000:USDEVR9K0NHD\sramka:Interactive:Highest[1] Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Task Scheduler Engine 131545714230040322 0x74850000 24576 C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll 131545714229573190 0x74b80000 561152 C:\Windows\System32\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714229557968 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714229585920 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714229312920 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714229310758 0xff0f0000 479232 C:\Windows\System32\taskeng.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler Engine 131545714231290472 0x7fef8480000 36864 C:\Windows\System32\TSChannel.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Task Scheduler Proxy 131545714229613161 0x7fef8720000 40960 C:\Windows\System32\ktmw32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows KTM Win32 Client DLL 131545714231475307 0x7fefa710000 212992 C:\Windows\System32\xmllite.dll 1.3.1001.0 Microsoft Corporation Microsoft XmlLite Library 131545714231342197 0x7fefa7d0000 98304 C:\Windows\System32\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545714230070140 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714230046931 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\coprocmanager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714231319288 0x7fefada0000 352256 C:\Windows\System32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545714230200895 0x7fefc350000 290816 C:\Windows\System32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545714230134984 0x7fefc650000 98304 C:\Windows\System32\cryptsp.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545714229621542 0x7fefc970000 446464 C:\Windows\System32\wevtapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Eventing Consumption and Configuration API 131545714231224771 0x7fefcad0000 151552 C:\Windows\System32\sspicli.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Security Support Provider Interface 131545714231927227 0x7fefcc80000 356352 C:\Windows\System32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545714230103638 0x7fefcce0000 61440 C:\Windows\System32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714231249234 0x7fefcd90000 81920 C:\Windows\System32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545714229900051 0x7fefcdb0000 49152 C:\Windows\System32\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714229891665 0x7fefcdc0000 200704 C:\Windows\System32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714230055008 0x7fefcee0000 106496 C:\Windows\System32\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714230052042 0x7fefcf50000 221184 C:\Windows\System32\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714229560421 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714231269947 0x7fefd5c0000 626688 C:\Windows\System32\clbcatq.dll 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545714229878049 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714229910812 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714229601933 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714229902764 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714229588150 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714229590367 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714230049593 0x7fefe7d0000 1929216 C:\Windows\System32\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714229595893 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714230211605 0x7fefeb30000 462848 C:\Windows\System32\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714229594023 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714229604724 0x7fefec80000 892928 C:\Windows\System32\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714229599352 0x7feff280000 2080768 C:\Windows\System32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714229875014 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 115 3756 4804 114 00000000:001961fc 131545714231842049 131545714263382566 0 1 High USDEVR9K0NHD\sramka LSC.Services.UpdateStatusService.exe C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe "C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe" UpdateStatus 3.3.002.41 LSC.Services.UpdateStatusService 131545714231942598 0x1120000 278528 C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe 3.3.002.41 LSC.Services.UpdateStatusService 131545714247063759 0x6d9a0000 823296 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll 8.00.50727.6195 Microsoft Corporation Microsoft® C Runtime Library 131545714246654798 0x74850000 24576 C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll 131545714246094459 0x74b80000 561152 C:\Windows\System32\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714246098080 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714246505928 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714231944374 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714251826730 0x7feddb10000 10694656 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\195dca94ca09ea4a78ea63dda781ff0d\System.ni.dll 2.0.50727.8770 (QFE.050727-8700) Microsoft Corporation .NET Framework 131545714248211567 0x7fede550000 15589376 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\e353dfbf2400fdaf3bbcca6b92e1038d\mscorlib.ni.dll 2.0.50727.8762 (QFE.050727-8700) Microsoft Corporation Microsoft Common Language Runtime Class Library 131545714246773234 0x7fedf430000 10092544 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll 2.0.50727.8762 (QFE.050727-8700) Microsoft Corporation Microsoft .NET Runtime Common Language Runtime - WorkStation 131545714251839922 0x7fee0440000 3342336 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\d62cd919886b2f37c600f9a4a0d3f40c\System.Core.ni.dll 3.5.30729.8655 built by: QFE Microsoft Corporation .NET Framework 131545714250470877 0x7fee45d0000 36864 C:\Windows\System32\SensApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SENS Connectivity API DLL 131545714248510776 0x7fee5fb0000 647168 C:\Windows\System32\riched20.dll 5.31.23.1230 Microsoft Corporation Rich Text Edit Control, v3.1 131545714246380865 0x7feee910000 643072 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation Microsoft .NET Runtime Execution Engine 131545714246086634 0x7feee9b0000 454656 C:\Windows\System32\mscoree.dll 4.0.40305.0 (Main.040305-0000) Microsoft Corporation Microsoft .NET Runtime Execution Engine 131545714252696466 0x7fef0320000 811008 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll 8.0.50727.7057 (QFE.050727-7000) Microsoft Corporation Dia based SymReader 131545714252493216 0x7fef03f0000 311296 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\ba2b1642cd4d79c2d3b994995e17f98f\System.ServiceProcess.ni.dll 2.0.50727.7069 (QFE.050727-7000) Microsoft Corporation .NET Framework 131545714251302183 0x7fef5900000 1585152 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll 2.0.50727.8630 (QFE.050727-8600) Microsoft Corporation Microsoft .NET Runtime Just-In-Time Compiler 131545714248312111 0x7fef5a90000 102400 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll 2.0.50727.7057 (QFE.050727-7000) Microsoft Corporation Microsoft .NET Security module 131545714252568223 0x7fef5ac0000 28672 C:\Windows\System32\shfolder.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Folder Service 131545714250357475 0x7fef72d0000 159744 C:\Windows\System32\cryptnet.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto Network Related API 131545714248389485 0x7fef9730000 655360 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545714246706305 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714246661908 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\coprocmanager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714253126200 0x7fefb600000 184320 C:\Windows\System32\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545714250043553 0x7fefbd90000 110592 C:\Windows\System32\gpapi.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545714248856112 0x7fefc2b0000 311296 C:\Windows\System32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545714248616496 0x7fefc350000 290816 C:\Windows\System32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545714248536104 0x7fefc650000 98304 C:\Windows\System32\cryptsp.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545714248842740 0x7fefc8b0000 139264 C:\Windows\System32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545714248832000 0x7fefc8e0000 327680 C:\Windows\System32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545714248633335 0x7fefcce0000 61440 C:\Windows\System32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714246570109 0x7fefcdb0000 49152 C:\Windows\System32\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714246558380 0x7fefcdc0000 200704 C:\Windows\System32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714248087284 0x7fefce90000 61440 C:\Windows\System32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545714248375145 0x7fefcea0000 61440 C:\Windows\System32\msasn1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545714249047077 0x7fefceb0000 126976 C:\Windows\System32\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545714246677493 0x7fefcee0000 106496 C:\Windows\System32\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714248370086 0x7fefcf00000 241664 C:\Windows\System32\wintrust.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545714246667104 0x7fefcf50000 221184 C:\Windows\System32\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714248372581 0x7fefcf90000 1495040 C:\Windows\System32\crypt32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545714246100841 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714246542975 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714246350067 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714246353586 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714246336669 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714246503607 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714248065560 0x7fefda10000 14196736 C:\Windows\System32\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714246508594 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714248699143 0x7fefe7b0000 102400 C:\Windows\System32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545714246664545 0x7fefe7d0000 1929216 C:\Windows\System32\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714246338972 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714246501437 0x7fefeb30000 462848 C:\Windows\System32\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714246511257 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714246670281 0x7fefec80000 892928 C:\Windows\System32\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714250360540 0x7fefeef0000 335872 C:\Windows\System32\Wldap32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545714246674116 0x7feff280000 2080768 C:\Windows\System32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714246539319 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 116 5668 824 6 00000000:000003e7 131545714257010492 131545714264146844 0 1 System NT AUTHORITY\SYSTEM LSC.Services.SystemService.exe C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe" Lenovo 3.3.002.41 LSC.Services.SystemService 131545714257360545 0xd0000 286720 C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe 3.3.002.41 Lenovo LSC.Services.SystemService 131545714259803847 0x6d9a0000 823296 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll 8.00.50727.6195 Microsoft Corporation Microsoft® C Runtime Library 131545714259343927 0x74b80000 561152 C:\Windows\System32\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714259346491 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714259632226 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714257362095 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714263208706 0x7fedcdb0000 6983680 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\2564cc77a68ce75c240ae15c885e6f4b\System.Xml.ni.dll 2.0.50727.8679 (QFE.050727-8600) Microsoft Corporation .NET Framework 131545714262665552 0x7feddb10000 10694656 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\195dca94ca09ea4a78ea63dda781ff0d\System.ni.dll 2.0.50727.8770 (QFE.050727-8700) Microsoft Corporation .NET Framework 131545714259939003 0x7fede550000 15589376 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\e353dfbf2400fdaf3bbcca6b92e1038d\mscorlib.ni.dll 2.0.50727.8762 (QFE.050727-8700) Microsoft Corporation Microsoft Common Language Runtime Class Library 131545714259742765 0x7fedf430000 10092544 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll 2.0.50727.8762 (QFE.050727-8700) Microsoft Corporation Microsoft .NET Runtime Common Language Runtime - WorkStation 131545714263563471 0x7fee0110000 3342336 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\d62cd919886b2f37c600f9a4a0d3f40c\System.Core.ni.dll 3.5.30729.8655 built by: QFE Microsoft Corporation .NET Framework 131545714262045308 0x7fee45d0000 36864 C:\Windows\System32\SensApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SENS Connectivity API DLL 131545714260056900 0x7fee5fb0000 647168 C:\Windows\System32\riched20.dll 5.31.23.1230 Microsoft Corporation Rich Text Edit Control, v3.1 131545714259605511 0x7feee910000 643072 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation Microsoft .NET Runtime Execution Engine 131545714259335628 0x7feee9b0000 454656 C:\Windows\System32\mscoree.dll 4.0.40305.0 (Main.040305-0000) Microsoft Corporation Microsoft .NET Runtime Execution Engine 131545714263435074 0x7fef0250000 811008 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll 8.0.50727.7057 (QFE.050727-7000) Microsoft Corporation Dia based SymReader 131545714262678492 0x7fef03f0000 311296 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\ba2b1642cd4d79c2d3b994995e17f98f\System.ServiceProcess.ni.dll 2.0.50727.7069 (QFE.050727-7000) Microsoft Corporation .NET Framework 131545714262545703 0x7fef5900000 1585152 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll 2.0.50727.8630 (QFE.050727-8600) Microsoft Corporation Microsoft .NET Runtime Just-In-Time Compiler 131545714259965178 0x7fef5a90000 102400 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll 2.0.50727.7057 (QFE.050727-7000) Microsoft Corporation Microsoft .NET Security module 131545714263019235 0x7fef5ac0000 28672 C:\Windows\System32\shfolder.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Folder Service 131545714261809633 0x7fef72d0000 159744 C:\Windows\System32\cryptnet.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto Network Related API 131545714260037903 0x7fef9730000 655360 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545714261519036 0x7fefbd90000 110592 C:\Windows\System32\gpapi.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545714260380474 0x7fefc2b0000 311296 C:\Windows\System32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545714260151944 0x7fefc350000 290816 C:\Windows\System32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545714260079210 0x7fefc650000 98304 C:\Windows\System32\cryptsp.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545714260367769 0x7fefc8b0000 139264 C:\Windows\System32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545714260358117 0x7fefc8e0000 327680 C:\Windows\System32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545714264070776 0x7fefcc80000 356352 C:\Windows\System32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545714260167473 0x7fefcce0000 61440 C:\Windows\System32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714259690834 0x7fefcdb0000 49152 C:\Windows\System32\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714259677432 0x7fefcdc0000 200704 C:\Windows\System32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714259903796 0x7fefce90000 61440 C:\Windows\System32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545714260024600 0x7fefcea0000 61440 C:\Windows\System32\msasn1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545714260557441 0x7fefceb0000 126976 C:\Windows\System32\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545714260020105 0x7fefcf00000 241664 C:\Windows\System32\wintrust.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545714260022241 0x7fefcf90000 1495040 C:\Windows\System32\crypt32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545714259348803 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714259663058 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714259579358 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714259582371 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714259566242 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714259629208 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714259868140 0x7fefda10000 14196736 C:\Windows\System32\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714259634854 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714260232459 0x7fefe7b0000 102400 C:\Windows\System32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545714259568734 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714259625334 0x7fefeb30000 462848 C:\Windows\System32\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714259637401 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714261813580 0x7fefeef0000 335872 C:\Windows\System32\Wldap32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545714259873854 0x7feff280000 2080768 C:\Windows\System32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714259659908 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 117 3768 5668 116 00000000:000003e7 131545714264050533 131545714277203850 0 1 System NT AUTHORITY\SYSTEM LSC.Services.UpdateStatusService.exe C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe" UpdateStatusAsService UpdateWarrantyCache 3.3.002.41 LSC.Services.UpdateStatusService 131545714264074410 0x1120000 278528 C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe 3.3.002.41 LSC.Services.UpdateStatusService 131545714273807745 0x69190000 3203072 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll 2.0.50727.8762 (QFE.050727-8700) Microsoft Corporation .NET Framework 131545714265428040 0x6d9a0000 823296 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll 8.00.50727.6195 Microsoft Corporation Microsoft® C Runtime Library 131545714265294079 0x74850000 24576 C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll 131545714264888928 0x74b80000 561152 C:\Windows\System32\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714264892130 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714265141540 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714264075514 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714273794052 0x7fedbdd0000 8757248 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\4d27f8721f9d06bbe581c08acdfffaf4\System.Data.ni.dll 2.0.50727.8762 (QFE.050727-8700) Microsoft Corporation .NET Framework 131545714273197140 0x7fedc630000 3092480 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\c9c42ebb0b915dc0bafc4e741e835ab5\System.Runtime.Serialization.ni.dll 3.0.4506.8635 (QFE.030729-8600) Microsoft Corporation System.Runtime.Serialization.dll 131545714270658075 0x7fedc930000 6983680 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\2564cc77a68ce75c240ae15c885e6f4b\System.Xml.ni.dll 2.0.50727.8679 (QFE.050727-8600) Microsoft Corporation .NET Framework 131545714269676182 0x7fedcfe0000 3059712 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\e4ed6cc5facafa9dbd973bb5c754e59c\System.Web.Extensions.ni.dll 3.5.30729.8635 Microsoft Corporation System.Web.Extensions.dll 131545714269645431 0x7fedd2d0000 15400960 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\48e16cddcd619bc74c14ebbe6aebaf8c\System.Web.ni.dll 2.0.50727.8762 (QFE.050727-8700) Microsoft Corporation System.Web.dll 131545714268072212 0x7fede180000 3342336 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\d62cd919886b2f37c600f9a4a0d3f40c\System.Core.ni.dll 3.5.30729.8655 built by: QFE Microsoft Corporation .NET Framework 131545714268060950 0x7fede4b0000 10694656 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\195dca94ca09ea4a78ea63dda781ff0d\System.ni.dll 2.0.50727.8770 (QFE.050727-8700) Microsoft Corporation .NET Framework 131545714265559631 0x7fedeef0000 15589376 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\e353dfbf2400fdaf3bbcca6b92e1038d\mscorlib.ni.dll 2.0.50727.8762 (QFE.050727-8700) Microsoft Corporation Microsoft Common Language Runtime Class Library 131545714265408980 0x7fedfdd0000 10092544 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll 2.0.50727.8762 (QFE.050727-8700) Microsoft Corporation Microsoft .NET Runtime Common Language Runtime - WorkStation 131545714267488617 0x7fee45d0000 36864 C:\Windows\System32\SensApi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation SENS Connectivity API DLL 131545714265641127 0x7fee5fb0000 647168 C:\Windows\System32\riched20.dll 5.31.23.1230 Microsoft Corporation Rich Text Edit Control, v3.1 131545714265119941 0x7feee910000 643072 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 4.7.2116.0 built by: NET47REL1LAST Microsoft Corporation Microsoft .NET Runtime Execution Engine 131545714264880928 0x7feee9b0000 454656 C:\Windows\System32\mscoree.dll 4.0.40305.0 (Main.040305-0000) Microsoft Corporation Microsoft .NET Runtime Execution Engine 131545714273761289 0x7feef9b0000 544768 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\64a4ac197790963a233b9bf96f517f66\System.Xml.Linq.ni.dll 3.5.30729.5420 built by: Win7SP1 Microsoft Corporation .NET Framework 131545714271091618 0x7feefa40000 147456 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll 2.0.50727.8766 (QFE.050727-8700) Microsoft Corporation WMINet_Utils.dll 131545714271010315 0x7fef01c0000 1499136 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\da3f99b31d0870b1278dbba4bb568e66\System.Management.ni.dll 2.0.50727.8766 (QFE.050727-8700) Microsoft Corporation .NET Framework 131545714270427640 0x7fef0330000 811008 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll 8.0.50727.7057 (QFE.050727-7000) Microsoft Corporation Dia based SymReader 131545714269655383 0x7fef0400000 217088 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\0c50266267e0de2185634280408bc758\System.Web.Abstractions.ni.dll 3.5.30729.5420 Microsoft Corporation System.Web.Abstractions.dll 131545714270335328 0x7fef5490000 28672 C:\Windows\System32\shfolder.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Folder Service 131545714268700958 0x7fef58d0000 311296 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\ba2b1642cd4d79c2d3b994995e17f98f\System.ServiceProcess.ni.dll 2.0.50727.7069 (QFE.050727-7000) Microsoft Corporation .NET Framework 131545714267981363 0x7fef5920000 1585152 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll 2.0.50727.8630 (QFE.050727-8600) Microsoft Corporation Microsoft .NET Runtime Just-In-Time Compiler 131545714265586401 0x7fef5ab0000 102400 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll 2.0.50727.7057 (QFE.050727-7000) Microsoft Corporation Microsoft .NET Security module 131545714271561708 0x7fef6c80000 155648 C:\Windows\System32\wbem\wmiutils.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545714271769303 0x7fef6d00000 81920 C:\Windows\System32\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545714267373335 0x7fef72d0000 159744 C:\Windows\System32\cryptnet.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto Network Related API 131545714271616032 0x7fef9380000 61440 C:\Windows\System32\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545714271834529 0x7fef9700000 159744 C:\Windows\System32\ntdsapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545714271573266 0x7fef97d0000 548864 C:\Windows\System32\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545714271822385 0x7fef9880000 925696 C:\Windows\System32\wbem\fastprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI Custom Marshaller 131545714265343831 0x7fefa990000 139264 C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714265301244 0x7fefa9c0000 200704 C:\Program Files\NVIDIA Corporation\coprocmanager\nvd3d9wrapx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714267091038 0x7fefbd90000 110592 C:\Windows\System32\gpapi.dll 6.1.7601.23452 (win7sp1_ldr.160512-0600) Microsoft Corporation Group Policy Client API 131545714272396970 0x7fefbe60000 249856 C:\Windows\System32\winsta.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Winstation Library 131545714272385614 0x7fefc1e0000 69632 C:\Windows\System32\wtsapi32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Remote Desktop Session Host Server SDK APIs 131545714265956674 0x7fefc2b0000 311296 C:\Windows\System32\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545714265732690 0x7fefc350000 290816 C:\Windows\System32\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545714265662585 0x7fefc650000 98304 C:\Windows\System32\cryptsp.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545714265944214 0x7fefc8b0000 139264 C:\Windows\System32\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545714265934348 0x7fefc8e0000 327680 C:\Windows\System32\ncrypt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows cryptographic library 131545714274543832 0x7fefcc80000 356352 C:\Windows\System32\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545714265747980 0x7fefcce0000 61440 C:\Windows\System32\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714271062558 0x7fefcd90000 81920 C:\Windows\System32\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545714265207014 0x7fefcdb0000 49152 C:\Windows\System32\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714265195423 0x7fefcdc0000 200704 C:\Windows\System32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714265515075 0x7fefce90000 61440 C:\Windows\System32\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545714265605145 0x7fefcea0000 61440 C:\Windows\System32\msasn1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545714266131438 0x7fefceb0000 126976 C:\Windows\System32\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545714265315455 0x7fefcee0000 106496 C:\Windows\System32\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714265600321 0x7fefcf00000 241664 C:\Windows\System32\wintrust.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545714265306616 0x7fefcf50000 221184 C:\Windows\System32\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714265602645 0x7fefcf90000 1495040 C:\Windows\System32\crypt32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545714264894946 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714271541483 0x7fefd5c0000 626688 C:\Windows\System32\clbcatq.dll 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545714265180959 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714265093496 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714265097074 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714265081892 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714265139357 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714265493733 0x7fefda10000 14196736 C:\Windows\System32\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714265144177 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714265810334 0x7fefe7b0000 102400 C:\Windows\System32\imagehlp.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT Image Helper 131545714265303847 0x7fefe7d0000 1929216 C:\Windows\System32\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714271578103 0x7fefe9b0000 32768 C:\Windows\System32\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545714271576052 0x7fefea40000 315392 C:\Windows\System32\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545714265083933 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714265137127 0x7fefeb30000 462848 C:\Windows\System32\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714265146625 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714265309929 0x7fefec80000 892928 C:\Windows\System32\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714267376807 0x7fefeef0000 335872 C:\Windows\System32\Wldap32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545714265312023 0x7feff280000 2080768 C:\Windows\System32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714265177611 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 118 4940 3768 117 00000000:000003e7 131545714274525139 131545714277042468 0 0 System NT AUTHORITY\SYSTEM fp_smbios.exe C:\Program Files\Lenovo\Lenovo Solution Center\App\fp_smbios.exe "C:\Program Files\Lenovo\Lenovo Solution Center\App\fp_smbios.exe" Lenovo 3.3.002.41 fp_smbios Application 131545714274557739 0x400000 253952 C:\Program Files\Lenovo\Lenovo Solution Center\App\fp_smbios.exe 3.3.002.41 Lenovo fp_smbios Application 131545714276750668 0x6d4d0000 614400 C:\Windows\SysWOW64\wbem\fastprox.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI Custom Marshaller 131545714276486379 0x6da80000 376832 C:\Windows\SysWOW64\wbemcomn.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation WMI 131545714276760795 0x6de20000 98304 C:\Windows\SysWOW64\ntdsapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Active Directory Domain Services API 131545714276475249 0x6e0d0000 40960 C:\Windows\SysWOW64\wbem\wbemprox.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545714276716989 0x6f810000 61440 C:\Windows\SysWOW64\wbem\wbemsvc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation WMI 131545714276632467 0x72ff0000 241664 C:\Windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545714276552867 0x73030000 94208 C:\Windows\SysWOW64\cryptsp.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545714276657311 0x732b0000 57344 C:\Windows\SysWOW64\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545714276434889 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714276410062 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714276402961 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545714276307348 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714276319102 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714275997211 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714275313409 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545714275304998 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545714275295937 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545714276048619 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714276413028 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714276418623 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714276291288 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714276415729 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714276056358 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714276032276 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714276023848 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714276041565 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714276020971 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714276044604 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714276286891 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545714276491819 0x75be0000 24576 C:\Windows\SysWOW64\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545714276053794 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714276051971 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714276489157 0x75f80000 217088 C:\Windows\SysWOW64\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545714275335869 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714276454455 0x76ef0000 536576 C:\Windows\SysWOW64\clbcatq.dll 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545714275322561 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714275324650 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714274558998 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714274560038 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 119 4552 772 13 00000000:000003e7 131545714275364672 131545714277063908 0 1 System NT AUTHORITY\SYSTEM conhost.exe C:\windows\system32\conhost.exe \??\C:\windows\system32\conhost.exe "-430677575-1418315047152803134434233768-2077441840-11851009713504300251748259999" Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) Console Window Host 131545714275623221 0x74b80000 561152 C:\Windows\System32\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714275609490 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714275640425 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714275370597 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714275369300 0xffdf0000 356352 C:\Windows\System32\conhost.exe 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Console Window Host 131545714275919550 0x7fefada0000 352256 C:\Windows\System32\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545714275869374 0x7fefcdb0000 49152 C:\Windows\System32\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714275859979 0x7fefcdc0000 200704 C:\Windows\System32\nvinitx.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714275612067 0x7fefd110000 434176 C:\Windows\System32\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714275654182 0x7fefd660000 1085440 C:\Windows\System32\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714275881402 0x7fefd770000 126976 C:\Windows\System32\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714275658942 0x7fefd790000 1232896 C:\Windows\System32\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714275872713 0x7fefd8c0000 897024 C:\Windows\System32\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714275637428 0x7fefd9a0000 421888 C:\Windows\System32\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714275643365 0x7fefe7a0000 57344 C:\Windows\System32\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714275648904 0x7fefea90000 651264 C:\Windows\System32\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714275646755 0x7fefebb0000 831488 C:\Windows\System32\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714275661074 0x7fefec80000 892928 C:\Windows\System32\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714275656455 0x7feff280000 2080768 C:\Windows\System32\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714275651961 0x7feff480000 188416 C:\Windows\System32\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 120 4184 2720 7 00000000:0019621a 131545714313663805 131545714438125440 0 0 Medium USDEVR9K0NHD\sramka notes.exe C:\Notes\notes.exe "C:\Notes\notes.exe" "=C:\Notes\notes.ini" IBM Corp 9.0.10.13287 IBM Notes/Domino 131545714314934318 0xdd0000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714314067505 0xf70000 1978368 C:\Notes\notes.exe 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714315990169 0x4bc0000 2764800 C:\Notes\nlnotes.exe 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714314859799 0x6da10000 1191936 C:\Notes\nstrings.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714314207935 0x6f810000 24576 C:\Notes\ndgts.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714314874040 0x6fb60000 524288 C:\Windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545714315986518 0x70f40000 311296 C:\Windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545714314216021 0x710d0000 782336 C:\Windows\SysWOW64\msvcr100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714314960463 0x73190000 221184 C:\Program Files\ThinkPad\Bluetooth Software\syswow64\BtMmHook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545714314822242 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714314782892 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714314775414 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545714314669023 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714314679531 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714314144284 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714314106933 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545714314097413 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545714314086438 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545714314195179 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714314788059 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714314799423 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714314654456 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714314790644 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714314793666 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714314179945 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714314169813 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714314188168 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714314173306 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714314795579 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714314191040 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714314650548 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545714314971584 0x75aa0000 20480 C:\Windows\SysWOW64\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545714314200093 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714314198257 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714314167527 0x760c0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714314130749 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714314117056 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714314118931 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714314068871 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714314070185 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 121 6072 4184 120 00000000:0019621a 131545714315921998 0 0 0 Medium USDEVR9K0NHD\sramka NLNOTES.EXE C:\Notes\NLNOTES.EXE NLNOTES.EXE /authenticate "=C:\Notes\notes.ini" IBM Corp 9.0.10.13287 IBM Notes/Domino 131545714316706951 0xa0000 188416 C:\Notes\ltouin22.dll 2.2.0.8911 Lotus Development Corporation. Lotus OLE 2.0 User Interface Support 131545714316135294 0x100000 2764800 C:\Notes\nlnotes.exe 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714319217435 0x2ed0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714360502412 0x2f70000 208896 C:\Notes\N\icc\icclib\icclib081.dll 8.1.31.0 IBM IBM Crypto for C-language 131545714360773763 0x59f0000 208896 C:\Notes\C\icc\icclib\icclib080.dll 131545714500040972 0x5ba0000 98304 C:\Notes\zlib1.dll 1.2.3 zlib data compression library 131545714361015015 0x5dc0000 991232 C:\Notes\C\icc\osslib\libeay32IBM080.dll 8.0.0.0 The OpenSSL Project, http://www.openssl.org/ OpenSSL Shared Library 0.98e 131545714500032775 0x63b0000 184320 C:\Notes\libpng15.dll 1.5.12 PNG image compression library 131545714321895525 0x8870000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714621214819 0xa5c0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714316515987 0x10000000 307200 C:\Notes\gsk8iccs.dll 8.0.15.2 IBM Corporation IBM Global Security Toolkit 131545714316638635 0x5f000000 11816960 C:\Notes\nsdhelp.dll 9.0.10.3261 IBM wnsd 131545714316501309 0x5fb50000 31715328 C:\Notes\nnotes.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714316256243 0x61990000 25755648 C:\Notes\nnotesws.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714493025874 0x68c70000 589824 C:\Notes\gtr40nts.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714316459835 0x69180000 3231744 C:\Notes\nxmlproc.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714661479553 0x6a340000 24576 C:\Windows\SysWOW64\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545714661451722 0x6a350000 135168 C:\Program Files (x86)\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545714661445014 0x6a380000 32768 C:\Windows\SysWOW64\winrnr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation LDAP RnR Provider DLL 131545714661407153 0x6a390000 53248 C:\Windows\SysWOW64\wshbth.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Sockets Helper DLL 131545714661396953 0x6a3a0000 73728 C:\Windows\SysWOW64\pnrpnsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PNRP Name Space Provider 131545714661374686 0x6a3c0000 65536 C:\Windows\SysWOW64\NapiNSP.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation E-mail Naming Shim Provider 131545714661364109 0x6a3d0000 65536 C:\Windows\SysWOW64\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545714493050992 0x6a400000 253952 C:\Notes\kvfilter.dll Build 20121007 Autonomy, Inc. KeyView Text Filter Library 131545714366763068 0x6be80000 2273280 C:\Notes\nlsxbe.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714661417478 0x6c0b0000 278528 C:\Windows\SysWOW64\dnsapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545714493018156 0x6c120000 163840 C:\Notes\nftgtr40.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714316619694 0x6c150000 1994752 C:\Notes\nlsccstr.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714661198412 0x6c4f0000 90112 C:\Notes\nntcp.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714319028910 0x6cc10000 1695744 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545714644238741 0x6cdb0000 49152 C:\Notes\naldaemn.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714585990691 0x6d8c0000 36864 C:\Notes\ndbnotes.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714320929042 0x6d9a0000 397312 C:\Notes\NLNVP.DLL 12.1.7061.6600 Symantec Corporation Symantec Endpoint Protection 131545714317805055 0x6da10000 1191936 C:\Notes\nstrings.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714365385540 0x6deb0000 1003520 C:\Windows\SysWOW64\propsys.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545714365740489 0x6dff0000 49152 C:\Notes\nplugins.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714316686863 0x6e020000 450560 C:\Notes\ndxlo.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714318889594 0x6e090000 245760 C:\Windows\SysWOW64\oleacc.dll 7.0.0.0 (win7sp1_ldr.160325-0600) Microsoft Corporation Active Accessibility Core Component 131545714361155196 0x6e0d0000 28672 C:\Windows\SysWOW64\wsock32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 32-Bit DLL 131545714321861821 0x6e0f0000 45056 C:\Notes\ntcp.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714320910353 0x6e100000 28672 C:\Notes\namhook.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714316692881 0x6e110000 118784 C:\Notes\nxmlcommon.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714316600209 0x6e490000 389120 C:\Notes\js32.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714316730999 0x6e500000 57344 C:\Notes\nxpm.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714316677223 0x6f810000 24576 C:\Notes\ndgts.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714317645226 0x6fb60000 524288 C:\Windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545714493121346 0x70d00000 634880 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll 8.00.50727.6195 Microsoft Corporation Microsoft® C Runtime Library 131545714317670400 0x70ee0000 77824 C:\Windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545714318880605 0x70f20000 20480 C:\Windows\SysWOW64\msimg32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545714325341464 0x70f40000 311296 C:\Windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545714316608295 0x710d0000 782336 C:\Windows\SysWOW64\msvcr100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714316658222 0x71190000 73728 C:\Windows\SysWOW64\mpr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545714316589863 0x72c10000 667648 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C Runtime Library 131545714661314986 0x72e30000 28672 C:\Windows\SysWOW64\winnsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545714661305240 0x72e40000 114688 C:\Windows\SysWOW64\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545714661353549 0x72e60000 24576 C:\Windows\SysWOW64\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545714320273312 0x72ff0000 241664 C:\Windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545714320200548 0x73030000 94208 C:\Windows\SysWOW64\cryptsp.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545714661508126 0x73050000 20480 C:\Windows\SysWOW64\WSHTCPIP.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545714661334355 0x73060000 245760 C:\Windows\SysWOW64\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545714318772039 0x730a0000 962560 C:\Windows\SysWOW64\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545714317680947 0x73190000 221184 C:\Program Files\ThinkPad\Bluetooth Software\syswow64\BtMmHook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545714320297565 0x732b0000 57344 C:\Windows\SysWOW64\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545714316629132 0x732c0000 430080 C:\Windows\SysWOW64\msvcp100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714317291467 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714317268318 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714317261568 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545714365401506 0x748a0000 135168 C:\Windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545714317169914 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714316723247 0x74900000 331776 C:\Windows\SysWOW64\winspool.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545714316648193 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714316206727 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714316170981 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545714316162124 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545714316152891 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545714316438395 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714317270933 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714317275792 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714317156623 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714317273198 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714316410417 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714316421555 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714316414484 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714316431293 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714316713809 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714365404031 0x754f0000 282624 C:\Windows\SysWOW64\Wldap32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545714316412429 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714316433840 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714317153666 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545714316665439 0x75aa0000 20480 C:\Windows\SysWOW64\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545714316504472 0x75ab0000 1183744 C:\Windows\SysWOW64\crypt32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545714316663419 0x75be0000 24576 C:\Windows\SysWOW64\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545714316443655 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714316668517 0x75c90000 102400 C:\Windows\SysWOW64\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545714316442012 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714316660911 0x75f80000 217088 C:\Windows\SysWOW64\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545714316710911 0x760c0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714316194296 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714316670807 0x76d80000 45056 C:\Windows\SysWOW64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545714320315535 0x76ef0000 536576 C:\Windows\SysWOW64\clbcatq.dll 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545714316180856 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714316183171 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714316137054 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714316507468 0x77350000 49152 C:\Windows\SysWOW64\msasn1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545714316138573 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714500048943 0x7c340000 352256 C:\Notes\msvcr71.dll 7.10.3052.4 Microsoft Corporation Microsoft® C Runtime Library 122 2072 6072 121 00000000:0019621a 131545714325265207 131545714378059135 0 0 Medium USDEVR9K0NHD\sramka rcplauncher.exe C:\Notes\framework\rcp\rcplauncher.exe "C:\Notes\framework\rcp\rcplauncher.exe" -nosplash -config notes -nl en_US -dir ltr -NPARAMS /authenticate "=C:\Notes\notes.ini" -RPARAMS -vmargs IBM Corp 6, 2, 30, 11164 IBM Lotus Expeditor Launcher Application 131545714325484470 0x400000 307200 C:\Notes\framework\rcp\rcplauncher.exe 6, 2, 30, 11164 IBM Corp IBM Lotus Expeditor Launcher Application 131545714325633563 0x6d7c0000 61440 C:\Windows\SysWOW64\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545714325609413 0x6d7d0000 102400 C:\Windows\SysWOW64\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545714325597235 0x6d7f0000 36864 C:\Windows\SysWOW64\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545714325588211 0x6d800000 69632 C:\Windows\SysWOW64\netapi32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545714326862512 0x6e000000 73728 C:\Windows\SysWOW64\samlib.dll 6.1.7601.23677 (win7sp1_ldr.170209-0600) Microsoft Corporation SAM Library DLL 131545714325643348 0x6e0e0000 61440 C:\Windows\SysWOW64\samcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Security Accounts Manager Client DLL 131545714325692295 0x6e400000 577536 C:\Windows\AppPatch\AcLayers.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Compatibility DLL 131545714325669309 0x70f40000 311296 C:\Windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545714325721497 0x71190000 73728 C:\Windows\SysWOW64\mpr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545714325996243 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714325970791 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714325963879 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545714325862513 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714325710911 0x74900000 331776 C:\Windows\SysWOW64\winspool.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545714325874382 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714325554306 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714325518718 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545714325510255 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545714325501237 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545714325616796 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714325973732 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714325979198 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714325847467 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714325976373 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714325697873 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714325655479 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714325599901 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714325646755 0x75360000 1048576 C:\Windows\SysWOW64\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714325623825 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714325660774 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714325694650 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714325611972 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714325844411 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545714325653305 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714325699885 0x75c90000 102400 C:\Windows\SysWOW64\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545714325651015 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714325658441 0x760c0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714325540399 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714325701597 0x76d80000 45056 C:\Windows\SysWOW64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545714325527463 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714325529706 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714325486169 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714325487488 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 123 3952 2072 122 00000000:0019621a 131545714327659498 0 0 0 Medium USDEVR9K0NHD\sramka notes2.exe C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\notes2.exe "C:/Notes/framework/rcp/eclipse/plugins/com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\notes2.exe" --launcher.suppressErrors "-nosplash" "-nl" "en_US" "-dir" "ltr" "-NPARAMS" "/authenticate" "=C:\Notes\notes.ini" "-RPARAMS" "-name" "IBM Notes" -personality "com.ibm.rcp.platform.personality" -product "com.ibm.rcp.personality.framework.RCPProduct:com.ibm.notes.branding.notes" -data "C:/Notes/Data/workspace" -configuration "C:/Notes/Data/workspace/.config" -plugincustomization "C:/Notes/framework/rcp/plugin_customization.ini" -vm "C:/Notes/framework/../jvm/bin/" -startup "C:/Notes/framework/rcp/eclipse/plugins/com.ibm.rcp.base_9.0.1.20131002-1404/launcher.jar" -vmargs "-Djava.security.policy=C:/Notes/framework/../java.policy" "-Dorg.eclipse.swt.fixCitrix=false" "-Dosgi.framework.extensions=com.ibm.rcp.core.logger.frameworkhook,com.ibm.rds,com.ibm.cds" "-Xscmx64m" "-Xshareclasses:name=xpdplat_.jvm,controlDir=C:/Notes/Data/workspace/.config/org.eclipse.osgi,groupAccess,keep,singleJVM,nonfatal" "-Xgcpolicy:gencon" "-Xjit:noResumableTrapHandler" "-Xmaxt0.6" "-Xmca32k" "-Xminf0.1" "-Xmn7m" "-Xms48m" "-Xmx256m" "-Xnolinenumbers" "-Xverify:none" "-Xquickstart" "-Xscmaxaot12m" "-Xtrace:none" "-Xzero" -Drcp.home="C:\Notes\framework" -Drcp.data="C:/Notes/Data/workspace" -Dosgi.splashPath="platform:/base/../../shared/eclipse/plugins/com.ibm.notes.branding,platform:/base/../../shared/eclipse/plugins/com.ibm.notes.branding.nl1,platform:/base/../../shared/eclipse/plugins/com.ibm.notes.branding.nl2,platform:/base/../../shared/eclipse/plugins/com.ibm.notes.branding.nl3" -Dcom.ibm.rcp.install.id="1462469807321" -Drcp.install.config="user" -Declipse.registry.nulltoken="true" -Dcom.ibm.pvc.webcontainer.useLocalAddress="true" -Dautopd.logfile.generations="3" -Dorg.apache.xerces.xni.parser.XMLParserConfiguration="org.apache.xerces.parsers.XIncludeAwareParserConfiguration" -Dcom.ibm.pvc.webcontainer.http.address="localhost" -Dosgi.nl.user="true" -Dautopd.instance.area="C:/Notes/Data/workspace/autopd" -Dorg.eclipse.swt.browser.XULRunnerPath="C:/Notes/framework/rcp/eclipse/plugins/com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404/xulrunner" -Djava.util.logging.config.class="com.ibm.rcp.core.internal.logger.boot.LoggerConfig" -Dcom.ibm.pvc.webcontainer.port="0,59449" -Dcom.ibm.pvc.webcontainer.vhost.configfile="C:/Notes/framework/shared/eclipse/plugins/com.ibm.collaboration.realtime.webapi_8.5.2.20130926-0645/virtualhost.properties" -Dderby.stream.error.file="C:/Notes/Data/workspace/logs/derby.log" -Djava.security.properties="file:C:/Notes/framework/rcp/eclipse/plugins/com.ibm.rcp.base_9.0.1.20131002-1404/rcp.security.properties" -Dcom.lotus.sametime.skipRandomGeneratorSeed="true" -Djava.protocol.handler.pkgs="com.ibm.net.ssl.www.protocol" -Dosgi.hook.configurators.exclude="org.eclipse.core.runtime.internal.adaptor.EclipseLogHook" -Djava.library.path="C:/Notes/framework/../jvm/bin;C:/Notes/framework/../jvm/bin/j9vm;C:/Notes/;C:/Python27/;C:/Python27/Scripts;C:/windows/system32;C:/windows;C:/windows/System32/Wbem;C:/windows/System32/WindowsPowerShell/v1.0/;C:/Program Files/ThinkPad/Bluetooth Software/;C:/Program Files/ThinkPad/Bluetooth Software/syswow64;C:/Program Files (x86)/PuTTY/;C:/apache-maven-3.5.0/bin;C:/Save/bin;C:/Program Files/AccuRev/bin;C:/Program Files/nodejs/;C:/java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86/bin;C:/POS/JavaPOS/Lib;C:/POS/bin;C:/POS/dll;C:/POS/JavaPOS/rxtx;C:/Program Files/ojdkbuild/java-1.8.0-openjdk-1.8.0.151-1/bin;C:/Users/IBM_ADMIN/AppData/Roaming/npm;C:/Program Files (x86)/Microsoft VS Code/bin;C:/Notes/framework/../;C:/Notes/framework/rcp/eclipse/plugins/com.ibm.rcp.os.win32_9.0.1.20131002-1404/os/win32/x86;C:/Notes/framework/rcp/eclipse/plugins/com.ibm.mobileservices.isync.win32.x86_9.1.3.1-20131002-1404/os/win32/x86;C:/Notes/framework/rcp/eclipse/plugins/com.ibm.rcp.hunspell.win32_9.0.1.20131002-1404/os/win32/x86" -Drcp.osgi.install.area="C:\Notes\framework\rcp\eclipse" -Xbootclasspath/a:"C:/Notes/framework/shared/eclipse/plugins/com.ibm.collaboration.realtime.stjavatk_8.5.2.20130926-0645/sslite140-v3.16.jar;C:/Notes/framework/rcp/eclipse/plugins/com.ibm.rcp.base_9.0.1.20131002-1404/rcpbootcp.jar;" IBM 3.4.0.0 IBM Notes Social Edition 131545714329357527 0x290000 49152 C:\Notes\jvm\bin\j9thr24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714328719295 0x2b0000 118784 C:\Notes\jvm\bin\j9vm\jvm.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714329467012 0x2d0000 28672 C:\Notes\jvm\bin\j9hookable24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714329533287 0x2e0000 155648 C:\Notes\jvm\bin\j9prt24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714329153408 0x390000 385024 C:\Notes\jvm\bin\j9vm24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714329953557 0x3f0000 32768 C:\Notes\jvm\bin\hyprtshim24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714328020864 0x400000 512000 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\notes2.exe 3.4.0.0 IBM IBM Notes Social Edition 131545714330084779 0x580000 24576 C:\Notes\jvm\bin\hythr.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714329691078 0x5a0000 69632 C:\Notes\jvm\bin\j9zlib24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714329814797 0x2580000 73728 C:\Notes\jvm\bin\iverel24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714330789079 0x25e0000 139264 C:\Notes\jvm\bin\j9dmp24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714330994974 0x2610000 24576 C:\Notes\jvm\bin\jsig.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714331993249 0x2620000 131072 C:\Notes\jvm\bin\j9dyn24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714332174120 0x26e0000 200704 C:\Notes\jvm\bin\j9jvmti24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714331016963 0x2960000 3600384 C:\Notes\jvm\bin\j9jit24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714331792982 0x2cd0000 356352 C:\Notes\jvm\bin\j9gc24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714332350689 0x2d30000 122880 C:\Notes\jvm\bin\j9vrb24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714332524776 0x2d50000 352256 C:\Notes\jvm\bin\jclscar_24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714332622482 0x2db0000 233472 C:\Notes\jvm\bin\j9shr24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714332818143 0x13390000 69632 C:\Notes\jvm\bin\j9zlib24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714332794908 0x133b0000 24576 C:\Notes\jvm\bin\dbgwrapper.dll 6.0.0-20130618_01 IBM Java(TM) Platform SE binary 131545714339681999 0x13430000 24576 C:\Notes\jvm\bin\dbgwrapper.dll 6.0.0-20130618_01 IBM Java(TM) Platform SE binary 131545714343375871 0x13440000 24576 C:\Notes\jvm\bin\j9jar24.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 131545714339689995 0x134b0000 122880 C:\Notes\jvm\bin\java.dll 6.0.0-20130618_01 IBM Java(TM) Platform SE binary 131545714371635851 0x18bc0000 114688 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\pipeserver.dll 131545714374124628 0x18c20000 94208 C:\Notes\jvm\bin\net.dll 6.0.0-20130618_01 IBM Java(TM) Platform SE binary 131545714371032929 0x18d80000 1114112 C:\Windows\SysWOW64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714374328109 0x18ec0000 45056 C:\Notes\jvm\bin\nio.dll 6.0.0-20130618_01 IBM Java(TM) Platform SE binary 131545714374320481 0x190f0000 217088 C:\Windows\SysWOW64\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545714399413648 0x1a660000 98304 C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\212\1\.cp\swtIbmWrapper.dll 131545714399715211 0x1aab0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714414088428 0x1daa0000 159744 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\swtxpcom.dll 131545714415870573 0x1de10000 307200 C:\Notes\gsk8iccs.dll 8.0.15.2 IBM Corporation IBM Global Security Toolkit 131545714478259864 0x218b0000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714417764724 0x21f30000 1114112 C:\Windows\SysWOW64\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714462093168 0x24370000 122880 C:\Notes\nnoteswc.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714464242666 0x24420000 208896 C:\Notes\N\icc\icclib\icclib081.dll 8.1.31.0 IBM IBM Crypto for C-language 131545714464265695 0x24470000 208896 C:\Notes\C\icc\icclib\icclib080.dll 131545714434601233 0x244f0000 589824 C:\Windows\SysWOW64\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714436252755 0x24620000 589824 C:\Windows\SysWOW64\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714431130314 0x249e0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714434961580 0x26190000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714435941851 0x27190000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714521974466 0x28250000 1376256 C:\Notes\jvm\bin\awt.dll 6.0.0-20130618_01 IBM Java(TM) Platform SE binary 131545714471758405 0x291c0000 188416 C:\Windows\SysWOW64\mlang.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multi Language Support DLL 131545714464289041 0x29500000 991232 C:\Notes\C\icc\osslib\libeay32IBM080.dll 8.0.0.0 The OpenSSL Project, http://www.openssl.org/ OpenSSL Shared Library 0.98e 131545714457004213 0x29600000 180224 C:\Program Files (x86)\Windows Media Player\wmplayer.exe 12.0.7601.23517 (win7sp1_ldr.160812-0732) Microsoft Corporation Windows Media Player 131545714522000598 0x2c4e0000 364544 C:\Notes\jvm\bin\fontmanager.dll 6.0.0-20130618_01 IBM Java(TM) Platform SE binary 131545714418608328 0x30210000 225280 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.os.win32_9.0.1.20131002-1404\os\win32\x86\os.dll 131545714399002594 0x302b0000 450560 C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\212\1\.cp\swt-win32-3740.dll 3.740 Eclipse Foundation SWT for Windows native library 131545714399792962 0x30380000 118784 C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\212\1\.cp\swt-gdip-win32-3740.dll 3.740 Eclipse Foundation SWT for Windows native library 131545714593371843 0x30600000 6213632 C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\523\1\.cp\os\win32\x86\PhoneGridGIPS.dll 131545714608326566 0x31db0000 151552 C:\Windows\SysWOW64\powrprof.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545714607314688 0x31ef0000 606208 C:\Windows\SysWOW64\igdumdx32.dll 8.15.10.2538 Intel Corporation LDDM User Mode Driver for Intel(R) Graphics Technology 131545714607442298 0x32020000 6414336 C:\Windows\SysWOW64\igdumd32.dll 8.15.10.2538 Intel Corporation LDDM User Mode Driver for Intel(R) Graphics Technology 131545714607550067 0x32640000 1048576 C:\Windows\SysWOW64\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714436054565 0x5b880000 12881920 C:\Windows\SysWOW64\nvd3dum.dll 10.18.13.5445 NVIDIA Corporation NVIDIA WDDM D3D Driver, Version 354.45 131545714434902026 0x5c4d0000 15155200 C:\Windows\SysWOW64\nvwgf2um.dll 10.18.13.5445 NVIDIA Corporation NVIDIA D3D10 Driver, Version 354.45 131545714607285954 0x5d580000 12881920 C:\Windows\SysWOW64\nvd3dum.dll 10.18.13.5445 NVIDIA Corporation NVIDIA WDDM D3D Driver, Version 354.45 131545714415753677 0x5e1d0000 14872576 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\xul.dll 10.0.6 Mozilla Foundation 131545714415952732 0x5f000000 11816960 C:\Notes\nsdhelp.dll 9.0.10.3261 IBM wnsd 131545714415856447 0x5fb50000 31715328 C:\Notes\nnotes.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714435871489 0x65cd0000 3170304 C:\Windows\SysWOW64\nvapi.dll 10.18.13.5445 NVIDIA Corporation NVIDIA NVAPI Library, Version 354.45 131545714606521949 0x67e60000 1110016 C:\Windows\SysWOW64\d3d10.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Direct3D 10 Runtime 131545714606930084 0x68c30000 237568 C:\Windows\SysWOW64\d3d10core.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Direct3D 10 Runtime 131545714435982310 0x68d00000 1241088 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll 7.17.13.5445 NVIDIA Corporation NVIDIA 3D Vision Control Panel API 131545714435650458 0x68e30000 3436544 C:\Windows\SysWOW64\d2d1.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Microsoft D2D Library 131545714415902805 0x69180000 3231744 C:\Notes\nxmlproc.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714429781747 0x694a0000 8900608 C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 15.0.4907.1000 Microsoft Corporation Microsoft OneDrive for Business Intl Resource Module 131545714606342991 0x6a0a0000 151552 C:\Windows\SysWOW64\powrprof.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Power Profile Helper DLL 131545714606167612 0x6a0d0000 229376 C:\Windows\SysWOW64\dxdiagn.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft DirectX Diagnostic Tool 131545714435788555 0x6a110000 1269760 C:\Windows\SysWOW64\DWrite.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Microsoft DirectX Typography Services 131545714434574223 0x6a250000 966656 C:\Windows\SysWOW64\nvumdshim.dll 10.18.13.5445 NVIDIA Corporation NVIDIA D3D Shim Driver, Version 354.45 131545714333009116 0x6a340000 24576 C:\Windows\SysWOW64\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545714332911620 0x6a350000 135168 C:\Program Files (x86)\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545714332904343 0x6a380000 32768 C:\Windows\SysWOW64\winrnr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation LDAP RnR Provider DLL 131545714332858353 0x6a390000 53248 C:\Windows\SysWOW64\wshbth.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Sockets Helper DLL 131545714332849189 0x6a3a0000 73728 C:\Windows\SysWOW64\pnrpnsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PNRP Name Space Provider 131545714332836061 0x6a3c0000 65536 C:\Windows\SysWOW64\NapiNSP.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation E-mail Naming Shim Provider 131545714332826995 0x6a3d0000 65536 C:\Windows\SysWOW64\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545714399974146 0x6a440000 1249280 C:\Windows\SysWOW64\WindowsCodecs.dll 6.2.9200.21830 (win8_ldr.160407-0600) Microsoft Corporation Microsoft Windows Codecs Library 131545714457031903 0x6a7a0000 495616 C:\Windows\SysWOW64\mscms.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Color Matching System DLL 131545714415658094 0x6a820000 1908736 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\mozjs.dll 131545714700820027 0x6aba0000 98304 C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\530\1\.cp\os\win32\NativeNetInfo.dll 131545714429766166 0x6abc0000 5242880 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Cultures\OFFICE.ODF 131545714434317960 0x6b0d0000 1527808 C:\Windows\SysWOW64\d3d11.dll 6.2.9200.20807 (win8_ldr.130822-1706) Microsoft Corporation Direct3D 11 Runtime 131545714435843238 0x6bde0000 598016 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll 7.17.13.5445 NVIDIA Corporation NVIDIA 3D Vision plugin 131545714332877560 0x6c0b0000 278528 C:\Windows\SysWOW64\dnsapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545714415938983 0x6c150000 1994752 C:\Notes\nlsccstr.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714429493175 0x6c340000 1740800 C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL 15.0.4907.1000 Microsoft Corporation Microsoft OneDrive for Business Extensions 131545714610170127 0x6c4f0000 69632 C:\Windows\SysWOW64\vfwwdm32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation VfW MM Driver for WDM Video Capture Devices 131545714435961576 0x6c510000 405504 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll 7.17.13.5445 NVIDIA Corporation NVIDIA API 3D Vision extention 131545714416772575 0x6c580000 1134592 C:\Notes\jvm\bin\dbghelp.dll 6.8.0004.0 (debuggers(dbg).070515-1751) Microsoft Corporation Windows Image Helper 131545714328150147 0x6cc10000 1695744 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c\comctl32.dll 6.10 (win7_rtm.090713-1255) Microsoft Corporation User Experience Controls Library 131545714610126449 0x6cdb0000 77824 C:\Windows\SysWOW64\avicap32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation AVI Capture window class 131545714434303205 0x6ce00000 311296 C:\Windows\SysWOW64\dxgi.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation DirectX Graphics Infrastructure 131545714434290419 0x6ce50000 266240 C:\Windows\SysWOW64\d3d10_1core.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Direct3D 10.1 Runtime 131545714415840635 0x6cea0000 552960 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll 8.00.50727.6195 Microsoft Corporation Microsoft® C++ Runtime Library 131545714610160320 0x6d4b0000 69632 C:\Windows\SysWOW64\vfwwdm32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation VfW MM Driver for WDM Video Capture Devices 131545714415072243 0x6d4d0000 643072 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\nss3.dll 3.13.5.0 Basic ECC Mozilla Foundation NSS Base Library 131545714429533629 0x6d570000 2383872 C:\Windows\SysWOW64\msi.dll 5.0.7601.23593 Microsoft Corporation Windows Installer 131545714418832223 0x6d7c0000 61440 C:\Windows\SysWOW64\wkscli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Workstation Service Client DLL 131545714418822510 0x6d7d0000 102400 C:\Windows\SysWOW64\srvcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Server Service Client DLL 131545714418812075 0x6d7f0000 36864 C:\Windows\SysWOW64\netutils.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Net Win32 API Helpers DLL 131545714418802418 0x6d800000 69632 C:\Windows\SysWOW64\netapi32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Net Win32 API DLL 131545714594692788 0x6d820000 36864 C:\Windows\SysWOW64\perfos.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows System Performance Objects DLL 131545714434280998 0x6d830000 180224 C:\Windows\SysWOW64\d3d10_1.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation Direct3D 10.1 Runtime 131545714416195991 0x6d860000 122880 C:\Notes\nnoteswc.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714430551461 0x6d880000 200704 C:\Windows\SysWOW64\EhStorShell.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Enhanced Storage Shell Extension DLL 131545714418842153 0x6d8d0000 61440 C:\Windows\SysWOW64\samcli.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Security Accounts Manager Client DLL 131545714415348347 0x6d8e0000 151552 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\ssl3.dll 3.13.5.0 Basic ECC Mozilla Foundation NSS SSL Library 131545714414941038 0x6d910000 163840 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\softokn3.dll 3.13.5.0 Basic ECC Mozilla Foundation NSS PKCS #11 Library 131545714414696559 0x6d940000 368640 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\mozsqlite3.dll 3.7.7.1 sqlite.org SQLite Database Library 131545714464216119 0x6d9a0000 397312 C:\Notes\NLNVP.DLL 12.1.7061.6600 Symantec Corporation Symantec Endpoint Protection 131545714416286001 0x6da10000 1191936 C:\Notes\nstrings.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714415539538 0x6dc80000 98304 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\smime3.dll 3.13.5.0 Basic ECC Mozilla Foundation NSS S/MIME Library 131545714595009479 0x6dd10000 221184 C:\Windows\SysWOW64\AudioSes.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Audio Session 131545714418862905 0x6dd50000 327680 C:\Windows\SysWOW64\webio.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Web Transfer Protocols API 131545714418852786 0x6dda0000 360448 C:\Windows\SysWOW64\winhttp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows HTTP Services 131545714416024434 0x6de00000 28672 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\xpcom.dll 10.0.6 Mozilla Foundation 131545714414765924 0x6de10000 98304 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\nssutil3.dll 3.13.5.0 Mozilla Foundation NSS Utility Library 131545714414627738 0x6de30000 24576 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\mozalloc.dll 10.0.6 Mozilla Foundation 131545714429504634 0x6de40000 155648 C:\Windows\SysWOW64\atl100.dll 10.00.40219.325 Microsoft Corporation ATL Module for Windows 131545714414557893 0x6de70000 28672 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\plds4.dll 4.9 Mozilla Foundation PLDS Library 131545714414215062 0x6de80000 172032 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\nspr4.dll 4.9 Mozilla Foundation NSPR Library 131545714399674547 0x6deb0000 1003520 C:\Windows\SysWOW64\propsys.dll 7.00.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Microsoft Property System 131545714594864662 0x6dfb0000 233472 C:\Windows\SysWOW64\MMDevAPI.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MMDevice API 131545714414488173 0x6e000000 28672 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\plc4.dll 4.9 Mozilla Foundation PLC Library 131545714414403865 0x6e010000 40960 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20131002-1404\xulrunner\mozutils.dll 10.0.6 Mozilla Foundation 131545714406936273 0x6e090000 245760 C:\Windows\SysWOW64\oleacc.dll 7.0.0.0 (win7sp1_ldr.160325-0600) Microsoft Corporation Active Accessibility Core Component 131545714414370177 0x6e0d0000 28672 C:\Windows\SysWOW64\wsock32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 32-Bit DLL 131545714414186297 0x6e0e0000 61440 C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\715\1\.cp\os\win32\notesbootstrap.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714464195359 0x6e100000 28672 C:\Notes\namhook.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714415925615 0x6e490000 389120 C:\Notes\js32.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714415978150 0x6f810000 24576 C:\Notes\ndgts.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714399345593 0x6fb60000 524288 C:\Windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545714399915285 0x6fca0000 1642496 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23894_none_5c0be957a009922e\GdiPlus.dll 6.1.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Microsoft GDI+ 131545714607018351 0x6fe40000 1536000 C:\Windows\SysWOW64\quartz.dll 6.6.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DirectShow Runtime. 131545714593414057 0x70170000 1847296 C:\Windows\SysWOW64\d3d9.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Direct3D 9 Runtime 131545714610135477 0x70c00000 135168 C:\Windows\SysWOW64\msvfw32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Video for Windows DLL 131545714599091761 0x70c30000 28672 C:\Windows\SysWOW64\avrt.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multimedia Realtime Runtime 131545714414394961 0x70d00000 634880 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll 8.00.50727.6195 Microsoft Corporation Microsoft® C Runtime Library 131545714414380716 0x70e90000 204800 C:\Windows\SysWOW64\winmm.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MCI API DLL 131545714608904717 0x70ed0000 45056 C:\Windows\SysWOW64\msdmo.dll 6.6.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation DMO Runtime 131545714399630997 0x70ee0000 77824 C:\Windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545714608775074 0x70f00000 81920 C:\Windows\SysWOW64\devenum.dll 6.6.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Device enumeration. 131545714415826711 0x70f20000 20480 C:\Windows\SysWOW64\msimg32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation GDIEXT Client DLL 131545714593423573 0x70f30000 24576 C:\Windows\SysWOW64\d3d8thk.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Direct3D OS Thunk Layer 131545714329011844 0x70f40000 311296 C:\Windows\SysWOW64\apphelp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Application Compatibility Client Library 131545714414194777 0x710d0000 782336 C:\Windows\SysWOW64\msvcr100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714415962492 0x71190000 73728 C:\Windows\SysWOW64\mpr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545714328583142 0x72000000 53248 C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\eclipse_1406.dll 131545714415888782 0x72c10000 667648 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C Runtime Library 131545714435669553 0x72cc0000 249856 C:\Windows\SysWOW64\bcryptprimitives.dll 6.1.7601.23451 (win7sp1_ldr.160511-0600) Microsoft Corporation Windows Cryptographic Primitives Library 131545714430767334 0x72d40000 40960 C:\Windows\SysWOW64\slc.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Software Licensing Client Dll 131545714333020609 0x72dc0000 229376 C:\Windows\SysWOW64\FWPUCLNT.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545714419444917 0x72e00000 73728 C:\Windows\SysWOW64\dhcpcsvc.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCP Client Service 131545714419431271 0x72e20000 53248 C:\Windows\SysWOW64\dhcpcsvc6.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation DHCPv6 Client 131545714332940568 0x72e30000 28672 C:\Windows\SysWOW64\winnsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545714332930291 0x72e40000 114688 C:\Windows\SysWOW64\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545714332992041 0x72e60000 24576 C:\Windows\SysWOW64\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545714434913130 0x72e70000 94208 C:\Windows\SysWOW64\bcrypt.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Windows Cryptographic Primitives Library (Wow64) 131545714409244967 0x72ff0000 241664 C:\Windows\SysWOW64\rsaenh.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Enhanced Cryptographic Provider 131545714409171347 0x73030000 94208 C:\Windows\SysWOW64\cryptsp.dll 6.1.7601.23471 (win7sp1_ldr.160614-0600) Microsoft Corporation Cryptographic Service Provider API 131545714332973716 0x73050000 20480 C:\Windows\SysWOW64\WSHTCPIP.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545714332866987 0x73060000 245760 C:\Windows\SysWOW64\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545714399641104 0x73190000 221184 C:\Program Files\ThinkPad\Bluetooth Software\syswow64\BtMmHook.dll 6.5.1.2700 Broadcom Corporation. Multimedia Keys Hook DLL 131545714430753367 0x731d0000 45056 C:\Windows\SysWOW64\cscapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Offline Files Win32 API 131545714409270222 0x732b0000 57344 C:\Windows\SysWOW64\RpcRtRemote.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Remote RPC Extension 131545714415911169 0x732c0000 430080 C:\Windows\SysWOW64\msvcp100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714328505559 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714328465339 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714593394063 0x74700000 946176 C:\Windows\SysWOW64\ddraw.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft DirectDraw 131545714328458332 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545714593404242 0x74840000 24576 C:\Windows\SysWOW64\dciman32.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation DCI Manager 131545714608786554 0x748a0000 135168 C:\Windows\SysWOW64\ntmarta.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows NT MARTA provider 131545714328347006 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714399243336 0x74900000 331776 C:\Windows\SysWOW64\winspool.drv 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Spooler Driver 131545714328358460 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714328090023 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714328055381 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545714328046709 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545714328037660 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545714328136471 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714328468541 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714328479516 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714328332328 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714328471452 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714399221335 0x75050000 503808 C:\Windows\SysWOW64\comdlg32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Common Dialogs DLL 131545714328474418 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714328122812 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714328119336 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714328130482 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714328152176 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714399249368 0x754e0000 16384 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545714608789165 0x754f0000 282624 C:\Windows\SysWOW64\Wldap32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Win32 LDAP API DLL 131545714328476190 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714328132961 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714399251217 0x75820000 16384 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545714434266543 0x75830000 192512 C:\Windows\SysWOW64\wintrust.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Microsoft Trust Verification APIs 131545714399259517 0x75860000 2314240 C:\Windows\SysWOW64\iertutil.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Run time utility for Internet Explorer 131545714399574726 0x75aa0000 20480 C:\Windows\SysWOW64\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545714399263741 0x75ab0000 1183744 C:\Windows\SysWOW64\crypt32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545714328912807 0x75be0000 24576 C:\Windows\SysWOW64\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545714328117564 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714343589599 0x75c90000 102400 C:\Windows\SysWOW64\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545714328115864 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714399257483 0x75cc0000 12288 C:\Windows\SysWOW64\normaliz.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Unicode Normalization DLL 131545714399246872 0x75cd0000 2797568 C:\Windows\SysWOW64\wininet.dll 11.00.9600.18817 (winblue_ltsb.170907-0600) Microsoft Corporation Internet Extensions for Win32 131545714328909952 0x75f80000 217088 C:\Windows\SysWOW64\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545714399261207 0x760b0000 20480 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545714399230397 0x760c0000 12894208 C:\Windows\SysWOW64\shell32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows Shell Common Dll 131545714328077302 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714399253935 0x76d60000 16384 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545714399255566 0x76d70000 12288 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) Microsoft Corporation ApiSet Stub DLL 131545714343593203 0x76d80000 45056 C:\Windows\SysWOW64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545714399681075 0x76ef0000 536576 C:\Windows\SysWOW64\clbcatq.dll 2001.12.8531.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation COM+ Configuration Catalog 131545714328064717 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714328066729 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714328022332 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714399265342 0x77350000 49152 C:\Windows\SysWOW64\msasn1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545714328023629 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714328921214 0x7c360000 352256 C:\Windows\SysWOW64\MSVCR71.DLL 7.10.6030.0 Microsoft Corporation Microsoft® C Runtime Library 131545714343482622 0x7ed70000 73728 C:\Notes\jvm\bin\zip.dll 6.0.0-20130618_01 IBM Java(TM) Platform SE binary 131545714329893031 0x7edc0000 24576 C:\Notes\jvm\bin\vmi.dll R2.4 (20130704_155156) International Business Machines Corporation J9 Virtual Machine Runtime 124 4200 6072 121 00000000:0019621a 131545714622179697 0 0 0 Medium USDEVR9K0NHD\sramka ntaskldr.EXE C:\Notes\ntaskldr.EXE C:\Notes\ntaskldr.EXE C:\Notes\ntaskldr.EXE IBM Corp 9.0.10.13287 IBM Notes/Domino 131545714622226372 0x1150000 28672 C:\Notes\ntaskldr.exe 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714645502191 0x6500000 208896 C:\Notes\N\icc\icclib\icclib081.dll 8.1.31.0 IBM IBM Crypto for C-language 131545714645524967 0x6790000 208896 C:\Notes\C\icc\icclib\icclib080.dll 131545714645546408 0x78d0000 991232 C:\Notes\C\icc\osslib\libeay32IBM080.dll 8.0.0.0 The OpenSSL Project, http://www.openssl.org/ OpenSSL Shared Library 0.98e 131545714622337262 0x10000000 307200 C:\Notes\gsk8iccs.dll 8.0.15.2 IBM Corporation IBM Global Security Toolkit 131545714622434698 0x5f000000 11816960 C:\Notes\nsdhelp.dll 9.0.10.3261 IBM wnsd 131545714622322481 0x5fb50000 31715328 C:\Notes\nnotes.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714622378983 0x69180000 3231744 C:\Notes\nxmlproc.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714646441258 0x6a340000 24576 C:\Windows\SysWOW64\rasadhlp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Access AutoDial Helper 131545714645371200 0x6a350000 135168 C:\Program Files (x86)\Bonjour\mdnsNSP.dll 3,1,0,1 Apple Inc. Bonjour Namespace Provider 131545714645364617 0x6a380000 32768 C:\Windows\SysWOW64\winrnr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation LDAP RnR Provider DLL 131545714645329230 0x6a390000 53248 C:\Windows\SysWOW64\wshbth.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Sockets Helper DLL 131545714645318533 0x6a3a0000 73728 C:\Windows\SysWOW64\pnrpnsp.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation PNRP Name Space Provider 131545714645306038 0x6a3c0000 65536 C:\Windows\SysWOW64\NapiNSP.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation E-mail Naming Shim Provider 131545714645297644 0x6a3d0000 65536 C:\Windows\SysWOW64\nlaapi.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Network Location Awareness 2 131545714645338870 0x6c0b0000 278528 C:\Windows\SysWOW64\dnsapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation DNS Client API DLL 131545714653322327 0x6c110000 24576 C:\Notes\nhldaemn.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714622411669 0x6c150000 1994752 C:\Notes\nlsccstr.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714645094951 0x6c4f0000 90112 C:\Notes\nntcp.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714643307649 0x6cdc0000 24576 C:\Notes\nhkdaemn.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714633276692 0x6d4b0000 94208 C:\Notes\nwrdaemndll.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714623217917 0x6d9a0000 397312 C:\Notes\NLNVP.DLL 12.1.7061.6600 Symantec Corporation Symantec Endpoint Protection 131545714622791497 0x6da10000 1191936 C:\Notes\nstrings.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714633283635 0x6e020000 450560 C:\Notes\ndxlo.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714645105841 0x6e0d0000 28672 C:\Windows\SysWOW64\wsock32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 32-Bit DLL 131545714633307995 0x6e0f0000 45056 C:\Notes\ntcp.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714623202871 0x6e100000 28672 C:\Notes\namhook.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714633290458 0x6e110000 118784 C:\Notes\nxmlcommon.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714622405210 0x6e490000 389120 C:\Notes\js32.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714622470517 0x6f810000 24576 C:\Notes\ndgts.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714623277904 0x6fb60000 524288 C:\Windows\SysWOW64\uxtheme.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft UxTheme Library 131545714623303557 0x70ee0000 77824 C:\Windows\SysWOW64\dwmapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Desktop Window Manager API 131545714622387429 0x710d0000 782336 C:\Windows\SysWOW64\msvcr100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714622453219 0x71190000 73728 C:\Windows\SysWOW64\mpr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545714622371030 0x72c10000 667648 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C Runtime Library 131545714646420703 0x72dc0000 229376 C:\Windows\SysWOW64\FWPUCLNT.DLL 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation FWP/IPsec User-Mode API 131545714645223952 0x72e30000 28672 C:\Windows\SysWOW64\winnsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Network Store Information RPC interface 131545714645213341 0x72e40000 114688 C:\Windows\SysWOW64\IPHLPAPI.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation IP Helper API 131545714645276127 0x72e60000 24576 C:\Windows\SysWOW64\wship6.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv6) 131545714646526161 0x73050000 20480 C:\Windows\SysWOW64\WSHTCPIP.DLL 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Winsock2 Helper DLL (TL/IPv4) 131545714645256642 0x73060000 245760 C:\Windows\SysWOW64\mswsock.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Microsoft Windows Sockets 2.0 Service Provider 131545714622910888 0x730a0000 962560 C:\Windows\SysWOW64\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545714622397060 0x732c0000 430080 C:\Windows\SysWOW64\msvcp100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714622689955 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714622666682 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714622660416 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545714622570894 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714622443695 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714622295424 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714622261476 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545714622253047 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545714622244020 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545714622357452 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714622668737 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714622673955 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714622557954 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714622671177 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714622414477 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714622418055 0x75170000 589824 C:\Windows\SysWOW64\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714622343511 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714622327087 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714622420696 0x75360000 1048576 C:\Windows\SysWOW64\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714622351040 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714623224749 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714622416185 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714622354011 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714622554735 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545714622460239 0x75aa0000 20480 C:\Windows\SysWOW64\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545714622325182 0x75ab0000 1183744 C:\Windows\SysWOW64\crypt32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545714622458429 0x75be0000 24576 C:\Windows\SysWOW64\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545714622426154 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714622462744 0x75c90000 102400 C:\Windows\SysWOW64\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545714622424121 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714622456139 0x75f80000 217088 C:\Windows\SysWOW64\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545714622283499 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714622464683 0x76d80000 45056 C:\Windows\SysWOW64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545714622270567 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714622272502 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714622227994 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714622329852 0x77350000 49152 C:\Windows\SysWOW64\msasn1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545714622229513 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 125 6012 6072 121 00000000:0019621a 131545714654624703 131545714659300061 0 0 Medium USDEVR9K0NHD\sramka ndyncfg.EXE C:\Notes\ndyncfg.EXE C:\Notes\ndyncfg.EXE 64 "" IBM Corp 9.0.10.13287 IBM Notes/Domino 131545714654671313 0x10a0000 73728 C:\Notes\ndyncfg.exe 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714655662589 0x10000000 307200 C:\Notes\gsk8iccs.dll 8.0.15.2 IBM Corporation IBM Global Security Toolkit 131545714655760197 0x5f000000 11816960 C:\Notes\nsdhelp.dll 9.0.10.3261 IBM wnsd 131545714655649816 0x5fb50000 31715328 C:\Notes\nnotes.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714655709434 0x69180000 3231744 C:\Notes\nxmlproc.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714655739890 0x6c150000 1994752 C:\Notes\nlsccstr.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714656774989 0x6d9a0000 397312 C:\Notes\NLNVP.DLL 12.1.7061.6600 Symantec Corporation Symantec Endpoint Protection 131545714656167239 0x6da10000 1191936 C:\Notes\nstrings.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714655806169 0x6e020000 450560 C:\Notes\ndxlo.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714656747620 0x6e100000 28672 C:\Notes\namhook.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714655813334 0x6e110000 118784 C:\Notes\nxmlcommon.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714655733525 0x6e490000 389120 C:\Notes\js32.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714655799076 0x6f810000 24576 C:\Notes\ndgts.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714655717610 0x710d0000 782336 C:\Windows\SysWOW64\msvcr100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714655779694 0x71190000 73728 C:\Windows\SysWOW64\mpr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545714655701490 0x72c10000 667648 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C Runtime Library 131545714656289319 0x730a0000 962560 C:\Windows\SysWOW64\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545714655725936 0x732c0000 430080 C:\Windows\SysWOW64\msvcp100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714656054920 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714656030423 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714656023929 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545714655928419 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714655769661 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714655619592 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714655586426 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545714655577373 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545714655566664 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545714655685164 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714656033119 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714656038753 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714655908964 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714656035452 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714655742510 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714655745990 0x75170000 589824 C:\Windows\SysWOW64\gdi32.dll 6.1.7601.23914 (win7sp1_ldr.170908-0600) Microsoft Corporation GDI Client DLL 131545714655668586 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714655653412 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714655747749 0x75360000 1048576 C:\Windows\SysWOW64\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714655676175 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714656784920 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714655744102 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714655679514 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714655905604 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545714655786761 0x75aa0000 20480 C:\Windows\SysWOW64\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545714655652132 0x75ab0000 1183744 C:\Windows\SysWOW64\crypt32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545714655784677 0x75be0000 24576 C:\Windows\SysWOW64\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545714655751995 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714655790061 0x75c90000 102400 C:\Windows\SysWOW64\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545714655750214 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714655782374 0x75f80000 217088 C:\Windows\SysWOW64\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545714655607546 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714655792428 0x76d80000 45056 C:\Windows\SysWOW64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545714655595946 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714655597466 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714654672858 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714655655774 0x77350000 49152 C:\Windows\SysWOW64\msasn1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545714654674112 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 126 3768 6072 121 00000000:0019621a 131545714655233737 131545714659168702 0 0 Medium USDEVR9K0NHD\sramka nfileret.EXE C:\Notes\nfileret.EXE C:\Notes\nfileret.EXE client IBM Corp 9.0.10.13287 IBM Notes/Domino 131545714655279170 0x170000 36864 C:\Notes\nfileret.exe 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714656267861 0x10000000 307200 C:\Notes\gsk8iccs.dll 8.0.15.2 IBM Corporation IBM Global Security Toolkit 131545714656187011 0x5f000000 11816960 C:\Notes\nsdhelp.dll 9.0.10.3261 IBM wnsd 131545714656257570 0x5fb50000 31715328 C:\Notes\nnotes.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714656292683 0x69180000 3231744 C:\Notes\nxmlproc.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714656315776 0x6c150000 1994752 C:\Notes\nlsccstr.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714657423922 0x6d9a0000 397312 C:\Notes\NLNVP.DLL 12.1.7061.6600 Symantec Corporation Symantec Endpoint Protection 131545714656833619 0x6da10000 1191936 C:\Notes\nstrings.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714657408889 0x6e100000 28672 C:\Notes\namhook.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714656308482 0x6e490000 389120 C:\Notes\js32.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714656338270 0x6f810000 24576 C:\Notes\ndgts.dll 9.0.10.13287 IBM Corp IBM Notes/Domino 131545714656239674 0x710d0000 782336 C:\Windows\SysWOW64\msvcr100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714656209308 0x71190000 73728 C:\Windows\SysWOW64\mpr.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Multiple Provider Router DLL 131545714656285774 0x72c10000 667648 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll 9.00.30729.6161 Microsoft Corporation Microsoft® C Runtime Library 131545714657091988 0x730a0000 962560 C:\Windows\SysWOW64\dbghelp.dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation Windows Image Helper 131545714656300782 0x732c0000 430080 C:\Windows\SysWOW64\msvcp100.dll 10.00.40219.325 Microsoft Corporation Microsoft® C Runtime Library 131545714656664455 0x746b0000 122880 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA dxgiwrap dll, Version 354.45 131545714656625023 0x746d0000 167936 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll 10.18.13.5445 NVIDIA Corporation NVIDIA d3d9wrap dll, Version 354.45 131545714656612742 0x74830000 24576 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll 131545714656448484 0x748d0000 176128 C:\Windows\SysWOW64\nvinit.dll 10.18.13.5445 NVIDIA Corporation NVIDIA shim initialization dll, Version 354.45 131545714656196582 0x74960000 36864 C:\Windows\SysWOW64\version.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Version Checking and File Installation Libraries 131545714656156046 0x74970000 450560 C:\Windows\SysWOW64\sysfer.dll 12.1.7061.6600 Symantec Corporation Symantec CMC Firewall sysfer 131545714656119191 0x749e0000 32768 C:\Windows\System32\wow64cpu.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation AMD64 Wow64 CPU 131545714656110155 0x749f0000 376832 C:\Windows\System32\wow64win.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Wow64 Console and Win32 API Logging 131545714656100973 0x74a50000 258048 C:\Windows\System32\wow64.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Win32 Emulation on NT64 131545714656219517 0x74c10000 49152 C:\Windows\SysWOW64\cryptbase.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Base cryptographic API DLL 131545714656628482 0x74c80000 1691648 C:\Windows\SysWOW64\setupapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Setup API 131545714656635943 0x74e20000 73728 C:\Windows\SysWOW64\devobj.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Device Information Set DLL 131545714656426041 0x74e40000 839680 C:\Windows\SysWOW64\msctf.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation MSCTF Server DLL 131545714656631889 0x75020000 159744 C:\Windows\SysWOW64\cfgmgr32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Configuration Manager DLL 131545714656320613 0x750d0000 593920 C:\Windows\SysWOW64\oleaut32.dll 6.1.7601.23775 Microsoft Corporation 131545714656249690 0x75200000 659456 C:\Windows\SysWOW64\advapi32.dll 6.1.7601.23915 (win7sp1_ldr.170913-0600) Microsoft Corporation Advanced Windows 32 Base API 131545714656199176 0x752b0000 704512 C:\Windows\SysWOW64\msvcrt.dll 7.0.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT CRT DLL 131545714656242914 0x75360000 1048576 C:\Windows\SysWOW64\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714656227166 0x75460000 102400 C:\Windows\SysWOW64\sechost.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Host for SCM/SDDL/LSA Lookup APIs 131545714657430390 0x75480000 356352 C:\Windows\SysWOW64\shlwapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Shell Light-weight Utility Library 131545714656322805 0x75540000 1429504 C:\Windows\SysWOW64\ole32.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation Microsoft OLE for Windows 131545714656215348 0x756a0000 983040 C:\Windows\SysWOW64\rpcrt4.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Remote Procedure Call Runtime 131545714656422475 0x757c0000 393216 C:\Windows\SysWOW64\imm32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows IMM32 API Client DLL 131545714656232042 0x75aa0000 20480 C:\Windows\SysWOW64\psapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Process Status Helper 131545714656259407 0x75ab0000 1183744 C:\Windows\SysWOW64\crypt32.dll 6.1.7601.23769 (win7sp1_ldr.170412-0600) Microsoft Corporation Crypto API32 131545714656230351 0x75be0000 24576 C:\Windows\SysWOW64\nsi.dll 6.1.7601.23889 (win7sp1_ldr.170810-1615) Microsoft Corporation NSI User-mode interface DLL 131545714656247721 0x75bf0000 643072 C:\Windows\SysWOW64\usp10.dll 1.0626.7601.23894 (win7sp1_ldr.170816-0600) Microsoft Corporation Uniscribe Unicode script processor 131545714656328926 0x75c90000 102400 C:\Windows\SysWOW64\userenv.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Userenv 131545714656246086 0x75cb0000 40960 C:\Windows\SysWOW64\lpk.dll 6.1.7601.23807 (win7sp1_ldr.170512-0600) Microsoft Corporation Language Pack 131545714656212231 0x75f80000 217088 C:\Windows\SysWOW64\ws2_32.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation Windows Socket 2.0 32-Bit DLL 131545714656139707 0x76d10000 290816 C:\Windows\SysWOW64\KernelBase.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714656331280 0x76d80000 45056 C:\Windows\SysWOW64\profapi.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation User Profile Basic API 131545714656127538 0x76f80000 1175552 C:\Windows\System32\kernel32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Windows NT BASE API Client DLL 131545714656129079 0x770a0000 1024000 C:\Windows\System32\user32.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation Multi-User Windows USER API Client DLL 131545714655280608 0x771a0000 1744896 C:\Windows\System32\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 131545714656261063 0x77350000 49152 C:\Windows\SysWOW64\msasn1.dll 6.1.7601.23403 (win7sp1_ldr.160325-0600) Microsoft Corporation ASN.1 Runtime APIs 131545714655281772 0x77380000 1572864 C:\Windows\SysWOW64\ntdll.dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation NT Layer DLL 112 6:33:21.5550663 PM java.exe 1020 CreateFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b4a0a

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0x24aa 2

0xfffff880013d02a3

C:\windows\system32\drivers\fltmgr.sys FltReadFile + 0xeb53 3

0xfffff800031802bb

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x2d2b 4

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 5

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 6

0xfffff800031094b4

C:\windows\system32\ntoskrnl.exe PsTerminateSystemThread + 0x250 7

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 8

0x771ece9a

C:\Windows\System32\ntdll.dll ZwQueryFullAttributesFile + 0xa 9

0x74a7444c

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0x168e4 10

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 11

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 12

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 13

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 14

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 15

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 16

0x773a135e

C:\Windows\SysWOW64\ntdll.dll ZwQueryFullAttributesFile + 0x12 17

0x76d29d51

C:\Windows\SysWOW64\KernelBase.dll GetFileAttributesExW + 0x93 18

0x6e4a7c7b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_io_WinNTFileSystem_initIDs + 0x2d0 19

0x6e4a80c6

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_io_WinNTFileSystem_getBooleanAttributes + 0x31 20

0x2b34880

21

0x2b346a0

22

0x2b30497

23

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 24

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 25

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 26

0x68f54def

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_DoPrivileged + 0x2bf 27

0x6e4a1015

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2 + 0x15 28

0x2b34b54

29

0x2b346a0

30

0x2b34d4a

31

0x2b34d4a

32

0x2b34d4a

33

0x2b34b54

34

0x2b30497

35

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 36

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 37

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 38

0x68f54def

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_DoPrivileged + 0x2bf 39

0x6e4a1015

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2 + 0x15 40

0x2b34b54

41

0x2b30497

42

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 43

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 44

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 45

0x68f0437b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb437b 46

0x68f064d7

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb64d7 47

0x68f06628

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb6628 48

0x68ec72f6

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x772f6 49

0x68ec85a2

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x785a2 50

0x68ec3937

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x73937 51

0x2b46c3e

52

0x2b34d4a

53

0x2b34d4a

54

0x2b34b54

55

0x2b30497

56

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 57

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 58

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 59

0x68f54def

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_DoPrivileged + 0x2bf 60

0x6e4a1015

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2 + 0x15 61

0x2b34b54

62

0x2b34b54

63

0x2b30497

64

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 65

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 66

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 67

0x68f0437b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb437b 68

0x68f064d7

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb64d7 69

0x68f06628

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb6628 70

0x68ec72f6

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x772f6 71

0x68ec85a2

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x785a2 72

0x68ec3937

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x73937 73

0x2b46c3e

74

0x2b34d4a

75

0x2b34d4a

76

0x2b34880

77

0x2b34920

78

0x2b34b54

79

0x2b34b54

80

0x2b346a0

81

0x2b346a0

82

0x2b34d4a

83

0x2b34880

84

0x2b30497

85

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 86

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 87

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 88

0x68f26797

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JNI_CreateJavaVM + 0x6b7 89

0x68f2ed2f

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JNI_CreateJavaVM + 0x8c4f 90

0xf1229e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe java.exe + 0x229e 91

0xf18cef

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe java.exe + 0x8cef 92

0xf18d79

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe java.exe + 0x8d79 93

0x74f2336a

C:\Windows\SysWOW64\kernel32.dll BaseThreadInitThunk + 0x12 94

0x773b98f2

C:\Windows\SysWOW64\ntdll.dll RtlInitializeExceptionChain + 0x63 95

0x773b98c5

C:\Windows\SysWOW64\ntdll.dll RtlInitializeExceptionChain + 0x36 112 6:33:21.5551211 PM java.exe 1020 QueryNetworkOpenInformationFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll SUCCESS CreationTime: 11/1/2017 11:19:52 AM, LastAccessTime: 11/1/2017 11:19:52 AM, LastWriteTime: 11/7/2017 6:31:44 PM, ChangeTime: 11/7/2017 6:31:44 PM, AllocationSize: 77824, EndOfFile: 74752, FileAttributes: A 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b488d

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0x232d 2

0xfffff880013d11f2

C:\windows\system32\drivers\fltmgr.sys FltDeletePushLock + 0xda2 3

0xfffff80003180b4f

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x35bf 4

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 5

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 6

0xfffff800031094b4

C:\windows\system32\ntoskrnl.exe PsTerminateSystemThread + 0x250 7

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 8

0x771ece9a

C:\Windows\System32\ntdll.dll ZwQueryFullAttributesFile + 0xa 9

0x74a7444c

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0x168e4 10

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 11

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 12

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 13

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 14

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 15

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 16

0x773a135e

C:\Windows\SysWOW64\ntdll.dll ZwQueryFullAttributesFile + 0x12 17

0x76d29d51

C:\Windows\SysWOW64\KernelBase.dll GetFileAttributesExW + 0x93 18

0x6e4a7c7b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_io_WinNTFileSystem_initIDs + 0x2d0 19

0x6e4a80c6

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_io_WinNTFileSystem_getBooleanAttributes + 0x31 20

0x2b34880

21

0x2b346a0

22

0x2b30497

23

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 24

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 25

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 26

0x68f54def

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_DoPrivileged + 0x2bf 27

0x6e4a1015

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2 + 0x15 28

0x2b34b54

29

0x2b346a0

30

0x2b34d4a

31

0x2b34d4a

32

0x2b34d4a

33

0x2b34b54

34

0x2b30497

35

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 36

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 37

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 38

0x68f54def

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_DoPrivileged + 0x2bf 39

0x6e4a1015

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2 + 0x15 40

0x2b34b54

41

0x2b30497

42

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 43

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 44

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 45

0x68f0437b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb437b 46

0x68f064d7

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb64d7 47

0x68f06628

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb6628 48

0x68ec72f6

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x772f6 49

0x68ec85a2

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x785a2 50

0x68ec3937

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x73937 51

0x2b46c3e

52

0x2b34d4a

53

0x2b34d4a

54

0x2b34b54

55

0x2b30497

56

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 57

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 58

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 59

0x68f54def

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_DoPrivileged + 0x2bf 60

0x6e4a1015

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2 + 0x15 61

0x2b34b54

62

0x2b34b54

63

0x2b30497

64

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 65

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 66

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 67

0x68f0437b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb437b 68

0x68f064d7

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb64d7 69

0x68f06628

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb6628 70

0x68ec72f6

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x772f6 71

0x68ec85a2

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x785a2 72

0x68ec3937

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x73937 73

0x2b46c3e

74

0x2b34d4a

75

0x2b34d4a

76

0x2b34880

77

0x2b34920

78

0x2b34b54

79

0x2b34b54

80

0x2b346a0

81

0x2b346a0

82

0x2b34d4a

83

0x2b34880

84

0x2b30497

85

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 86

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 87

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 88

0x68f26797

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JNI_CreateJavaVM + 0x6b7 89

0x68f2ed2f

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JNI_CreateJavaVM + 0x8c4f 90

0xf1229e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe java.exe + 0x229e 91

0xf18cef

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe java.exe + 0x8cef 92

0xf18d79

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe java.exe + 0x8d79 93

0x74f2336a

C:\Windows\SysWOW64\kernel32.dll BaseThreadInitThunk + 0x12 94

0x773b98f2

C:\Windows\SysWOW64\ntdll.dll RtlInitializeExceptionChain + 0x63 95

0x773b98c5

C:\Windows\SysWOW64\ntdll.dll RtlInitializeExceptionChain + 0x36 112 6:33:21.5551455 PM java.exe 1020 CloseFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll SUCCESS 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b2fc7

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0xa67 2

0xfffff880013b16c7

C:\windows\system32\drivers\fltmgr.sys fltmgr.sys + 0x16c7 3

0xfffff800031897cf

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0xc23f 4

0xfffff80003180bc9

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x3639 5

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 6

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 7

0xfffff800031094b4

C:\windows\system32\ntoskrnl.exe PsTerminateSystemThread + 0x250 8

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 9

0x771ece9a

C:\Windows\System32\ntdll.dll ZwQueryFullAttributesFile + 0xa 10

0x74a7444c

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0x168e4 11

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 12

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 13

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 14

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 15

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 16

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 17

0x773a135e

C:\Windows\SysWOW64\ntdll.dll ZwQueryFullAttributesFile + 0x12 18

0x76d29d51

C:\Windows\SysWOW64\KernelBase.dll GetFileAttributesExW + 0x93 19

0x6e4a7c7b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_io_WinNTFileSystem_initIDs + 0x2d0 20

0x6e4a80c6

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_io_WinNTFileSystem_getBooleanAttributes + 0x31 21

0x2b34880

22

0x2b346a0

23

0x2b30497

24

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 25

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 26

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 27

0x68f54def

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_DoPrivileged + 0x2bf 28

0x6e4a1015

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2 + 0x15 29

0x2b34b54

30

0x2b346a0

31

0x2b34d4a

32

0x2b34d4a

33

0x2b34d4a

34

0x2b34b54

35

0x2b30497

36

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 37

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 38

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 39

0x68f54def

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_DoPrivileged + 0x2bf 40

0x6e4a1015

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2 + 0x15 41

0x2b34b54

42

0x2b30497

43

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 44

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 45

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 46

0x68f0437b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb437b 47

0x68f064d7

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb64d7 48

0x68f06628

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb6628 49

0x68ec72f6

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x772f6 50

0x68ec85a2

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x785a2 51

0x68ec3937

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x73937 52

0x2b46c3e

53

0x2b34d4a

54

0x2b34d4a

55

0x2b34b54

56

0x2b30497

57

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 58

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 59

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 60

0x68f54def

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_DoPrivileged + 0x2bf 61

0x6e4a1015

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2 + 0x15 62

0x2b34b54

63

0x2b34b54

64

0x2b30497

65

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 66

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 67

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 68

0x68f0437b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb437b 69

0x68f064d7

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb64d7 70

0x68f06628

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0xb6628 71

0x68ec72f6

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x772f6 72

0x68ec85a2

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x785a2 73

0x68ec3937

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll jvm.dll + 0x73937 74

0x2b46c3e

75

0x2b34d4a

76

0x2b34d4a

77

0x2b34880

78

0x2b34920

79

0x2b34b54

80

0x2b34b54

81

0x2b346a0

82

0x2b346a0

83

0x2b34d4a

84

0x2b34880

85

0x2b30497

86

0x68fac3f5

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c05 87

0x6907989e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x6ddae 88

0x68fac48e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_GetThreadStateNames + 0x54c9e 89

0x68f26797

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JNI_CreateJavaVM + 0x6b7 90

0x68f2ed2f

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JNI_CreateJavaVM + 0x8c4f 91

0xf1229e

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe java.exe + 0x229e 92

0xf18cef

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe java.exe + 0x8cef 93

0xf18d79

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\bin\java.exe java.exe + 0x8d79 94

0x74f2336a

C:\Windows\SysWOW64\kernel32.dll BaseThreadInitThunk + 0x12 95

0x773b98f2

C:\Windows\SysWOW64\ntdll.dll RtlInitializeExceptionChain + 0x63 96

0x773b98c5

C:\Windows\SysWOW64\ntdll.dll RtlInitializeExceptionChain + 0x36 112 6:33:21.5553231 PM java.exe 1020 QueryDirectory C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll SUCCESS Filter: net.dll, 1: net.dll 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b2fc7

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0xa67 2

0xfffff880013b16c7

C:\windows\system32\drivers\fltmgr.sys fltmgr.sys + 0x16c7 3

0xfffff800031681ca

C:\windows\system32\ntoskrnl.exe NtQueryDirectoryFile + 0x1aa 4

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 5

0x771ec08a

C:\Windows\System32\ntdll.dll ZwQueryDirectoryFile + 0xa 6

0x74a667df

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0x8c77 7

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 8

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 9

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 10

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 11

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 12

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 13

0x7739fdba

C:\Windows\SysWOW64\ntdll.dll ZwQueryDirectoryFile + 0x12 14

0x76d2aa58

C:\Windows\SysWOW64\KernelBase.dll FindFirstFileExW + 0x3f5 15

0x76d2ad74

C:\Windows\SysWOW64\KernelBase.dll FindFirstFileW + 0x16 16

0x6e4a96d7

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_util_prefs_WindowsPreferences_WindowsRegEnumValue + 0x888 112 6:33:21.5555872 PM java.exe 1020 CreateFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b4a0a

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0x24aa 2

0xfffff880013d02a3

C:\windows\system32\drivers\fltmgr.sys FltReadFile + 0xeb53 3

0xfffff800031802bb

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x2d2b 4

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 5

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 6

0xfffff80003158876

C:\windows\system32\ntoskrnl.exe NtOpenProcessTokenEx + 0x326 7

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 8

0x771ec10a

C:\Windows\System32\ntdll.dll ZwQueryAttributesFile + 0xa 9

0x74a6ae19

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0xd2b1 10

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 11

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 12

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 13

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 14

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 15

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 16

0x7739fe7e

C:\Windows\SysWOW64\ntdll.dll ZwQueryAttributesFile + 0x12 17

0x773c19d5

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x73 18

0x773c1c45

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x2e3 19

0x773c1d49

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x3e7 20

0x773be956

C:\Windows\SysWOW64\ntdll.dll wcspbrk + 0x30d 21

0x773fd39f

C:\Windows\SysWOW64\ntdll.dll RtlUlonglongByteSwap + 0x68f 22

0x76d22e0f

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExW + 0x233 23

0x746d3943

C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll GetNVDisplayW + 0x1cf3 24

0x76d22e66

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExA + 0x26 25

0x74f249a8

C:\Windows\SysWOW64\kernel32.dll LoadLibraryA + 0x31 26

0x6900f281

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x3791 27

0x68f4da46

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_LoadLibrary + 0x76 28

0x6e4a207b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_lang_ClassLoader_00024NativeLibrary_load + 0x71 112 6:33:21.5556292 PM java.exe 1020 QueryBasicInformationFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll SUCCESS CreationTime: 11/1/2017 11:19:52 AM, LastAccessTime: 11/1/2017 11:19:52 AM, LastWriteTime: 11/7/2017 6:31:44 PM, ChangeTime: 11/7/2017 6:31:44 PM, FileAttributes: A 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b488d

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0x232d 2

0xfffff880013d0de0

C:\windows\system32\drivers\fltmgr.sys FltDeletePushLock + 0x990 3

0xfffff800031809f6

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x3466 4

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 5

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 6

0xfffff80003158876

C:\windows\system32\ntoskrnl.exe NtOpenProcessTokenEx + 0x326 7

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 8

0x771ec10a

C:\Windows\System32\ntdll.dll ZwQueryAttributesFile + 0xa 9

0x74a6ae19

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0xd2b1 10

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 11

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 12

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 13

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 14

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 15

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 16

0x7739fe7e

C:\Windows\SysWOW64\ntdll.dll ZwQueryAttributesFile + 0x12 17

0x773c19d5

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x73 18

0x773c1c45

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x2e3 19

0x773c1d49

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x3e7 20

0x773be956

C:\Windows\SysWOW64\ntdll.dll wcspbrk + 0x30d 21

0x773fd39f

C:\Windows\SysWOW64\ntdll.dll RtlUlonglongByteSwap + 0x68f 22

0x76d22e0f

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExW + 0x233 23

0x746d3943

C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll GetNVDisplayW + 0x1cf3 24

0x76d22e66

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExA + 0x26 25

0x74f249a8

C:\Windows\SysWOW64\kernel32.dll LoadLibraryA + 0x31 26

0x6900f281

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x3791 27

0x68f4da46

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_LoadLibrary + 0x76 28

0x6e4a207b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_lang_ClassLoader_00024NativeLibrary_load + 0x71 112 6:33:21.5556523 PM java.exe 1020 CloseFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll SUCCESS 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b2fc7

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0xa67 2

0xfffff880013b16c7

C:\windows\system32\drivers\fltmgr.sys fltmgr.sys + 0x16c7 3

0xfffff800031897cf

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0xc23f 4

0xfffff80003180bc9

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x3639 5

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 6

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 7

0xfffff80003158876

C:\windows\system32\ntoskrnl.exe NtOpenProcessTokenEx + 0x326 8

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 9

0x771ec10a

C:\Windows\System32\ntdll.dll ZwQueryAttributesFile + 0xa 10

0x74a6ae19

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0xd2b1 11

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 12

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 13

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 14

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 15

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 16

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 17

0x7739fe7e

C:\Windows\SysWOW64\ntdll.dll ZwQueryAttributesFile + 0x12 18

0x773c19d5

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x73 19

0x773c1c45

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x2e3 20

0x773c1d49

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x3e7 21

0x773be956

C:\Windows\SysWOW64\ntdll.dll wcspbrk + 0x30d 22

0x773fd39f

C:\Windows\SysWOW64\ntdll.dll RtlUlonglongByteSwap + 0x68f 23

0x76d22e0f

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExW + 0x233 24

0x746d3943

C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll GetNVDisplayW + 0x1cf3 25

0x76d22e66

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExA + 0x26 26

0x74f249a8

C:\Windows\SysWOW64\kernel32.dll LoadLibraryA + 0x31 27

0x6900f281

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x3791 28

0x68f4da46

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_LoadLibrary + 0x76 29

0x6e4a207b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_lang_ClassLoader_00024NativeLibrary_load + 0x71 112 6:33:21.5557443 PM java.exe 1020 CreateFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll SUCCESS Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b4a0a

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0x24aa 2

0xfffff880013d02a3

C:\windows\system32\drivers\fltmgr.sys FltReadFile + 0xeb53 3

0xfffff800031802bb

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x2d2b 4

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 5

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 6

0xfffff8000317e6bc

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x112c 7

0xfffff800031677a8

C:\windows\system32\ntoskrnl.exe NtOpenFile + 0x58 8

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 9

0x771ec06a

C:\Windows\System32\ntdll.dll ZwOpenFile + 0xa 10

0x74a664df

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0x8977 11

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 12

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 13

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 14

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 15

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 16

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 17

0x7739fd86

C:\Windows\SysWOW64\ntdll.dll ZwOpenFile + 0x12 18

0x773c1cbc

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x35a 19

0x773be956

C:\Windows\SysWOW64\ntdll.dll wcspbrk + 0x30d 20

0x773fd39f

C:\Windows\SysWOW64\ntdll.dll RtlUlonglongByteSwap + 0x68f 21

0x76d22e0f

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExW + 0x233 22

0x746d3943

C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll GetNVDisplayW + 0x1cf3 23

0x76d22e66

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExA + 0x26 24

0x74f249a8

C:\Windows\SysWOW64\kernel32.dll LoadLibraryA + 0x31 25

0x6900f281

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x3791 26

0x68f4da46

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_LoadLibrary + 0x76 27

0x6e4a207b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_lang_ClassLoader_00024NativeLibrary_load + 0x71 112 6:33:21.5557936 PM java.exe 1020 CreateFileMapping C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll ACCESS DENIED SyncType: SyncTypeCreateSection, PageProtection: 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b19e2

C:\windows\system32\drivers\fltmgr.sys fltmgr.sys + 0x19e2 2

0xfffff80002e9bb53

C:\windows\system32\ntoskrnl.exe RtlSetBits + 0x323 3

0xfffff8000319f668

C:\windows\system32\ntoskrnl.exe FsRtlReleaseFile + 0x298 4

0xfffff8000317d9b9

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x429 5

0xfffff8000315843e

C:\windows\system32\ntoskrnl.exe NtCreateSection + 0x172 6

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 7

0x771ec1da

C:\Windows\System32\ntdll.dll ZwCreateSection + 0xa 8

0x74a6b3d1

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0xd869 9

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 10

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 11

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 12

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 13

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 14

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 15

0x7739ffc6

C:\Windows\SysWOW64\ntdll.dll ZwCreateSection + 0x12 16

0x773c1cdd

C:\Windows\SysWOW64\ntdll.dll RtlInitializeGenericTable + 0x37b 17

0x773be956

C:\Windows\SysWOW64\ntdll.dll wcspbrk + 0x30d 18

0x773fd39f

C:\Windows\SysWOW64\ntdll.dll RtlUlonglongByteSwap + 0x68f 19

0x76d22e0f

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExW + 0x233 20

0x746d3943

C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll GetNVDisplayW + 0x1cf3 21

0x76d22e66

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExA + 0x26 22

0x74f249a8

C:\Windows\SysWOW64\kernel32.dll LoadLibraryA + 0x31 23

0x6900f281

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x3791 24

0x68f4da46

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_LoadLibrary + 0x76 25

0x6e4a207b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_lang_ClassLoader_00024NativeLibrary_load + 0x71 112 6:33:21.6515550 PM java.exe 1020 CloseFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll SUCCESS 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b2fc7

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0xa67 2

0xfffff880013b16c7

C:\windows\system32\drivers\fltmgr.sys fltmgr.sys + 0x16c7 3

0xfffff800031897cf

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0xc23f 4

0xfffff8000317777e

C:\windows\system32\ntoskrnl.exe NtWaitForSingleObject + 0xf5e 5

0xfffff800031773ef

C:\windows\system32\ntoskrnl.exe NtWaitForSingleObject + 0xbcf 6

0xfffff80003177b14

C:\windows\system32\ntoskrnl.exe NtWaitForSingleObject + 0x12f4 7

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 8

0x771ebe2a

C:\Windows\System32\ntdll.dll ZwClose + 0xa 9

0x74a5f4d5

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0x196d 10

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 11

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 12

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 13

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 14

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 15

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 16

0x7739fa02

C:\Windows\SysWOW64\ntdll.dll NtClose + 0x12 17

0x773bed13

C:\Windows\SysWOW64\ntdll.dll LdrLoadDll + 0x219 18

0x773be956

C:\Windows\SysWOW64\ntdll.dll wcspbrk + 0x30d 19

0x773fd39f

C:\Windows\SysWOW64\ntdll.dll RtlUlonglongByteSwap + 0x68f 20

0x76d22e0f

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExW + 0x233 21

0x746d3943

C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvd3d9wrap.dll GetNVDisplayW + 0x1cf3 22

0x76d22e66

C:\Windows\SysWOW64\KernelBase.dll LoadLibraryExA + 0x26 23

0x74f249a8

C:\Windows\SysWOW64\kernel32.dll LoadLibraryA + 0x31 24

0x6900f281

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x3791 25

0x68f4da46

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_LoadLibrary + 0x76 26

0x6e4a207b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_lang_ClassLoader_00024NativeLibrary_load + 0x71 112 6:33:21.6518953 PM java.exe 1020 CreateFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll NAME NOT FOUND Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b4a0a

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0x24aa 2

0xfffff880013d02a3

C:\windows\system32\drivers\fltmgr.sys FltReadFile + 0xeb53 3

0xfffff800031802bb

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x2d2b 4

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 5

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 6

0xfffff8000317e6bc

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x112c 7

0xfffff80003189d34

C:\windows\system32\ntoskrnl.exe NtCreateFile + 0x78 8

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 9

0x771ec28a

C:\Windows\System32\ntdll.dll NtCreateFile + 0xa 10

0x74a6c1ff

C:\Windows\System32\wow64.dll Wow64EmulateAtlThunk + 0xe697 11

0x74a5d18f

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0xd7 12

0x749e2776

C:\Windows\System32\wow64cpu.dll TurboDispatchJumpAddressEnd + 0x2d 13

0x74a5d286

C:\Windows\System32\wow64.dll Wow64SystemServiceEx + 0x1ce 14

0x74a5c69e

C:\Windows\System32\wow64.dll Wow64LdrpInitialize + 0x42a 15

0x772098ec

C:\Windows\System32\ntdll.dll TpAlpcRegisterCompletionList + 0x790c 16

0x771ca36e

C:\Windows\System32\ntdll.dll LdrInitializeThunk + 0xe 17

0x773a00d6

C:\Windows\SysWOW64\ntdll.dll NtCreateFile + 0x12 18

0x76d2c76b

C:\Windows\SysWOW64\KernelBase.dll CreateFileW + 0x35e 19

0x74f23f46

C:\Windows\SysWOW64\kernel32.dll CreateFileW + 0x4a 20

0x74f2539c

C:\Windows\SysWOW64\kernel32.dll CreateFileA + 0x36 21

0x692b04a9

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x2a49b9 22

0x692b0a07

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x2a4f17 23

0x692a7eb4

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x29c3c4 24

0x6900f2da

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_FindSignal + 0x37ea 25

0x68f4da46

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\server\jvm.dll JVM_LoadLibrary + 0x76 26

0x6e4a207b

C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\java.dll Java_java_lang_ClassLoader_00024NativeLibrary_load + 0x71 7 6:33:22.6353397 PM Explorer.EXE 2720 QueryDirectory C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll NO SUCH FILE Filter: net.dll 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b2fc7

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0xa67 2

0xfffff880013b16c7

C:\windows\system32\drivers\fltmgr.sys fltmgr.sys + 0x16c7 3

0xfffff800031681ca

C:\windows\system32\ntoskrnl.exe NtQueryDirectoryFile + 0x1aa 4

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 5

0x771ec08a

C:\windows\SYSTEM32\ntdll.dll ZwQueryDirectoryFile + 0xa 6

0x7fefda993cb

C:\windows\system32\SHELL32.dll SHCLSIDFromString + 0x1b73 7

0x7fefda79ca7

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x195b 8

0x7fefda79a64

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x1718 9

0x7fefda798dc

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x1590 10

0x7fefda797f8

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x14ac 11

0x7fefeb4cf0f

C:\windows\system32\SHLWAPI.dll Ordinal317 + 0x7b 12

0x7fef1b5ff54

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64e44 13

0x7fef1b5fe37

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64d27 14

0x7fef1b5fbcd

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64abd 15

0x7fef1afbe48

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0xd38 16

0x7fefdaaee57

C:\windows\system32\SHELL32.dll Ordinal767 + 0x697 17

0x7fefdaaed97

C:\windows\system32\SHELL32.dll Ordinal767 + 0x5d7 18

0x7fefdab2a6a

C:\windows\system32\SHELL32.dll SHGetPropertyStoreForWindow + 0x15ae 19

0x7fefeb43907

C:\windows\system32\SHLWAPI.dll IUnknown_GetWindow + 0x687 20

0x771c004b

C:\windows\SYSTEM32\ntdll.dll TpCallbackMayRunLong + 0x22b 21

0x771bfc62

C:\windows\SYSTEM32\ntdll.dll RtlRealSuccessor + 0x422 22

0x76f959cd

C:\windows\system32\kernel32.dll BaseThreadInitThunk + 0xd 23

0x771ca561

C:\windows\SYSTEM32\ntdll.dll RtlUserThreadStart + 0x21 7 6:33:22.6355268 PM Explorer.EXE 2720 CreateFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll NAME NOT FOUND Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b4a0a

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0x24aa 2

0xfffff880013d02a3

C:\windows\system32\drivers\fltmgr.sys FltReadFile + 0xeb53 3

0xfffff800031802bb

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x2d2b 4

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 5

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 6

0xfffff8000317e6bc

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x112c 7

0xfffff80003189d34

C:\windows\system32\ntoskrnl.exe NtCreateFile + 0x78 8

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 9

0x74b99b87

C:\windows\System32\SYSFER.DLL SYSFER.DLL + 0x19b87 10

0x7fefd116296

C:\windows\system32\KERNELBASE.dll CreateFileW + 0x2b6 11

0x76f90d8d

C:\windows\system32\kernel32.dll CreateFileW + 0x7d 12

0x7fefdb14200

C:\windows\system32\SHELL32.dll Ordinal711 + 0x709c 13

0x7fefdb0b011

C:\windows\system32\SHELL32.dll SHCreateShellItem + 0x1c3d 14

0x7fefda79ca7

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x195b 15

0x7fefda79a64

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x1718 16

0x7fefda798dc

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x1590 17

0x7fefda797f8

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x14ac 18

0x7fefeb4cf0f

C:\windows\system32\SHLWAPI.dll Ordinal317 + 0x7b 19

0x7fef1b5ff54

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64e44 20

0x7fef1b5fe37

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64d27 21

0x7fef1b5fbcd

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64abd 22

0x7fef1afbe48

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0xd38 23

0x7fefdaaee57

C:\windows\system32\SHELL32.dll Ordinal767 + 0x697 24

0x7fefdaaed97

C:\windows\system32\SHELL32.dll Ordinal767 + 0x5d7 25

0x7fefdab2a6a

C:\windows\system32\SHELL32.dll SHGetPropertyStoreForWindow + 0x15ae 26

0x7fefeb43907

C:\windows\system32\SHLWAPI.dll IUnknown_GetWindow + 0x687 27

0x771c004b

C:\windows\SYSTEM32\ntdll.dll TpCallbackMayRunLong + 0x22b 28

0x771bfc62

C:\windows\SYSTEM32\ntdll.dll RtlRealSuccessor + 0x422 29

0x76f959cd

C:\windows\system32\kernel32.dll BaseThreadInitThunk + 0xd 30

0x771ca561

C:\windows\SYSTEM32\ntdll.dll RtlUserThreadStart + 0x21 7 6:33:22.6359394 PM Explorer.EXE 2720 QueryDirectory C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll NO SUCH FILE Filter: net.dll 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b2fc7

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0xa67 2

0xfffff880013b16c7

C:\windows\system32\drivers\fltmgr.sys fltmgr.sys + 0x16c7 3

0xfffff800031681ca

C:\windows\system32\ntoskrnl.exe NtQueryDirectoryFile + 0x1aa 4

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 5

0x771ec08a

C:\windows\SYSTEM32\ntdll.dll ZwQueryDirectoryFile + 0xa 6

0x7fefda993cb

C:\windows\system32\SHELL32.dll SHCLSIDFromString + 0x1b73 7

0x7fefda79ca7

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x195b 8

0x7fefda79a64

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x1718 9

0x7fefda798dc

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x1590 10

0x7fefda797f8

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x14ac 11

0x7fefeb4cf0f

C:\windows\system32\SHLWAPI.dll Ordinal317 + 0x7b 12

0x7fef1b5ff54

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64e44 13

0x7fef1b5fe37

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64d27 14

0x7fef1b5fbcd

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64abd 15

0x7fef1afbe48

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0xd38 16

0x7fefdaaee57

C:\windows\system32\SHELL32.dll Ordinal767 + 0x697 17

0x7fefdaaed97

C:\windows\system32\SHELL32.dll Ordinal767 + 0x5d7 18

0x7fefdab2a6a

C:\windows\system32\SHELL32.dll SHGetPropertyStoreForWindow + 0x15ae 19

0x7fefeb43907

C:\windows\system32\SHLWAPI.dll IUnknown_GetWindow + 0x687 20

0x771c004b

C:\windows\SYSTEM32\ntdll.dll TpCallbackMayRunLong + 0x22b 21

0x771bfc62

C:\windows\SYSTEM32\ntdll.dll RtlRealSuccessor + 0x422 22

0x76f959cd

C:\windows\system32\kernel32.dll BaseThreadInitThunk + 0xd 23

0x771ca561

C:\windows\SYSTEM32\ntdll.dll RtlUserThreadStart + 0x21 7 6:33:22.6361106 PM Explorer.EXE 2720 CreateFile C:\java-1.8.0-openjdk-1.8.0.151-1.b12.ojdkbuild.windows.x86\jre\bin\net.dll NAME NOT FOUND Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a 0

0xfffff880013b20f7

C:\windows\system32\drivers\fltmgr.sys FltAcquirePushLockShared + 0x5d7 1

0xfffff880013b4a0a

C:\windows\system32\drivers\fltmgr.sys FltIsCallbackDataDirty + 0x24aa 2

0xfffff880013d02a3

C:\windows\system32\drivers\fltmgr.sys FltReadFile + 0xeb53 3

0xfffff800031802bb

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x2d2b 4

0xfffff8000317bdde

C:\windows\system32\ntoskrnl.exe SeQueryInformationToken + 0xe3e 5

0xfffff8000317c8c6

C:\windows\system32\ntoskrnl.exe ObOpenObjectByName + 0x306 6

0xfffff8000317e6bc

C:\windows\system32\ntoskrnl.exe MmCreateSection + 0x112c 7

0xfffff80003189d34

C:\windows\system32\ntoskrnl.exe NtCreateFile + 0x78 8

0xfffff80002e7a093

C:\windows\system32\ntoskrnl.exe KeSynchronizeExecution + 0x3a23 9

0x74b99b87

C:\windows\System32\SYSFER.DLL SYSFER.DLL + 0x19b87 10

0x7fefd116296

C:\windows\system32\KERNELBASE.dll CreateFileW + 0x2b6 11

0x76f90d8d

C:\windows\system32\kernel32.dll CreateFileW + 0x7d 12

0x7fefdb14200

C:\windows\system32\SHELL32.dll Ordinal711 + 0x709c 13

0x7fefdb0b011

C:\windows\system32\SHELL32.dll SHCreateShellItem + 0x1c3d 14

0x7fefda79ca7

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x195b 15

0x7fefda79a64

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x1718 16

0x7fefda798dc

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x1590 17

0x7fefda797f8

C:\windows\system32\SHELL32.dll SHCreateShellItemArrayFromIDLists + 0x14ac 18

0x7fefeb4cf0f

C:\windows\system32\SHLWAPI.dll Ordinal317 + 0x7b 19

0x7fef1b5ff54

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64e44 20

0x7fef1b5fe37

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64d27 21

0x7fef1b5fbcd

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0x64abd 22

0x7fef1afbe48

C:\windows\system32\EXPLORERFRAME.dll DllCanUnloadNow + 0xd38 23

0x7fefdaaee57

C:\windows\system32\SHELL32.dll Ordinal767 + 0x697 24

0x7fefdaaed97

C:\windows\system32\SHELL32.dll Ordinal767 + 0x5d7 25

0x7fefdab2a6a

C:\windows\system32\SHELL32.dll SHGetPropertyStoreForWindow + 0x15ae 26

0x7fefeb43907

C:\windows\system32\SHLWAPI.dll IUnknown_GetWindow + 0x687 27

0x771c004b

C:\windows\SYSTEM32\ntdll.dll TpCallbackMayRunLong + 0x22b 28

0x771bfc62

C:\windows\SYSTEM32\ntdll.dll RtlRealSuccessor + 0x422 29

0x76f959cd

C:\windows\system32\kernel32.dll BaseThreadInitThunk + 0xd 30

0x771ca561

C:\windows\SYSTEM32\ntdll.dll RtlUserThreadStart + 0x21